Thunderstrike! How a radar‑proof rootkit could infect your Mac
A security researcher describes how malware could infect your Mac's boot ROM, and spy on your activities, with little chance of you ever realising.
Vulnerability
Two recently patched Adobe Flash vulnerabilities now used in Exploit Kits
Two Flash vulnerabilities that were fixed by Adobe 2 weeks ago are now being used in exploit kits. This is in addition to a third vulnerability, CVE-2014-0556, that was patched in September and that has also been added to Nuclear EK last week.
POODLE Attack – Google uncovers major flaw in SSL 3.0
In an announcement eerily reminiscent of the early phases of the Heartbleed flaw that took internet security by storm earlier in the year, Google has uncovered an exploit that could allow attackers to decode the plaintext traffic of a secure connection.
“I’ve been hacked, and now I’m pregnant!”
An embedded microchip that stops you from becoming pregnant? Would you trust it to protect itself properly from a hacker attack?
Grim warning for bounty hunters – Yahoo pays out paltry $12.50 per vulnerability
Finding vulnerabilities can be a profitable business - even if you work for the right side of the law. Last month, Facebook paid out $12,500 to a researcher for finding a bug - this month, Yahoo! paid out ... $12.50.
The Dynamic Duo for Securing your Android: Common Sense and Security Software
On Thursday, September 12, Duo Security, a young-but-respected vendor of two-factor authentication devices, announced the preliminary results of a study of over 20,000 Android devices from a two month old study they performed. Based on the results, they calculated that over half of Android devices on the market have security vulnerabilities that are, as yet,
CVE2012‑1889: MSXML use‑after‑free vulnerability
As soon as Microsoft had released patches for security bulletin MS12-037 (which patched 13 vulnerabilities for Internet Explorer) Google published information (Microsoft XML vulnerability under active exploitation) about a new zero-day vulnerability (CVE-2012-1889) in Microsoft XML Core Services. Sometimes vulnerabilities are discovered at a rate that outpaces the patching process and so a temporary fix
Free Anti‑virus: Worth Every Penny?
Why you really might prefer to pay for AV security. Free Fall or Free-for-All?
Vulnerable WordPress Leads to Security Blog Infection
Even visiting security-oriented websites can sometimes be risky. If you’ve visited the security blog zerosecurity.org this month and you’re also a user of ESET’s security products, you might have encountered an anti-virus alert such as this one: The detection names may vary. Different variants of the following “generic families” were detected on the compromised websites on
Endpoint Security Webinar: Protecting your network at the sharp end
I have a theory that says improving information system security–the security of our operating systems, network connections, and applications–just means the bad guys will focus more attention on our endpoints, the digital devices we use to access the information and systems we need to do our work. Furthermore, as we improve endpoint security technology, the
Great Expectations and the Grim Reaver
WPS, Reaver, and what you can expect from anti-virus by way of vulnerability scanning
Carberp + BlackHole = growing fraud incidents
This article examines the relationship between the Black Hole exploit kit and Win32/Carberp.
Much Ado About Facebook, Part II
Since yesterday’s Much Ado About Facebook post in the ESET Threat Blog, we have written additional articles, received a few comments, and also received updated information on the “threat,” so it seems that now is a good time for a follow-up article. Reports continue to come in of pornographic and violent imagery on Facebook, and
DoS Apache killer
Amidst a lack of fanfare this past weekend on a mailing list, a memory exhaustion hack popped up for the Apache webserver that may result in a Denial-of-Service (DoS) style attack. Since the Apache application serves up north of 65% of the websites on the internet, a plausible attack becomes quite an issue, especially if
Facebook Facial Recognition – A picture is worth a thousand words
Facebook recently launched a facial recognition feature that allows you and others to “tag” photos with your name. As has been the norm for Facebook, this “feature” is turned on by default and users must take their own initiative to limit, or turn it off. The implications are wide-ranging, so if you or anyone in
MS10‑092 and Stuxnet
...among the 17 security bulletins just released by Microsoft on Patch Tuesday, MS10-092 addresses the Task Scheduler vulnerability prominently exploited by Win32/Stuxnet...
Facebook Competitor Faces Criticism – Is Diaspora DOA?
Really – should any Alpha version be fed through a chipper-shredder like Diaspora has? The basics are simple: The basic premise behind Diaspora is that it will allow users to have social networking functionality similar to that offered by Facebook, but with far greater control over personal data. Diaspora was born earlier this year largely
Java: Worse than Adobe and Microsoft for vulnerabilities?
Brian Krebs thinks so: Java is now among the most frequently-attacked programs, and appears to be fast replacing Adobe as the target of choice for automated exploit tools used by criminals. Of the systems which I personally administrate as the ‘Chief Family Technology Officer’, the Java updates constantly annoy and confuse my mom who uses
Operation Cyber ShockWave
While serving in the Marine Corps, one activity that I felt was effective in preparing both myself and my unit to be able to handle real-world scenarios, was getting as much experience as possible from military training exercises. In most cases multiple branches worked together or, as in the case with NATO exercises, multiple countries
Adobe, Javascript, and the CVE‑2009‑4324 Exploit
There has been quite a lot of traffic in the last few weeks about the doc.media.newPlayer vulnerability referenced in the CVE database as CVE-2009-4324. The following Adobe articles refer: http://www.adobe.com/support/security/advisories/apsa09-07.html http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html http://blogs.adobe.com/psirt/2009/12/security_advisory_apsa09-07_up.html Today’s article at the Internet Storm Center by Bojan Zdrnja (http://isc.sans.org/diary.html?storyid=7867) gives a lot of detail on a particularly inventive exploit of the