Search results for: "game"

BBC Click: Net scams and jobseekers

You may have gathered from some of the blogs published here last year that i'm not biggest fan of the BBC's "Click" programme. I regard the Beeb's forays into buying botnets and stolen credit card details and making active use of them as at best naive. I agree that people need to be aware of such issues,

Que Sera Sera – A Buffet of Predictions for 2010

I was recently asked to share some predictions about what 2010 will bring in the security space. I asked some colleagues from ESET Research to share their thoughts as well -Randy Randy Abrams Director of Technical Education Social Engineering attacks will continue to grow in prevalence. As operating systems and eventually applications become more secure,

Paedophilia and the “Trojan Defence”

This is a follow-up of sorts to Jeff Debrosse’s thoughtful post recently on the problem of possible conviction for the possession of illegal paedophiliac material of individuals who had no knowledge of its presence. More recently, a tweet by Bob McMillan drew my attention to an article by Geoff Liesik on “Authorities scoff at ‘child porn

ThreatSense.Net: Fear and Loathing in the UK

I was asked about malware infection in the UK (especially with reference to Conficker), and(a) if the situation is really as bad as we, the AV vendors make out, and what the real infection rate is; and (b) whether government and ISPs etc could do more to help. You can now find a link here

Tamper‑Proof Anti‑Malware

As I already mentioned briefly in a blog about our October Threat Trends Report, researchers Christopher and Samir came up with an interesting idea at the First International Workshop on Aggressive Alternative Computing and Security, held under the auspices of ESIEA Laval (École Supérieure d’Informatique, Electronique et Automatique). They took a handful of scanners (including NOD32),

Shortage of CyberCops

The Wall Street Journal recently ran an interesting article at http://online.wsj.com/article/SB125487044221969127.html. Of note, was a quote from Los Angeles District Attorney Steve Cooley who said “These days, "practically every crime, from drug dealing to murder, involves digital evidence" .From the invention of the knife, to the gun, to the telephone and car, criminals have always

CFET paper added to White Papers Page

We’ve just added my paper “The Game of the Name: Malware Naming, Shape Shifters and Sympathetic Magic” to the White Papers page. This paper follows up on “A Dose By Any Other Name“, which Pierre-Marc and I presented at Virus Bulletin last year and goes some way towards explaining (I hope…) why sample glut and proactive

Pack up your troubles….

Somewhere back in the Dark Ages, I wrote some articles for Computer Weekly in the UK, as part of a series of articles called Security Zone. This is a regular series where the contributors are all members of (ISC)2, the International Information Systems Security Certification Consortium*. Some of those articles are accessible from the Computer

Fan Check: Fretting about Facebook

Update: Lysa Myers, of West Coast Labs, has confirmed that she knows of a number of people who’ve used the application and didn’t see anything fishy happening. It did offer to send emails outside Facebook but didn’t insist on it, so it’s hard to see where the messages from unapproved contacts are coming from. I’ll

Web Searches and Dangerous Ladies

I feel like the learned judge in the ’60s who asked, in the course of a trial, “What is a Beatle?” since until recently I couldn’t have given you an accurate answer to the question “What is a Jessica Biel?” In fact, I’d probably have said something like “”Wasn’t she in Flashdance?” (The answer is

Bredolab meets Best of Breed

ESET in Bratislava have just issued a press release concerning Win32/TrojanDownloader.Bredolab.AA, which made the top ten threat listing in our June ThreatSense.Net® report, as mentioned here. While press releases aren’t always our biggest priority on the ThreatBlog, this is certainly a research issue, and one in which many people have expressed an interest. The lab tells

Waledac: after the fireworks

I’d like to thank the City of San Diego for welcoming me with a firework display last night. It was just what I needed after 22 hours in planes and airports. :-) Maybe just a little quieter next time? (London did much the same thing to me with its Millennium celebration.) It did look pretty

Xbox: Integrating Social Networks

Just a few short days ago I read the announcement that Microsoft announced a new relationship with the social networking services Twitter and Facebook. The relationship was created to enable users of Xbox Live to access their profiles and post photos to their Facebook accounts and allow Twitter users to post and read messages –

Mac Musings

I haven’t commented on the recent flurry of interest in the Mac botnet issue, having already mentioned it a few weeks ago here. It’s not as though anyone has shown much interest in the technical aspects, such as the interesting use of the Authorization Services APIs to trick the victim into authorizing installation. Just one of

Conficker: rising and shining…

So now for a little more tech detail on Win32/Conficker.AQ (kindly supplied by Juraj Malcho at our labs in Europe – however, if I get anything wrong, that will almost  certainly be down to my faulty interpretation!) The new variant has two main components. The server component is an .EXE that infects vulnerable PC’s in

Who is the April Fool?

I kept telling everyone to worry about being secure, not about Conficker. Some people listen, some don’t. So what happened over about the past 24 hours? According to ESET’s ThreatSense.Net, by about 2 PM GMT on April 1st, of the top 20 threats encountered by our users in the past 24 hours, four out of

Chinese Whispers: Targeted Malware and E‑Espionage

I’ve mentioned here before that targeted malware, often delivered by “spear phishing” carried by apparently “harmless” documents such as PDFs, .DOCs and spreadsheets rather than overt programs, can have much more impact than the raw numbers of such attacks suggest. In fact, some sources now use the term “whaling” rather than “spear phishing” to reflect the

PSST! It’s PFTS!

PSST! Anyone remember the Telephone party game, also known by various politically incorrect names like Chinese Whispers and Russian Scandal? A series of reports like this and this illustrate a textbook example of how rumour and misunderstanding (some of it probably wilful) can transform a story into something very different to its original form. According

Threat Trends In January

Here at ESET we have just released our Global ThreatTrends report for January 2009. Not surprisingly, at the top of the list is a family of programs that exploit Microsoft’s longest unpatched vulnerability. That’s right, Autorun.inf, is an evil “feature” that should have been patched out of existence a long time ago. Since it is

Conficker Statistics

I just did some work on a report that quotes some of the various statistics – or do I mean guesstimates? – regarding how many machines were likely to have been infected by Conficker. That report has already gone out, but it’s been pointed out to me that the wording makes it sound like we’re