Changing the passwords on your online accounts might not sound like a fun weekend activity, but that’s what I did last weekend. Why? Because on Sunday I found out that one of my email addresses was in the list of Yahoo! logins whose passwords were exposed by sloppy handling of a credential file (an incident
ResearchExpert content, for researchers by researchers
Changes in the threatscape as regards exploitation of 64-bit systems, exemplified by the latest modifications to the Rovnix bootkit.
If a service leaks your credentials, your options are limited, but changing all your passwords to something harder to guess/break is never a bad idea.
There are always people who want to piggy-back on the achievements of others. After ESET warned the public against ACAD/Medre.A in two blogs here and here and issued a free standalone cleaner for remediation, there was always the possibility that drawing attention to the issue would result in the topic being misused for other purposes.
Are you one of the 50 million users of Instagram, the photo-sharing service bought by Facebook in April for $1 billion? If so you need to look out for an Instagram update to fix a vulnerability that has just been published by Spanish security researcher Sebastián Guerrero. This vulnerability, which Guerrero has dubbed the "Friendship
The Java exploit for CVE-2012-1723 is already included in the latest update of the BlackHole exploit kit.
Small businesses have their hands full these days in light of a down economy, tightening budgets and the steepening pace of business, but with nation-state hacks front and center in the threatscape, should you worry about those too, or are you (and your customers) safe? Nation-state hacks bring to mind images of large defense contractors,
First the panic, then the accusations of hype. Can we really estimate the impact of DNSchanger yet?
Some brief answers to questions about the server shutdown that will affect tens/hundreds of thousands of DNSChanger victims on 9th July.
Evidence that criminals are targeting the computer systems of small businesses continues to mount. The Wall Street Journal recently drew attention to the way cybercriminals are sniffing out vulnerable firms. The article highlighted the fact that about 72% of the 855 data breaches world-wide last year that were analyzed in Verizon's Data Breach Investigation Report
More cold-call/support scam information.
It’s here, folks! If the replaced DNSChanger servers don’t get another deadline extension, more than 500,000* computers may not be able to reach their configured DNS service after next Monday, July 9, 2012. In other words, it will be practically impossible for the users of those computers to surf the Internet using human friendly domain
Carberp is a unique case, with all the guys who organized really big botnets and made big profits (millions of US dollars) being arrested.
David Harley describes a support scam that uses a slightly different twist, misrepresenting the output from Windows Task Manager.
We have been following the development of the Win32/Gataka banking Trojan for several months and can now share some details of its operation which includes facilitating fraudulent bank transfers. This first post will highlight some of its key features, while the second will detail several interesting, more technical aspects of this malware. This banking Trojan
Why the ZeroAccess rootkit family modifications are important to the end user.
Following the flurry of press coverage surrounding the proposed next generation of driverless cars, privacy groups are asking questions about what will happen to the data the cars (necessarily) collect, which – in the wrong hands – might prove tempting for abuse. Other car manufacturers plan on rolling out real-time data streams of information about
New versions of the Zeroaccess bootkit demonstrate alternative approaches to distribution and to bootkit infection on 32- and 64-bit Windows.
Does the enterprise still have a choice about sharing information?
For the story behind the suspected industrial espionage, where ACAD/Medre.A was used, refer to Righard Zwienenberg's blog post. For technical details from analysing the worm's source code, read on. ACAD/Medre.A is a worm written in AutoLISP, a dialect of the LISP programming language used in AutoCAD. Whilst we classify it as a worm, due to