Research

Expert content, for researchers by researchers

Research

Facebook/app data privacy – sharing gone wild

So you browse your favorite restaurant review site and settle on a great Mediterranean restaurant, and “magically” a variety of preferences get fed back to your Facebook profile, to be shared, re-shared and re-shared, ricocheting around the internet to form purportedly value-added experiences elsewhere you visit. That’s great news if you want your preferences bounced

Endpoint Security Webinar: Protecting your network at the sharp end

I have a theory that says improving information system security–the security of our operating systems, network connections, and applications–just means the bad guys will focus more attention on our endpoints, the digital devices we use to access the information and systems we need to do our work. Furthermore, as we improve endpoint security technology, the

ESET Research podcast round up

Here are some recently released podcasts by ESET Rearchers, addressing current topics such as the recent VeriSign hacks, the takedown of MegaUpload, and the problems with using good malware to catch the bad guys: 1. VeriSign, Credit Card Processor, Hacked Multiple Times 2. Mega Upload Website Shutdown by U.S. Department of Justice 3. Is The

Valentine's Day Scams: For the love of money

Scam artists and cybercriminals are looking to turn romance into profit now that Valentine's Day approaches, possibly taking over your computer in the process. According to ESET researchers in Latin America, we can expect the quest for love to be leveraged as an effective social engineering ploy to enable the bad guys to infect unsuspecting

Now you can be forced to decrypt your hard drive?

Awhile back we noted a case where Ramona Fricosu, a woman accused of involvement in a mortgage scam, was asked, following a law enforcement raid in which her laptop was seized, to decrypt data on the device for use as evidence, potentially incriminating her. She pleaded the 5th Amendment protection against self-incrimination and refused to

EU – data breaches to be reported within 24 hours

In an escalation of the tendency to require companies to be forthright with their users following a breach, a European Union proposed bill intended to overhaul a 17-year old law is making progress. This week EU will outline the overhaul to the existing rules, hoping to encourage more expedient communication efforts following a breach, in

Anonymous and the Megaupload Aftermath: Hacktivism or Just Plain Ugly?

Yesterday’s announcement by the US Department of Justice that the operators of file-sharing site Megaupload had been indicted for operating a criminal enterprise that generated over $175 million by trafficking in over half a billion dollars of pirated copyrighted material has sent shockwaves across the Internet. The accuracy of those figures may be questionable, but

Beware of SOPA Scams

Tomorrow, on January 18, 2012, dozens of popular websites covering a diverse range of subjects will be blacking out their home pages in protest of the U.S. Stop Online Piracy Act (SOPA).  Some of these websites are well-known, such as the English language web site for the encyclopedic Wikipedia and quirky news site Boing Boing,

Zappos.com breach – lessons learned

We read that Zappos.com was breached on Sunday, to the tune of 24+ million users’ worth of information. But it seems at first blush they responded well. Of course, a company would hope to never have a breach at all, but when it happened at Zappos.com, here are some of the things they appear to