News that the FBI has arrested the Florida man they suspect of criminally hacking into devices belonging to celebrities such as Scarlett Johansson and Christina Aguilera is welcome, definitely a win for law enforcement and society at large. But the good news comes with a warning. The technique used by the alleged perpetrator was to
ResearchExpert content, for researchers by researchers
...I've been seeing quite a few scrawny, toothless piranha mailed from email addresses that are often spoofed but invariably dubious like google.phishing.team@a_latvian_mail_provider.com...
ESET had quite a strong representation at Virus Bulletin this year in Barcelona, as David Harley mentioned in his post prior to the conference. On the first day, Pierre-Marc Bureau presented his findings about the Kelihos botnet, David Harley and AVG’s Larry Bridwell discussed the usefulness and present state of AV testing, and to finish
...this isn't lawful interception, and it's not surprising that the AV industry has seen no reason to avoid detecting it...
On Saturday, another controversial report of a “government trojan” appeared. This time it is the German government that has been accused by the European hacker club Chaos Computer Club (CCC) of using “lawful interception” malware. Hence, “Bundestrojaner” (Federal Trojan), though that name is normally applied to the legal concept that allows German police to make
In Europe, a user can make a request to an online company for all personal data they may have stored about them. One user did just that, and found 880 PAGES of data stored about him by Facebook! Other users listed on the Europe vs. Facebook website had even more. They include the usual data
October is National Cybersecurity Awareness Month in America, which you probably know by now, what with President Obama's announcement and a whole host of related coverage from the Department of Homeland Security and other interested parties. Of course, one of the main messages of Cybersecurity Awareness Month is that we are all interested parties. When
“Operation Swiper” just busted the largest theft ring of its type in U.S. history. The $13 million dollar crime ring was exposed after a 2 year investigation by the New York City Police, primarily centering around selling Apple electronics overseas, according to Reuters. New York City Police Raymond Kelly said at a press conference “The
A new conference paper, two conference presentations, and an article for SC Magazine.
One of the blessings of Open Source initiatives is the rapidity with which coders can release quality collaborative code. This is one of the ways the Android managed to claw its way into the smartphone mainstream, after arriving late to the game. But as the app ecosystem matures, vulnerability/patch management becomes more of an issue,
There’s a new batch of malware making the rounds, this time directed at spreading banking malware through childrens’ games. Though it’s hard to imagine, the scammers are taking advantage of the naivete of kids, who may not be as skilled at detecting scams as their more seasoned parents. According to an article in Softpedia, the
ESET would like to extend our sincere sympathies to the friends, family and colleagues of Steve Jobs. Steve was a true visionary, without whom the world of computing would be very different. If you have never seen Steve's Stanford University Commencement Address, you should, it's truly inspirational. The third point he makes is that we
Citing weaknesses in security controls at 24 major agencies, a new report by the U.S. Government Accountability Office (GAO) charts the stellar rise in incidents, and tries to highlight what went wrong. Just today my colleague Stephen Cobb also posted a government-related incident in the health care sector. The timeframe of the study, starting in
Most people would agree that personal information, particularly health information, especially that pertaining to the brave men and women who serve in our armed forces, should be treated with care and protected from prying eyes at all times. But what should happen if this information is compromised? Surely we should do whatever we can to make sure no harm
On the heels of the arrest of Cory Kretsinger, aka “Recursion”, for one of the Sony data breaches, following an FBI request for traffic records from his VPN provider, users wonder whether anonymizing service providers really are all that anonymous. Using a VPN to connect securely out of reach of prying eyes, is a common
Facebook's latest round of changes has prompted privacy concerns in many circles, including Capitol Hill. As reported by Byron Acohido in USA TODAY, numerous consumer groups have joined with several members of congress to call on the Federal Trade Commission–the FTC–to investigate "new sharing mechanisms designed to accelerate the collection and dispersal of information about
Virus Bulletin's annual conference is really one of the highlights of the year for the research community
...the finding that 52% of respondents felt that increased use by their employees of social media had resulted in an increase in attacks from malware seems to me both interesting and significant...
Actually $26, according to a study conducted by Argonne National Laboratory in Illinois, which was able to hack a Diebold voting machine with “about $26 and an 8th-grade science education.” In light of the rapidly approaching 2012 U.S. Presidential Election, it seems there may be a need to give serious attention to securing our election
You may have noticed a lot of excitement about Facebook's latest attempts to prune your privacy, and you'll probably see more commentary on this blog. Here's something a little different: a good old-fashioned chainletter that seems to be flourishing despite all its logical flaws. The story is at SC Magazine's Cybercrime Corner, to which I