SSL: Threatened by a BEAST of Prey
SSL isn't hopelessly broken, but the widespread use of TLS 1.0 means that SSL cannot be regarded as fully "secure"
Research
Expert content, for researchers by researchersResearch
The Good News About Security and Privacy Breaches: An Opportunity to Learn
Last week there was a report of a "health data breach" at Indiana University School of Medicine, hot on the heels of the "medical privacy breach" the week before at Stanford Hospital in Palo Alto, California. In the Stanford breach, a commercial website was found to contain data relating to 20,000 emergency room patients including
Android banking malware in the wild
Recently, we’ve noted a steep rise in Android malware and predicted the rise in banking malware, now we see another example in the wild, this time SpyEye. Trusteer has a good rundown on it, saying “It seems that SpyEye distributors are catching up with the mobile market as they (finally) target the Android mobile platform.
The Online Apartment Rental Scam, Fully Furnished With Multiplier Effect
Internet scams are not new, and some of the strategies they use are not unique to the Internet, but there is no doubt that the Internet can provide a multiplier effect for people intent on defrauding others. I discovered a "good" example of this when I started looking for a place to live in San
The Dirt on Certs
Róbert Lipovský and I put our heads together and posted a joint article to SC Magazine's Cybercrime Corner on "Dead Certs?"
Sony new Terms of Service – you can’t file a class action suit
Following the recent spree of data breaches at Sony, resulting in a bevy of class-action lawsuits, it has updated the Terms of Service to preclude future class action suits from being leveled. To be sure, Sony has had sleepless nights following the breaches, but they’d prefer not to deepen the stack of lawsuits if similar
Should you hire a hacker to prevent data breaches?
With all the recent headlines about data breaches, should your organization hire a “thief to catch a thief?” That’s a question Kevin Mitnick, sitting near the top of the hacker hall-of-fame for famous hack sprees in decades past, has been contemplating. He’s not alone – many companies are wondering the same thing. There is a
The Induc Virus is back!
ESET has discovered a new version of the Delphi infector, Win32/Induc. Unlike its predecessors, however, this variant incorporates a seriously malicious payload and has acquired some extra file infection and self-replicative functionality. Two years ago, we published comprehensive information (here , here, and here) about the virus Win32/Induc.A, which infected Delphi files at compile-time. Though
The drones are here for your wireless
With fantastic teeny model helicopters sporting mini hacked Linux platforms that long to take over your wireless network and wreak havoc, or so recent headlines would suggest. Now, we’re big fans of innovation, and technology on the go, but these pseudo-drones (built on the cheap, for the under-budgeted aspirer of wireless world domination) lack the
Who’s responsible for your online data?
What happens after you share data online, and others re-share it, etc.? As data becomes increasingly inter-connected, with multiple parties touching the same data, Internet users are starting to wonder: who DOES have access to their data? Are they acting in your best interest? And who should be checking to make sure they do? The
August ThreatSense Report
ESET's August ThreatSense report is now available on the Threat Center page.
RIP Anti-Virus (Again)
As you might expect, I don't by any means agree that AV is a dead parrot, though I'm not going to claim that it detects everything (or anywhere near that) either.
9/11: More Scams Upcoming
...the latest crop of malicious web pages to go up includes hooks such as "Bin Laden alive", "in depth details about the terrorist attack", "police investigation results" and "towers going down",...
Back to School Qbot, now Digitally Signed
The authors of Win32/Qbot (a.k.a. Qakbot) are back with new variants of this infamous malware, and this time the binaries are digitally signed. Qbot is a multifunctional trojan that has had some significant impact in the past. It has also been around a while, with the first variants dating as far back as spring 2007,
California data breach law – notification required over 500 consumers affected
According to a tweet from World Privacy Forum, California state governor just signed an update to a data breach notification law that would require organizations to submit a sample of the breach notification sent to customers also to the Attorney General, to ensure what’s being sent out, and that it’s sent out in a timely
Facebook bug bounty payout tops $40K
Facebook recently rolled out a program we thought was a good step, bounties paid to hackers to find and report bugs, rather than exploit them. So far that payout has totaled around $40,000, no small sum for the aspiring hackers, and probably a boon for Facebook’s efforts to proactively fix security issues before a potential
Responsible Disclosure and Fish Pedicure
Some of my favourite blog comments of the week: I’m surprised just how so many fish pedicure spas have sprung up in the uk without looking fully at the possible health risks to clients, or insuring against them. Yes, I've often thought the same thing, especially in the context of disclosure ethics and the issue
Android financial transactions on the rise – watch for malware
Awhile back we mused that the rapid rise in Android malware would hit its stride near the intersection of widespread mobile financial transaction use, and the continuing steep rise in adoption of the platform. Now we see AT&T, T-Mobile and Verizon entering a joint venture to back a payment service for, guess what: Mobile financial
Win32/Delf.QCZ : Additional details
At the beginning of this month, my colleague Robert Lipovsky posted an article on a new threat called Win32/Delf.QCZ, also known as Trojan.Badlib or Trojan.Win32.Miner.h. This threat caught the attention of others and additional information has since been added by fellow researchers on the blogs of Kaspersky and Symantec as well as on the H-Online
Irene – is that you (or a fake)?
So you get a Twitter tweet or Facebook notification from what “seems to be” a friend saying they have the latest information in the development of Hurricane Irene, if you just “click here.” When you do, you find that your “friend” might really be computer script from a distant land directing you to a fake