Google+ seems to be continuing building steam and putting itself on the map as a contender, not merely an also-ran to the Facebook behemoth. Part of its strategy is to enforce the use of real names, not just the more common online pseudonym. The logic goes that this will reduce the likelihood that cybercriminals might
ResearchExpert content, for researchers by researchers
Since 2010 that is, following a law enacted in 2007 that requires all companies doing business in Massachusetts to inform consumers and state regulators about security breaches that might result in identity theft. Attorney General Martha Coakley’s office released the information, including a breakdown of the data. It seems her office received 1,166 data breach
I notice there's a flurry of articles around the "Stuxnet anniversary" and "After Stuxnet" themes...
...I didn't think I could let the recent flurry of publicity on Microsoft's disavowal of one of its Gold Partners because of their alleged implication in cold-calling scams...
The United States Attorney Office for the Southern District of New York received a flurry of attention in April, 2011 when they unsealed an indictment against the three largest Internet poker companies in the United States—Absolute Poker, Full Tilt Poker and PokerStars—for fraud, gambling and money laundering. Today, the USAO upped the ante with an
One of the recurring themes of the past few years in the UK is data lost by the public sector on USB drives, CDs and so on.
SSL isn't hopelessly broken, but the widespread use of TLS 1.0 means that SSL cannot be regarded as fully "secure"
Last week there was a report of a "health data breach" at Indiana University School of Medicine, hot on the heels of the "medical privacy breach" the week before at Stanford Hospital in Palo Alto, California. In the Stanford breach, a commercial website was found to contain data relating to 20,000 emergency room patients including
Recently, we’ve noted a steep rise in Android malware and predicted the rise in banking malware, now we see another example in the wild, this time SpyEye. Trusteer has a good rundown on it, saying “It seems that SpyEye distributors are catching up with the mobile market as they (finally) target the Android mobile platform.
Internet scams are not new, and some of the strategies they use are not unique to the Internet, but there is no doubt that the Internet can provide a multiplier effect for people intent on defrauding others. I discovered a "good" example of this when I started looking for a place to live in San
Róbert Lipovský and I put our heads together and posted a joint article to SC Magazine's Cybercrime Corner on "Dead Certs?"
Following the recent spree of data breaches at Sony, resulting in a bevy of class-action lawsuits, it has updated the Terms of Service to preclude future class action suits from being leveled. To be sure, Sony has had sleepless nights following the breaches, but they’d prefer not to deepen the stack of lawsuits if similar
With all the recent headlines about data breaches, should your organization hire a “thief to catch a thief?” That’s a question Kevin Mitnick, sitting near the top of the hacker hall-of-fame for famous hack sprees in decades past, has been contemplating. He’s not alone – many companies are wondering the same thing. There is a
ESET has discovered a new version of the Delphi infector, Win32/Induc. Unlike its predecessors, however, this variant incorporates a seriously malicious payload and has acquired some extra file infection and self-replicative functionality. Two years ago, we published comprehensive information (here , here, and here) about the virus Win32/Induc.A, which infected Delphi files at compile-time. Though
With fantastic teeny model helicopters sporting mini hacked Linux platforms that long to take over your wireless network and wreak havoc, or so recent headlines would suggest. Now, we’re big fans of innovation, and technology on the go, but these pseudo-drones (built on the cheap, for the under-budgeted aspirer of wireless world domination) lack the
What happens after you share data online, and others re-share it, etc.? As data becomes increasingly inter-connected, with multiple parties touching the same data, Internet users are starting to wonder: who DOES have access to their data? Are they acting in your best interest? And who should be checking to make sure they do? The
ESET's August ThreatSense report is now available on the Threat Center page.
As you might expect, I don't by any means agree that AV is a dead parrot, though I'm not going to claim that it detects everything (or anywhere near that) either.
...the latest crop of malicious web pages to go up includes hooks such as "Bin Laden alive", "in depth details about the terrorist attack", "police investigation results" and "towers going down",...
The authors of Win32/Qbot (a.k.a. Qakbot) are back with new variants of this infamous malware, and this time the binaries are digitally signed. Qbot is a multifunctional trojan that has had some significant impact in the past. It has also been around a while, with the first variants dating as far back as spring 2007,