Research

Win32/Delf.QCZ:Trust Me, I’m Your Anti‑Virus

  Among the many different trojans that spread on Facebook, something popped up recently that caught our particular attention. The threat, detected by ESET as Win32/Delf.QCZ, is interesting for several reasons. Distribution First, let’s look at the distribution vector. Win32/Delf.QCZ relies on the old “fake codec/media player trick” and links to the malware-laden site are

Fix cybersecurity: Rent a cyber‑mercenary?

Citing the days of yore, when firms hired private security to protect their interests, General Michael Hayden, One of the architects of US foreign policy under George W. Bush, floats the idea of a sort of digital version of the oft-illustrious Blackwater firm (since renamed Xe); a modern day cyber rent-a-mercenary program for governments. He

Shady Business

We (AVIEN) devoted quite a lot of space to one Chinese operation, the NCPH group, in the “AVIEN Malware Defense Guide for the Enterprise”

Win32/PSW.OnlineGames.OUM : Part 2 – Data stealing

Win32/PSW.OnlineGames.OUM is a malware that aims to steal credentials for online games. It targets popular titles such as World of Warcraft, Star Wars Galaxy, Lineage 2 or Guild Wars. Active since 2006, it is amongst the most detected threats by ESET, taking the 7th position between January and April 2011. In our previous blog post,

Win32/PSW.OnlineGames.OUM – Part 1 : The update process

Win32/PSW.OnlineGames.OUM is a malware that aims to steal credentials for online games. It targets popular game titles such as World of Warcraft, Star Wars Galaxy, Lineage 2 or Guild Wars. Active since 2006. This malicious software is amongst the most detected threats by ESET, taking the 7th position of the Top 10 most detected threats

Online piracy: Fight it like REAL pirates?

Fighting modern day piracy is something of a paradox; in an open system that allows freedom (good), scoundrels are also free to skulk around doing nasty things (bad). Various efforts have been made to pounce on evildoers, but it’s a game of whack-a-mole. When one has been thwarted, others pop up as variations on the

Where there’s smoke, there’s FireWire

Forensic software developer PassWare announced a new version of its eponymous software forensics kit on Tuesday. Already several news sources are writing about how the program can automatically obtain the login password from a locked or sleeping Mac simply by plugging in a USB flash drive containing their software and connecting it to another computer

Stuxnet and the DHS

In fact, the real interest of the document lies in the extensive overview (12 closely-typed pages without graphics and such) of the DHS view of its own cybersecurity mission.

Data breach insurance: Is it worth it?

So you bought insurance against a data breach. With all the potential loopholes and variables, is it worth the cost for the coverage required to handle a real-world scenario? That’s a tender subject these days at Sony. In light of their recent breaches, soaring near an estimated $180 million, it seems their insurance provider, Zurich

50 ways to hack a website

Well, really there are far more, but the latest study from Imperva of 10 million attacks against 30 large organizations from January to May of 2011 cites a cocktail of techniques used by would-be hackers to spot the weaknesses and exploit them. For those of us who’ve tailed a log file spinning out of control

Come along, little doggy, come along

The most common malware technique for avoiding detection is to create loads of “fresh” variants. Actually, the component that changes so frequently is the packer – the outer layer of the malware, used by malware authors to encrypt the malware and make it harder to detect – whilst the functionality of the malicious code inside

Stuxnet: Broke Iranian nuclear centrifuges?

Or so the latest report from DEBKAfile states, claiming the Stuxnet worm broke numerous Iranian centrifuges by forcing them to overspeed, causing damage and prompting the replacement of some 5,000-6,000 units. They cite “intelligence sources” as the source of information. Whether or not this will be confirmed, it seems malware authors clearly are targeting political

Android apps: slow data leak?

With the proliferation of the data we hold on our mobile devices, it’s no wonder Neil Daswani, CTO of Dasient, says around 8% of the apps they tested have been leaking data. In a similar vein, he states, “The number of malware samples on mobile devices has doubled in the past two years.” Google tends

‘Anonymous’ NATO data breach?

2 days ago, the FBI announced a series of raids resulting in arrests of alleged members of the hacking group ‘Anonymous’. Hoping to deal a critical blow to the organization, they swept up more than a few potential members, and a tidy stash of computers to boot. So we’re done with ‘Anonymous’, right? Today, we

Rental laptops: We can SEE you

Finally scraped up enough money to rent a laptop? Turns out the rental company may be getting a little more of your information than you thought. Seems they have the ability to secretly turn on the webcam and take a look around, especially if they suspect shenanigans on your part, like maybe not returning their

FBI rounding up suspected ‘Anonymous’ group members

As of 1:20 EST today, The Atlantic Wire reports an FBI official has stated there have been raids and arrests of multiple individuals at multiple locations nationwide. Later reports from CBS/AP pegged the arrest number at 14, and report “FBI agents conducted raids at four New York residences as well as locations in California, New