It seems a little strange to have the words "Facebook" and "privacy" in the same sentence in one of my blogs, yet it seems that Facebook CTO Bret Taylor testified at a Senate Commerce Committee hearing on mobile phone and internet privacy. But it turns out the story is about rather more than privacy: it's
ResearchExpert content, for researchers by researchers
Greetings Dear Reader, We have published guidance material previously on passwords and passphrases, some are blogs and some are lengthier depending on your liking (link & link). Even still it is always good practice to reinforce sensible password techniques. For this blog, I plan on sharing an analogous self-ritual, and one that relies on a
It's been a busy few weeks. Last week I was in Krems, Austria for the EICAR conference. The week before, I was in Prague for the CARO workshop (where my colleagues Robert Lipovsky, Alexandr Matrosov and Dmitry Volkov did a great presentation on "Cybercrime in Russia: Trends and issues" – more information on that shortly),
In life one cannot reload a particular scene; however, in gaming one certainly can. This is an unfortunate time for Sony PlayStation and customers due to the recent breach. Anecdotal reports are now coming in that Sony PlayStation who opened up their gaming ecosystem recently has now potentially fallen to a password reset hack. This
Well, the EICAR conference earlier this month was in Krems, in Austria, where I hear that they're not averse to the occasional brandy, but I was actually perfectly sober when I delivered my paper on Security Software & Rogue Economics: New Technology or New Marketing? (The full abstract is available at the same URL.) To conform with EICAR's
There are reports coming out today about Google Android and how approximately 99.7% of its users are potentially open to compromise. This news cycle started by the Ulm University publishing some information on the 13th of May showing some results. I'm sure this story will develop and CTAC may follow-up to my blog with more details;
I'm a little late on this since I've been out of office for a few days, and only just picked up the relevant email. However, the Securing Our eCity Cybersecurity Symposium and IT Exec awards event is, I gather, happening right now and being tweeted live with the hashtag #SOEC . More information on the event
Another day, another Facejack attack. We see a lot of these sorts of scams, alluringly titled posts – typically with a promise to show you who has been visiting your profile (or infamously, video of Osama Bin Laden's death) – that try to get you to click to see some special content. The latest one
...35% of iPhone/Android users in the US interact with their smartphones before they get out of bed...
An article came out yesterday from Clement Genzmer who is a security engineer at Facebook. His tagline is "searching and destroying malicious links". Those of us in the business of digital security and safety can certainly identify with that, especially the part where we aim to identify the criminals and work with law enforcement to
I received an email from Comcast (my ISP) announcing their “Constant Guard™ Security Service”. Basically, if Comcast thinks a customer is infected with a bot they will email the customer and offer to help clean up the computer. The Constant Guard service claims to do a lot more too, but Comcast is quite ambiguous about
...I would suggest that you take any statement like "Grottyscan AntiVirus is best because it detects 200 million viruses" with a pinch of salt. Actually, a whole salt mine...
Our colleagues Aleksandr Matrosov and Eugene Rodionov are tracking the evolution of TDL4 (also known as Win32/Olmarik). The following is a report on the latest TDL4 update, released last week. In our previous blog post, we described how the latest Microsoft Security Update modified the Windows OS loader (winloader.exe) to fix a vulnerability that allowed
...AMTSO's members have approved a document that offers guidelines to vendors on ways in which they can make it easier to test products accurately....
For those of you who have just been itching to test drive the beta of ESET Smart Security version 5 or ESET NOD32 version 5 the beta is now available. Just head over to www.eset.com/beta and I am sure you can find it. As always, remember that this is beta code and use on production
CIPAV, the "Computer and Internet Protocol Address Verifier" spyware apparently used by the FBI to monitor activity on the computers of suspects, may not seem the hottest news item around: in fact, my friend and former colleague Craig Johnston and I put together a paper – Please Police Me – on the issues involved with policeware versus
April? Haven't we moved on from there? Well, yes, but ESET's ThreatSense report for April does include, apart from some information on the top ten threats for the month, a feature article by Urban Schrott on the far-from-dead 419 scam, some information on recent and upcoming events such as the AMTSO workshop (which I've just attended: much more information on
The death of Osama bin Laden has gone viral, with blogs, social media and search engines pumping terabytes of rumor, innuendo and conspiracy theories at the speed of light, along with the occasional kilobyte of truth. As the number of people searching for pictures and videos of bin Laden’s execution has skyrocketed, the criminal syndicates
[NOTE: As we were publishing this articl, our Latin American office discovered another Black Hat SEO campaign incorporating promises of Osama bin Laden videos on Facebook. Click here to view their article in Spanish. We will follow up on this shortly. AG] The malware phenomenon started by the announcement of Osama Bin Laden’s death continues