This is an impressive looking certificate isn’t it? You might think it means something significant, but then you might be wrong. How hard is it to pass the Internet and Child Safety Advocate certification test? Ask Hanna, a 9 year old (10 this weekend) girl who I met with her father at a local coffee
In an effort to deal with the security woes of .com websites, the U.S. Government has a solution: build a new “internet” around .secure instead. The problem? Apparently, people have too much freedom on the .com’s, allowing cyber-dirtbags to skulk around anonymously. This would aim to cure all that by requiring “visitors to use certified
With Facebook's launch of video chat powered by Skype underway and enabling a new level of communication on its platform, we take a look at permission settings and privacy options.
So who's to blame? First and foremost, the victimizers. Well, persistent victims, yes. And anyone in the security industry who pushes the TOAST principle, the idea that all you have to do is buy Brand X and you never have to take responsibility for your own security. Though, of course, "who's to blame?" is the wrong question: what matters is "how do we fix it?"
Cameron Camp just blogged about the announcement that Google is going to delete all private profiles at the end of July. This really wouldn’t be a big issue if it wasn’t for the fact that Google is as two faced as you get on privacy and has a history of neglecting user privacy, such as
Here's something I noticed today on the ESET Facebook page at http://www.facebook.com/esetsoftware. (There is, of course, also an ESET North America page at http://www.facebook.com/esetusa, but this is the European page. There are lots of local ESET pages too, too many to list here.) As Facebook continues to attract more pages and videos containing malware, we
Google, in an effort to get more squarely into the center of the social networking scene, is implementing a system where private profiles you may have created in Gmail will become public after July 31, or you risk account deletion. While the information on the profile that is made public will be limited initially, the
It’s no secret that spam/botnets are big business. There are a multitude of variations on a familiar theme, but after they trick unwitting users, what happens to the money? University of California wondered the same thing. In their recent report, “Click Trajectories: End-to-End Analysis of the Spam Value Chain” they analyze where the money goes,
It's something of a truism, that 'old viruses never die', and that certainly seems to be the case for some of the older, more widespread, email worms.
In a new twist on a familiar theme, legislation is being proposed to allow a court order to require providers to “shut off” websites deemed to be “dedicated to infringing activities.” This would allow websites to be shut down immediately, without any final court judgment of wrongdoing, or site owner notification. If the “PROTECT-IP Act”
On Wednesday we heard additional documents had been leaked from the Arizona Department of Public Safety (DPS). “Will this ever end?” has to be the most commonly-asked question in Arizona nowadays at the DPS. The original attacks last week were claimed by the group LulzSec, which was making the rounds exposing private information through hacking
At a time where the West is, generally speaking, not at the top of its game economically, I can see why defence contractors, like anyone else, are anxious to save money, but outsourcing critical systems purely for economic advantage in the hope of submitting the lowest tender is a risky strategy.
I don’t think there’s such a thing as an indestructible botnet. TDSS is somewhat innovative. It's introduced new twists on old ideas like P2P networks and hiding malware.
Al-Qaida appears to have had its web communications hit by hackers, thwarting its continued effort at updating the world about its activities. It appears that a good portion of their global web presence has been affected. A year ago a similar style attack halted their web communications. According to Evan Kohlmann from Flashpoint Global Partners,
Facebook recently launched a facial recognition feature that allows you and others to “tag” photos with your name. As has been the norm for Facebook, this “feature” is turned on by default and users must take their own initiative to limit, or turn it off. The implications are wide-ranging, so if you or anyone in
Yet another Facebook Clickjacking attack is making the rounds. This time the message shows as below. A right-click (not left) will allow you to copy the source location and open the link in a protected environment. The link brings up the following image The “Jaa” button is actually a “Share” button and will post the
Our friends at Threatpost have come across what they describe as a massive phishing attack against Tumblr users. It seems the lure of sexual content will work as many times as Lucy can pull the football out each time Charlie Brown tries to kick it. According to the article, hijacked web pages of Tumbler users
In a ComputerWorld article Gregg Kaiser cites a Microsoft engineer as saying that the trojan that Microsoft calls “Popureb” digs so deeply that the only way to eradicate it is to reinstall the operating system. If you read the Microsoft blog Feng didn’t actually say that this is the only way to eradicate the trojan.
A lawsuit being leveled against Sony relating to the recent breach activity alleges they skimped on security experts, laying off a batch of professionals prior to the events. The suit, seeking class action status, is being brought by Felix Cortorreal, Jimmy Cortorreal, and Jacques Daoud Jr., who claim they were directly affected by the data
The TDSS botnet, now in its 4th generation, is seriously sophisticated malware, which is why we've spent so much time writing about it: the revision of the paper The Evolution of TDL: Conquering x64 that will be up on the white papers page shortly runs to 54 pages and includes some highly technical analysis, including the detail on
