...today I'm waxing nostalgic about a piece of malware. Not one of those anniversaries that have filled so many blogs, articles and videos recently (happy birthday, dear Brai-ain....), but something that just popped into my mailbox...
Added 5th March 2011 to the Stuxnet resources page at http://blog.eset.com/?p=5945...
Added to the Stuxnet resources page at https://www.welivesecurity.com/2011/01/23/stuxnet-information-and-resources-3 on 4th March 2011: Ralph Langner at the TED Conference, as summarized by the BBC: US and Israel were behind Stuxnet claims researcher. As previously mentioned at https://www.welivesecurity.com/2011/03/03/nice-stuxnet-commentary-and-hype-deflation. (Hat tip to Mikko Hypponen. Again!) David Harley CITP FBCS CISSP ESET Senior Research Fellow
Recently Senator Schumer from New York wrote a letter (http://www.infosecurity-us.com/view/16328/senator-schumer-current-internet-security-welcome-mat-for-wouldbe-hackers/) to Twitter, Yahoo, and Amazon asking them to make SSL the default for internet connections. What this means is that instead of an http connection they should provide and https connection by default. This is important because with http connections you are exposed to risk
got a phone call from a gentleman with a pronounced accent wanting to help me with my virus problem ... You didn't know I had a virus problem? Neither did I, but he assured me that I was spraying malware all over the part of town I live and work in.
My colleague from ESET Ireland, Urban Schrott, reports that the company has seen a megawave of Facebook spams: five separate spams in 24 hours. I've no idea of the numbers involved, but Urban's "think before you click" message is well worth repeating. The post is to ESET Ireland's CyberThreats Daily blog post: the company also
WordPress.com is a popular blogging host. Recently, for unknown reasons miscreants launched a massive distributed denial of service attack (DDOS) against WordPress.com. According to TechCrunch (http://techcrunch.com/2011/03/03/wordpress-com-suffers-major-ddos-attack/) WordPress.com is responsible for 10% of the websites in the world. So far I have not seen anyone take responsibility for the attacks. With so many websites being hosted
...Hanging on the Telephone, By David Harley, Urban Schrott and Jan Zeleznak...As if fake anti-virus products weren’t bad enough, nowadays we have unsolicited phone-calls from fake AV helpdesks. ESET researchers tell you more about support scams...
Some extra resources: J. Oquendo takes a cold, clear look on Infosec Island at some of the hype that surrounds the Stuxnet story: Cyberterrorism – As Seen On TV While Visible Risk, while by no means entirely negative about the Vanity Fair Stuxnet story (see https://www.welivesecurity.com/2011/03/02/more-on-stuxnet), makes an entirely reasonable point about Irresponsible Sensationalism. I
...all the relevant malware they've seen uses exploits that are restricted to Android OS 2.2 and below...
Social Security Numbers: Identification is STILL not Authentication...
The February ThreatSense Report is now available...
George Santayana was a really smart philosopher. He is best known for his quote “Those who cannot remember the past are condemned to repeat it”. If you want to learn a little something from the past so as not to repeat other people’s mistakes then you can read Aryeh’s blog from when the first iPad
My colleague Aleksandr Matrosov today received an interesting sample of TDL4 from another of my colleagues, Pierre-Marc Bureau: this sample downloads and install another malicious program, Win32/Glupteba.D. This was the first instance he’d come across of TDL4 used to install other malware, and here’s his account of what he found. A sample of Win32/Olmarik.AOV was
At a time when Gartner estimates that we'll have downloaded 17.7 billion + mobile apps worldwide by the end of this year, I couldn't help thinking that Android users are likelier to pay for lax screening in the Android Market than users who are protected by reasonably strict application whitelisting. Well, it looks like that concern had some justification. There are a spate of stories today about >50 applications pulled from the Android Market
A few more developments in the Never-Ending Story: Michael Joseph Gross on A Declaration of Cyber War in Vanity Fair. Despite a somewhat breathless tone in the introduction – "the world’s top software-security experts were panicked by the discovery of a drone-like computer virus" (where's my Valium?!) – actually a comprehensive and largely accurate account. It
Facebook wants you to believe that you gave them your mobile phone number for security reasons and important notifications. The truth is that they wanted your phone number and your address to be able to share it more. The Huffington Post reports that Facebook is going to make your address and phone number available to
Unlike Windows XP service pack 2, which included significant security updates, or Windows XP service pack 3 which is required for support from Microsoft, Windows 7 service pack 1 does not have any significantly compelling updates for most users. If you do not regularly use automatic updates to keep your operating system up to date,
...there are reports of scammers spamming out solicitations for contributions to fake disaster relief funds, in the wake of the recent earthquake in New Zealand...
...Ontinet has been noticing lots of emails with links to forums. Following the links leads to a forum full of spam products, from replica watches to viagra...
