Tip of the hat to Bruce Dang and Dave Aitel for flagging an inaccuracy in ESET's Stuxnet report. And, indirectly, leading us to a blip in some PoC code which now looks even more interesting. (But that isn't going public yet.) The paper has been updated to remove the offending item. David Harley CITP FBCS
ResearchExpert content, for researchers by researchers
What a touching email. Mercy saw my profile and wants to know more about me. She even tells me “please don't forget that distance or color does not mean any thing,but love matters a lot”. What a sweet sentiment. Now I’ll show you the email and I think you’ll see what’s wrong with this picture.
Sure, iPhones are a lot more stable than Androids, but there is one place that Android has it all over the iPhone… you get to know what resources an app can access before you install it. This capability, coupled with comments on apps can really help you make better decisions about what you install on
Back in the early 1990’s I had a 386 with 4 megabytes of RAM and a very large 80 megabyte hard drive. That little 386 could do something an Android phone cannot natively do. I could do a screen capture and save it to a file. I thought that for some of my blogs on
This is the last segment in the series. To begin with, I have a question for you… What do you call a device that has a 1 gigahertz microprocessor, 512 megabytes of RAM, several gigabytes of solid state storage, runs programs, can be programmed, and can access the internet? Sound a bit like a Netbook,
...fake survey scam...
Larry Seltzer and David Phillips have kindly sent me the full text of the fake Adobe update messages I previously mentioned...
An email headed “ADOBE PDF READER SOFTWARE UPGRADE NOTIFICATION” has been spammed out recently: of course, it’s a fake, linking to a site that isn’t Adobe’s.
The Stuxnet analysis “Stuxnet under the Microscope” we published a few weeks ago has been updated...
Google translate is pretty cool, but they are missing a language. You can translate from Haitian Creole to Yiddish and from Galacian to Maltese, but you can’t translate from geekspeak to anything a regular person understands. The good part about this for me is that I have a job trying to do just that! David
...we also indicated in that paper that there are two Elevation of Privilege (EoP) vulnerabilities that we chose not to describe while patches were pending. One of these has now been patched, so we’re now able to publish some of the information we have on it. (When the other vulnerability has been patched, we plan to update the Stuxnet paper with information on both issues.)
Surprised to find annual cybercrime damage spread somewhere between 300 million and 54 BILLION? So is the Director of National Intelligence. Today Brian Krebs of the Washington Post and Krebsonsecurity.com detailed a strong push for mandatory disclosure of cyber intrusion to include account hijacking and online identity theft.
It was a tough choice to choose a title for this post. I also considered “It ain’t necessarily so” for a title. This blog is aimed at our less technical users, but perhaps more technical users will find it useful as a teaching aid as well. Today I am going to teach you how to
And a giant step for users! While working on a blog soon to follow this I discovered a behavior in Windows 7 that Microsoft has changed to make a small, but meaningful improvement in security. For decades the bane of IT professionals has been users who double click on anything they can. This has lead
In the first two parts (Part 1, Part 2) of this series I discussed some of the privacy issues associated with Flash and also explained the configuration options that Adobe offers. If you are willing to go through the hassle of creating an mms.cfg file and maintaining it then you really do have the ability
Now that cyberwarfare is out of the bottle, will anyone agree to not use it? In the summer of 1945 in New Mexico, the Trinity test gave rise to the term ground zero. Could Stuxnet may be measured as a definitive ground zero in cyberwarfare comparable to Trinity? Concerning Stuxnet’s latest rise in China, David
This is an item you may not have seen amid all the speculation about Stuxnet, Iran and Israel.
1) Another Virus Bulletin conference paper has just gone up on the ESET white papers page, by kind permission of the magazine. Large-Scale Malware Experiments: Why, How, And So What? by Joan Calvet, Jose M. Fernandez, our own Pierre-Marc Bureau, and Jean-Yves Marion, discusses how they replicated a botnet for experimental purposes, and what use they
Since its release in 2007, ESET Smart Security has received many accolades for its antimalware, antispam and firewall functions. However, we have recently been the recipient of a very dubious honor; a rogue antivirus program which masquerades as our own software. The Rogues Gallery Rogue antivirus is a loose family of programs that claim to
In the first part of this blog I told you how to use the basic Flash configuration utility. This blog is for the techies. This time I’ll share with you how to shut the doors on Flash and only open them to the sites you want to trust. Very few people seem to know that