Research

Email malware: blast from the past

...today I'm waxing nostalgic about a piece of malware. Not one of those anniversaries that have filled so many blogs, articles and videos recently (happy birthday, dear Brai-ain....), but something that just popped into my mailbox...

Langner, Stuxnet, US and Israel.

Added to the Stuxnet resources page at https://www.welivesecurity.com/2011/01/23/stuxnet-information-and-resources-3 on 4th March 2011: Ralph Langner at the TED Conference, as summarized by the BBC: US and Israel were behind Stuxnet claims researcher. As previously mentioned at https://www.welivesecurity.com/2011/03/03/nice-stuxnet-commentary-and-hype-deflation. (Hat tip to Mikko Hypponen. Again!) David Harley CITP FBCS CISSP ESET Senior Research Fellow

Politicians Better at Security than Twitter, Yahoo, and Amazon

Recently Senator Schumer from New York wrote a letter (http://www.infosecurity-us.com/view/16328/senator-schumer-current-internet-security-welcome-mat-for-wouldbe-hackers/) to Twitter, Yahoo, and Amazon asking them to make SSL the default for internet connections. What this means is that instead of an http connection they should provide and https connection by default. This is important because with http connections you are exposed to risk

Here’s my support desk!

got a phone call from a gentleman with a pronounced accent wanting to help me with my virus problem ... You didn't know I had a virus problem? Neither did I, but he assured me that I was spraying malware all over the part of town I live and work in.

Facebook Spam: the Fifth Wave

My colleague from ESET Ireland, Urban Schrott, reports that the company has seen a megawave of Facebook spams:  five separate spams in 24 hours. I've no idea of the numbers involved, but Urban's "think before you click" message is well worth repeating. The post is to ESET Ireland's CyberThreats Daily blog post: the company also

WordPress.com Survives DDOS Attack

WordPress.com is a popular blogging host. Recently, for unknown reasons miscreants launched a massive distributed denial of service attack (DDOS) against WordPress.com. According to TechCrunch (http://techcrunch.com/2011/03/03/wordpress-com-suffers-major-ddos-attack/) WordPress.com is responsible for 10% of the websites in the world. So far I have not seen anyone take responsibility for the attacks. With so many websites being hosted

Nice Stuxnet Commentary and Hype Deflation

Some extra resources: J. Oquendo takes a cold, clear look on Infosec Island at some of the hype that surrounds the Stuxnet story: Cyberterrorism – As Seen On TV While Visible Risk, while by no means entirely negative about the Vanity Fair Stuxnet story (see https://www.welivesecurity.com/2011/03/02/more-on-stuxnet), makes an entirely reasonable point about Irresponsible Sensationalism. I

The iPad 2 is Not Free

George Santayana was a really smart philosopher. He is best known for his quote “Those who cannot remember the past are condemned to repeat it”. If you want to learn a little something from the past so as not to repeat other people’s mistakes then you can read Aryeh’s blog from when the first iPad

TDL4 and Glupteba: Piggyback PiggyBugs

My colleague Aleksandr Matrosov today received an interesting sample of TDL4 from another of my colleagues, Pierre-Marc Bureau: this sample downloads and install another malicious program, Win32/Glupteba.D. This was the first instance he’d come across of TDL4 used to install other malware, and here’s his account of what he found. A sample of Win32/Olmarik.AOV was

The Terrifying Android

At a time when Gartner estimates that we'll have downloaded 17.7 billion + mobile apps worldwide by the end of this year, I couldn't help thinking that Android users are likelier to pay for lax screening in the Android Market than users who are protected by reasonably strict application whitelisting. Well, it looks like that concern had some justification. There are a spate of stories today about >50 applications pulled from the Android Market

More on Stuxnet

A few more developments in the Never-Ending Story: Michael Joseph Gross on A Declaration of Cyber War in Vanity Fair. Despite a somewhat breathless tone in the introduction – "the world’s top software-security experts were panicked by the discovery of a drone-like computer virus" (where's my Valium?!) – actually a comprehensive and largely accurate account. It

Should You Install Windows 7 Service Pack 1?

Unlike Windows XP service pack 2, which included significant security updates, or Windows XP service pack 3 which is required for support from Microsoft, Windows 7 service pack 1 does not have any significantly compelling updates for most users. If you do not regularly use automatic updates to keep your operating system up to date,

From Russia with Spam

...Ontinet has been noticing lots of emails with links to forums. Following the links leads to a forum full of spam products, from replica watches to viagra...