Research | WeLiveSecurity

Research

Expert content, for researchers by researchers

Research

VPN, SSL, and HTTPS

In response to my recent cookie theft blog a reader asked the following questions: What is VPN, what is SSL and what is the significance of https? What precautions can we take if we need to do Internet banking from a public computer, Internet café for example? VPN, SSL and https are all about encryption.

Let’s Pull the Wool Over Your Eyes

Recently a tool called “Firesheep” was released. Firesheep makes it so that virtually anyone can hijack Facebook, and some other accounts when they are being used on unsecured public wireless networks. Firesheep takes advantage of the fact that Microsoft, Facebook, Twitter, Yahoo, and scores of other companies really couldn’t care less about your privacy or

Why is Unsecured Wi‑Fi So Risky?

I’m sure that at some point you have listened to the radio. A signal goes out and all radios in range can tune in to the broadcast. WI-FI is essentially a radio signal that transmits and receives data. The access point and your computer exchange information, but all computers with wireless capabilities can receive the

Dr. Zeus: the Bot in the Hat

...behaviour like this has been observed in other versions of Zeus. The really interesting discovery in this case is associated with the way in which these samples search for logical devices attached to an infected computer....

Firesheep, Idiocy, Ethics and the Law

This isn’t a highly technical post by any means, but in a follow up I will explain some basics for less technical users and provide some information on protection. Recently a Firefox extension called Firesheep was released. Firesheep makes account hijacking easy enough that highly unskilled users can do it. Here’s how it works. A

The AMTSO subscription model: a clarification

The AMTSO press release about its newly announced cheap subscription model, which I previously referred to here, has been misunderstood in some quarters. I therefore tried to clarify the issues in my latest Security Week article: Once More 'Round the AMTSO Wheel of Pain. The article is also linked from the ESET white papers page.

Virus Bulletin Seminar

Our friends at Virus Bulletin are hosting a seminar later this month ... organized by the security-knowledgeable but vendor-agnostic magazine whose annual conference is one of the major highlights of an anti-malware researcher's year.

Boonana Threat Analysis

Our interim analysis of a version of the malware we detect as Java/Boonana.A or Win32/Boonana.A (depending on the particular component of this multi-binary attack) differs in some characteristics from other reports we've seen. The most dramatic difference is in the social engineering hook used in messages sent to an infected user's friends list. Other reports

NHS Security: a Retrospective View

...While there are those who think that I've been in the anti-virus industry since mammoths roamed the Surrey hills, most of my computing career has actually been in medical informatics, though as you might expect from what I do now, documentation, security and systems/user support played a large part most of that time....

Limewire Livewire

Clearly, the news about the demise of the Limewire service hasn't reached P2P Technologies yet, or, more likely, they're hoping it hasn't reached you...

Your Computer Won’t Protect You

You may have seen some headlines today about a New Java Trojan that attacks Macs. It turns out that it also attacks Windows and Linux users as well. The Trojan pretends to be a video on Facebook. A user gets a message asking “is this you in this video” with a link. Upon clicking the

I’ll Tell You How to Vote

A recent article at Time http://www.time.com/time/politics/article/0,8599,2025696,00.html details how an online voting system was hacked. The good news is that it was a public test and not a real election. The bad news is that real people’s information was able to be obtained. The “hackers” professor J. Alex Halderman and some of his graduate students from

Unencrypted Wireless: In Like a Lion, Out Like a Lamb

[C. Nicholas Burnett, the manager for ESET LLC's tier three technical support, contributed the following guest blog article on the FireSheep plugin for Firefox.  Thank you very much, Carl!  Aryeh Goretsky] The past several days have seen the security community abuzz about a program presented in San Diego at ToorCon 12 this last weekend called

Limewire, free software, and for‑fee membership

...there are a number of other potential risks from offers like this (as I've pointed out before) ... Paying for software that's actually free and for services that aren't worth the money ... Paying for software that turns out to be malicious ... Parting with credit card and other data that might be misused...

AMTSO: Members or Subscribers?

...one of the most interesting results is the approval by the members present of a planned low-fee subscription model which will enable individuals and small organizations to participate...

Stuxnet Under the Microscope: Revision 1.11

Tip of the hat to Bruce Dang and Dave Aitel for flagging an inaccuracy in ESET's Stuxnet report. And, indirectly, leading us to a blip in some PoC code which now looks even more interesting. (But that isn't going public yet.) The paper has been updated to remove the offending item. David Harley CITP FBCS

Scam of the Day AKA She Loves You Yeah, Yeah, Yeah

What a touching email. Mercy saw my profile and wants to know more about me. She even tells me “please don't forget that distance or color does not mean any thing,but love matters a lot”. What a sweet sentiment. Now I’ll show you the email and I think you’ll see what’s wrong with this picture.