SC Magazine recently reported a malicious application in Google’s Android online market store http://www.scmagazineus.com/malicious-apps-found-in-googles-android-online-store/article/161001/. Due to the highly open nature of Android applications, this is going to probably be a huge problem. Here is the real irony. Many people will probably switch from Android to the iPhone because of the security concerns. Why is it
[Part 4 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series will also be available shortly as a white paper.] Good Password Practice Use different passwords for your computer and on-line services. Also, it’s good practice to change passwords on a regular basis
You may have gathered from some of the blogs published here last year that i’m not biggest fan of the BBC’s “Click” programme. I regard the Beeb’s forays into buying botnets and stolen credit card details and making active use of them as at best naive. I agree that people need to be aware of such issues,
I recently received a couple of questions about malvertising in my askeset@eset.com. AskESET@eset.com is used only to field general security questions, I cannot and do not offer product support. Malvertising is a multi-compound word. Mal, in this case is short for malware, which means malicious software. “vertising” is the advertising portion of the word, so
OK, it isn’t quite that dire, but if you are using Windows XP Service Pack 2, support for that version of the operating system will end in July 2010. If you plan to stay with Windows XP a while longer then it’s a good time to upgrade to service pack 3 if you have not
It is public knowledge that the Italian Prime Minister Silvio Berlusconi was hit in the face which left him with facial injuries, a broken nose and several broken teeth. The video of the attack is circulating on the Internet but at this time, if you search for them on any search engine it is possible
[Update: I had a couple of machine crashes while I was writing this, and only just realized that a pointer to Allan Dyer’s excellent article at http://articles.yuikee.com.hk/newsletter/2009/12/a.html hadn’t survived to the final version. Which is a pity, because it’s very relevant, and well worth reading.] Over the weekend, I posted a blog on the AVIEN site
This blog is a bit of an oddity. ESET UK were approached by Dan Damon, a reporter putting together a piece about “the complications of a digital world when someone passes away”, asking if there was someone at ESET who would be interested in being interviewed for BBC1 radio on the subject. The request got
The first public beta for ESET NOD32 Antivirus for Mac OS X Desktop is now available. “Based on our technology for BSD, Linux, and Solaris servers, ESET NOD32 Antivirus for Mac OS X Desktop has evolved to provide a GUI and feature set similiar to ESET NOD32 Antivirus for Microsoft Windows.” http://beta.eset.com/macosx The first public beta
A few months ago Randy and I put together a white paper on password “good practice” (http://www.eset.com/download/whitepapers/EsetWP-KeepingSecrets20090814.pdf). In it, I quoted the following table of The Ten Most-Used Passwords (sourced from http://www.whatsmypass.com): 1 123456 2 password 3 12345678 4 1234 5 pussy 6 12345 7 dragon 8 qwerty 9 696969 10 mustang Today, I came
I wanted to share with you some more results from the cybercrime survey ESET commission and recently released. You can find the entire report at http://www.eset.com/company/CERC_Poll_2009_Oct.pdf. 57% of American computer owners now bank online, however the more money a person makes the more likely they are to bank online. 2/3rds of computer owners who earn
An Australian company claims to have launched a “virus-proof” computer. They even say “ A fast, easy to use, computer that never gets viruses, EVER !” and then on the same page say “In the rare event that you manage to catch a virus on your virus-proof computer, we will re-load both Zone 1 and
Cyber Monday is the Monday that follows Thanksgiving in the USA. This is said to be the busiest online shopping day of the year. Does that mean that there is more risk of cybercrime? The answer is yes and no. There is more risk simply because more people are shopping online so malicious web pages,
Recently I blogged (Once Upon A Cybercrime…) about a survey ESET commissioned which indicated that Mac users are victims of cybercrime as often as PC users. This finding was not the main point of the survey, but was an interesting finding. The survey is titled “Securing Our e-City National Cybercrime Survey” and was commissioned to
I recently learned a new acronym: SODDI (Some Other Dude Did It). What this refers to is the defense that criminals routinely use (plausible deniability) – and even more so when it comes to illicit activities on the Internet. On Sunday, November 8th 2009 the Associated Press published an article regarding an individual that was
As usual, ESET has released its monthly Global Threat Trends Report, which will be available in due course at http://www.eset.com/threat-center/index.php. There are no surprises in the top five malicious programs, which have the same rankings as in the September report. Clearly, not enough people are taking our accumulated advice on reducing the risk from Conficker,
Specifically spear-phishing, where the target is deliberately selected, as opposed to a random untargeted attack. An article at Dark Reading.com discusses the entirely unsurprising results of a test that concluded that the iPhone, BlackBerry, and Palm have essentially no protection against spear-phishing attacks. http://www.darkreading.com/insiderthreat/security/app-security/showArticle.jhtml?articleID=221100150&cid=nl_DR_WEEKLY_T LinkedIn was used as the service to send a fake invitation
For many years banks and credit card vendors have accepted that there will be some amount of fraud and built those costs in to the operational model. The thinking goes that if the loss is small enough then it isn’t worth pursuing so they simply pass the cost on to the public through fee structures,
Oh brother, don’t tell me you fell for that one! All capital letters, lots of exclamation marks, the classic signs of bad news. Yeah, Halloween is around the corner and it is about time for the fake e-cards to make their rounds and the emails with links to “videos” that are not really videos at
[Update: I notice that at about the same time that I posted this, Sophos also flagged a blog reporting a somewhat similar fake update for Microsoft Outlook/Outlook Express (KB910721). The message is a lot different and links to a different site pretending to be Microsoft’s update site, but is clearly not to be trusted. So the
I was quoted last month in an article at PC Retail (http://www.pcr-online.biz/features/305/The-truth-about-cyber-crime), which is nice. However, I just came across the notes I made at the time of the original enquiry/interview, most of which wasn’t used, so here are my full responses to the questions Andrew Wooden asked, in case they’re of interest. (Actually, they’re slightly expanded and I’ve