There is an interesting and humorous work of fiction at http://www.appleinsider.com/articles/09/09/07/inside_mac_os_x_snow_leopard_malware_protection.html. Humorous as long as you don’t believe it! The article starts out saying “Safari, like other modern browsers, already flags certain websites that are known to be used to distribute malicious software”. That’s a nice layer of defense, but there are sites many sites
I was speaking with our friend David Perry at Trend Micro about the insecurity of social networking services and what steps users could take to strengthen their security online. In the course of our conversation, we came up with a list of simple steps you could take to better protect yourselves. Be careful about whom you
An interesting comment was made to my last blog on Snow Leopard, Mac malware and all that. I’ve approved the comment, but since people who read the blog earlier won’t necessarily go back to see what comments it’s attracted, I’ll answer it here, at more length. Mac User said that “Currently, the only way to get
I forwarded this to myself from another account yesterday because I thought it was one of the laziest 419 scam messages I’d ever seen. From: British Tobacco Company Sent: 27 August 2009 19:46 Subject: Contact Mr Paul Adams Congratulations! Your e-mail ID was among the selected lucky winners of £1,000.000.00 GBP in our BRITISH TOBACCO
Mac User has reported in a little more detail than I’ve seen elsewhere so far on the Trojan detection in Snow Leopard, quoting freelance OS X and iPhone developer Matt Gemmell. In fact, the meat of the story is Gemmell’s tweets, which state that:the system checks for only two known Trojans, RSPlug and iServices, and
I really ought to be working towards some really urgent deadlines, but I can’t resist a quick comment on the antimalware detection feature in Snow Leopard – darn, I’m going to have to upgrade to get a proper look at it – since several AV people, including our own Aryeh Goretsky have commented. I have
I feel like the learned judge in the ’60s who asked, in the course of a trial, “What is a Beatle?” since until recently I couldn’t have given you an accurate answer to the question “What is a Jessica Biel?” In fact, I’d probably have said something like “”Wasn’t she in Flashdance?” (The answer is
Mac security firm Intego blogged about Apple’s decision to include an antimalware component in Mac OS X 10.6 “Snow Leopard” and we agree that it is a good step, security-wise, to provide some basic protection against malware. Apple has long mocked Microsoft, up to and including this 2006 advertisement which implied there were no viruses
A number of new papers have been added to the white papers page: Cristian Borghello’s “Playing Dirty” is a translation of his original Spanish paper, available on the ESET Latin America web site, and describes in detail how criminals make money out of stealing online gaming credentials and assets. My paper Social Security Numbers: Identification is
This is part two of a recent email interview with a Turkish web site, with part one made available here for the benefit of those of us who don’t speak Turkish. I’ve done a little editing on parts one and two, primarily for cosmetic reasons. Question (4): What the golden rules for using the Internet with
Regular readers will be aware that, unlike many people in the security industry, people in this research team tend to be enthusiastic supporters of security education for end users, both inside and outside business: not as The Answer To Everything, not in terms of turning everyone who uses the Internet into a security expert, but
So, back in harness. I’ve been away for a couple of weeks: not on holiday as such, though I did take some days out, but concentrating on writing: it didn’t hurt that I didn’t have a full-strength internet connection to distract me, though. Before I left, I was interviewed by a Turkish security site. It
Perhaps I imagined it, but a few days ago when I allowed Firefox to update to fix security vulnerabilities my privacy settings were reset to less private settings. I had Firefox set to clear the history on exit, and prompt me. I also had it set not to accept third party cookies. After the upgrade
As I previously pointed out http://www.eset.com/threat-center/blog/2009/08/04/calling-adobe%E2%80%99s-bluff, Adobe is at best deceptive about claims of the security and privacy of Flash. Even if you do not know what flash is or how to find it, you probably have it on your computer. If you open control panel and go to the “add or remove programs” application
There’s been a certain amount of buzz in the past couple of days about messages claiming to link to Wire Transfer information, but actually related to a Trojan commonly called Delf or Doneltart. ESET is detecting the examples we’ve been seeing as a variant of Win32/TrojanDownloader.Delf.OZG. The messages generally look something like this (at least,
We’ve had reassuring responses from Slideshare about the recent problem with a malicious slide deck and the company’s timely removal of the malicious account. You can find these in the comments to the previous blogs on the subject, but as many people who saw the original blog won’t necessarily go back to check on comments,
You probably aren’t looking for trouble, but there’s a good chance you’ll find it when you search the internet. An article in Information Week http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=218700239&cid=RSSfeed_IWK_All it was reported that the bad guys are trying to make sure their bad web pages come up when you search common terms on the internet. In this case the
No, nothing to do with drive-by downloads… Our colleagues in Europe came up with a nice idea: an article on the dangers of web surfing on free wi-fi and some tips on staying safe. (A topic dear to the hearts of all of us who find ourselves out and about with our laptops from time
We know that spam works: well, it works well enough for spammers to keep devoting time and money into pumping sewage into the arteries of the internet. The interesting question is why does it work? The Messaging Anti-Abuse Working Group (MAAWG), a global coalition of network operators and messaging providers who do some vital work
The results (released yesterday) from a study conducted by the Ponemon Institute yielded some interesting data points. The most visible of these was the finding that 85% of U.S. organizations experienced data breaches of varying magnitudes. This study, entitled “U.S. Enterprise Encryption Trends”, has completed its fourth annual publication. The data was directly obtained from
I recently read an article about Facebook security problems at http://www.securitymattersmag.com/security-matters-magazine-article-detail.php?id=411 in which some advice on passwords was given. Some of the advice was quite good, but some was a bit shaky. I’ll go through the tips and tell you what’s hot and what’s not! Use a combination of uppercase and lowercase letters, symbols, and