Archive for August, 2007
Well, I said I wasn’t going to post each time the storm gang changes their tactics, however, perhaps I can use many of their ploys to teach anti-scam education.
The scum-scam du jour is an email asking you to beta test some software. One I saw went as follows:
————————————————————————————————
Would you consider helping us with your opinion … Read More…
Our heuristics have gotten pretty well tuned to the varieties of storm worms we’re seeing. We generally catch the new variants, but nobody is catching them all without incurring a significant false positive rate. There are probably some companies that would take issue, but when you block everything, including good, that counts as false positives … Read More…
Most of us were taught that most people are good and only a few are bad. This truism has carried over to computers where it is not applicable, especially in the case of email. It isn’t that there are more bad computer users than good ones though. Here’s how it works. If you have 100 … Read More…
Yesterday, we were shooting a report for a television network in Canada. Part of the report concerns the underground economy. We decided to connect to an Internet Relay Chat (IRC) server to see how much stolen credit card data is sold. While looking at the never ending flow of people announcing their PayPal, egold and … Read More…
Vulnerability in Yahoo Messenger that can potentially allow a remote attacker to hijack your PC is you accept a webcam invite. Of course, your friends are not going to exploit the flaw when they invite you to a video chat. The threat is when you get invites from untrusted sources. The obvious advice is to … Read More…
WARNING! The following post contains examples of humor and satire. If you do not find this funny there is probably a pill for that too.
We’ve seen Red Pill (http://invisiblethings.org/papers/redpill.html). We’ve seen Blue Pill (http://theinvisiblethings.blogspot.com/2006/06/introducing-blue-pill.html). Today I read about Purple Pill (http://blogs.zdnet.com/security/?p=427) and so I have decided to pre-emptively warn you about Sugar Pill.
Sugar Pill is … Read More…
So the people at untangle.com decide to “test” anti-virus product in an effort to prove their dedication to open source zealousness. I’m not against open source, but if you want to promote it then be honest about it.
First untangle grabs a few samples of “viruses” that they know CLAM AV will detect. Unfortunately 1 out … Read More…
Ok, now I’m in trouble. It seems that about the time of my post about eVil eCards and eVites our sales department was just about to use an eVite. Actually, for their intended purpose an eVite may well be the right tool for the job. How’s that you ask? The answer is context and clear … Read More…
- David Harley (770)
- Randy Abrams (437)
- Cameron Camp (102)
- ESET Research (61)
- Pierre-Marc Bureau (50)
- Stephen Cobb (47)
- Aryeh Goretsky (30)
- Paul Laudanski (17)
- Jeff Debrosse (14)
- Andrew Lee (14)
- Robert Lipovsky (10)
- Sebastian Bortnik (9)
- Dan Clark (8)
- Sébastien Duquette (5)
- Tasneem Patanwala (3)
- Peter Stancik (2)
- Andrea Kokavcova (1)
- David Carnevale (1)
- C. Nicholas Burnett (1)
RSS
