ESET Threat Blog

[Updated to repair a glitch in the registration link.] 

I’ve had a long if intermittent association with the Anti-Phishing Working Group, going back to the early noughties when I represented the UK’s National Health Service there for a while, and subsequently as an individual member and through my association with ESET. Its focus has widened from … Read More…

 Here are some further thoughts arising from the ACPO National Cyber Crime Conference held recently in the UK*.

DAC Janet Williams, ACPO’s e-Crime lead, summarized the current initiatives along these lines (apologies if I’ve introduced too many of my own preconceptions):

The UK intends to tackle cybercrime and make this one of the safest places to do … Read More…

Forensic software developer PassWare announced a new version of its eponymous software forensics kit on Tuesday. Already several news sources are writing about how the program can automatically obtain the login password from a locked or sleeping Mac simply by plugging in a USB flash drive containing their software and connecting it to another computer … Read More…

On Wednesday we heard additional documents had been leaked from the Arizona Department of Public Safety (DPS). “Will this ever end?” has to be the most commonly-asked question in Arizona nowadays at the DPS. The original attacks last week were claimed by the group LulzSec, which was making the rounds exposing private information through hacking … Read More…

Mt. Gox, the most popular Bitcoin exchange, has had a database compromised and user information stolen, sparking rapid devaluation and temporary exchange freeze to halt the slide. According to a Mt. Gox breach notification e-mail sent to users on June 19th:
“Our database has been compromised, including your email. We are working on a quick resolution … Read More…

Our colleagues Aleksandr Matrosov and Eugene Rodionov are tracking the evolution of TDL4 (also known as Win32/Olmarik). The following is a report on the latest TDL4 update, released last week.
In our previous blog post, we described how the latest Microsoft Security Update modified the Windows OS loader (winloader.exe) to fix a vulnerability that allowed the … Read More…

While the jury’s still out about whether the intent of the past month’s mass webserver breaches are fully criminal, Dancho reports new developments which also link Koobface activity into this command and control structure:

Yet another mass sites compromise is currently taking place, this time targeting DreamHost customers, courtesy of the same gang behind the U.S … Read More…

TheJournal of West Virginia reported yesterday that 19-year-old Jonathan G. Parker was charged on Tuesday with felony daytime burglary. He’s alleged to have stolen two diamond rings worth more than $3,500, but to have taken some time out to access his Facebook account on the victim’s laptop.
If the report is correct, it seems that no sophisticated … Read More…