ESET Threat Blog

Way back in the 1990s, during the Q&A session after an EICAR presentation on social engineering, there was an animated discussion arising from some slides I'd included on password selection and usage. Some wondered why we were still discussing and promoting password strategies when there were (and are) better alternatives to static passwords.
ENTER PASSWORD:

Timeslip… Before you … Read More…

Introduction

Facebook and Skype announced the launch of Video Chat on Facebook using the Skype platform.  Users must download the newest version 5.3 (although 5.5 beta is also acceptable).  If a person takes the plunge and installs the new version, logs in and grants Skype permission to one’s profile on Facebook then pay attention please.  The … Read More…

Introduction
LinkedIn is a social network platform whose specialty is connecting professionals together to build relationships and create business opportunity. Recently the company became publicly traded and grabbed the attention of the world as its initial public stock offering more than doubled on the first day. Here we focus tools and options for user privacy on … Read More…

…or staying in touch with CTAC (the Cyber Threat Analysis Center), whose personnel are mostly responsible for the content of this blog.
A couple of weeks ago I mentioned various ways in which you can keep track of what the CTAC team is up to, but if you're a Facebook user, you might want to try the … Read More…

Released today in PDF format, a highlight of our global threat report covers:

Don’t be silly online, please

Facebook privacy: security concerns

Cybersecurity symposium in San Diego

Return of the password reset attack

The Top Ten Threats

Top Ten Threats at a Glance (graph)

Be sure and check out our previous threat reports.

Figure 1: Top 10 ThreatSense.net May 2011

For further details, please … Read More…

Android Smartphones are under attack again by rogue applications that once installed are reading information from the phone and sending it back to a pre-assigned location. According to mobile security firm as many as 120,000 users may have been infected from a cafeteria selection of at least two dozen applications from the Android Market.

“Once installed, … Read More…

Over the past couple of years rogue online pharmacies have been advertising their domains on search engines and promoting themselves through search engine optimization.  Legitimate pharmaceutical companies have their own measures in place to work on taking these sites offline.  The problem with rogue online pharmacies is that they do not meet federal regulations.  To … Read More…

In an unfortunate series of events related to the RSA SecurID technology, reports are coming in that Lockheed Martin's networks have been broken into by unknown perpetrators.  Jim Finkle and Andrea Shalal-Esa broke an exclusive story and reached out to folks in the industry to get to the truth.

"They breached security systems designed to keep … Read More…

Introduction
As the sun is setting and I breathe some of the night time air I am inspired to write about Facebook.  Yes, *the* Facebook, the third largest country if it were a physical place with boundaries under a common rule of law and government.  When many people use a service such as this, it bears … Read More…

Recent additions to SCMagazine's Cybercrime Corner blog include:

"Password strategies: Who goes there?" by David Harley, May 23, 2011
Password selection usually involves compromise, but even a short password can be reasonably strong and still memorable. This follows up at some length on a previous ESET blog by Paul Laudanski.
"Fighting cybercrime" by Randy Abrams, May 23, 2011
If … Read More…