Archive for the 'Randy Abrams' Category
Way back in the 1990s, during the Q&A session after an EICAR presentation on social engineering, there was an animated discussion arising from some slides I'd included on password selection and usage. Some wondered why we were still discussing and promoting password strategies when there were (and are) better alternatives to static passwords.
ENTER PASSWORD:
Timeslip… Before you … Read More…
If you don’t remember the Rumble in the Jungle, it was a boxing match between George Foreman and Muhammed Ali. Back in 1974 names like Foreman and Ali were as famous as companies like Google and Facebook are now. Google, like the older Ali, has been taking punches in the early rounds of the … Read More…
An application written to allow integration between Facebook and Google Plus may be all you need to compromise your computer. According to a PCWorld report an application called Google+Facebook used a well known programming worst practice of downloading a JavaScript file upon launch.
If you aren’t real technical and don’t know what this means, I will … Read More…
I’ve been using Google Plus almost as long as it has been around, which is a sneaky way of saying I am a noob to it Frankly, at this point I do not see anything particularly novel or sensational. I just haven’t seen the killer feature that will vanquish the Facebook megalith, but … Read More…
This is an impressive looking certificate isn’t it? You might think it means something significant, but then you might be wrong. How hard is it to pass the Internet and Child Safety Advocate certification test? Ask Hanna, a 9 year old (10 this weekend) girl who I met with her father at a local coffee … Read More…
Yet another Facebook Clickjacking attack is making the rounds. This time the message shows as below.
A right-click (not left) will allow you to copy the source location and open the link in a protected environment. The link brings up the following image
The “Jaa” button is actually a “Share” button and will post the first … Read More…
Our friends at Threatpost have come across what they describe as a massive phishing attack against Tumblr users. It seems the lure of sexual content will work as many times as Lucy can pull the football out each time Charlie Brown tries to kick it.
According to the article, hijacked web pages of Tumbler users contain … Read More…
In a ComputerWorld article Gregg Kaiser cites a Microsoft engineer as saying that the trojan that Microsoft calls “Popureb” digs so deeply that the only way to eradicate it is to reinstall the operating system.
If you read the Microsoft blog Feng didn’t actually say that this is the only way to eradicate the trojan. In … Read More…
Survey Reveals Chasm between Users’ Concerns and Behavior
A recent Survey commissioned by ESET and conducted online by Harris Interactive from May 31-June 2, 2011 among 2,027 U.S. adults 18+ found a startling disconnect between user concerns about privacy and security and their actions on social networking sites.
To start, the study found that 69% of online … Read More…
Too bad it doesn’t exist. I mean really exist. Here is how an anti-phishing day that is designed to be a highly effective educational deterrent to phishing would work.
Google, Facebook, Hotmail, Yahoo, Twitter, Myspace, Banks, Online Gaming sites, such as World of WarCraft, and others would all send phishing emails to their users. Yes, phishing … Read More…
- David Harley (769)
- Randy Abrams (437)
- Cameron Camp (102)
- ESET Research (61)
- Pierre-Marc Bureau (50)
- Stephen Cobb (46)
- Aryeh Goretsky (30)
- Paul Laudanski (17)
- Jeff Debrosse (14)
- Andrew Lee (13)
- Robert Lipovsky (10)
- Sebastian Bortnik (9)
- Dan Clark (8)
- Sébastien Duquette (5)
- Tasneem Patanwala (3)
- Peter Stancik (2)
- C. Nicholas Burnett (1)
- Andrea Kokavcova (1)
- David Carnevale (1)
RSS
