ESET Threat Blog

Phishers always try to find new ways to bypass security features and trick ‘educated’ users. Over the years we have seen simplistic phishing attempts where the required information had to be typed into the e-mail body. This worked at that time because phishing was new and hardly anyone had a notion of the implications. Later, … Read More…

An emerging information security threat highlighted this week by Róbert Lipovský, namely theft and abuse of digital certificates by malware creators, serves as a timely reminder that these certificates are highly valuable digital assets that should be accorded the highest levels of protection. If your company uses certs purchased from root authorities such as Verisign, … Read More…

Introduction

Facebook and Skype announced the launch of Video Chat on Facebook using the Skype platform.  Users must download the newest version 5.3 (although 5.5 beta is also acceptable).  If a person takes the plunge and installs the new version, logs in and grants Skype permission to one’s profile on Facebook then pay attention please.  The … Read More…

Introduction
LinkedIn is a social network platform whose specialty is connecting professionals together to build relationships and create business opportunity. Recently the company became publicly traded and grabbed the attention of the world as its initial public stock offering more than doubled on the first day. Here we focus tools and options for user privacy on … Read More…

Survey Reveals Chasm between Users’ Concerns and Behavior
A recent Survey commissioned by ESET and conducted online by Harris Interactive from May 31-June 2, 2011 among 2,027 U.S. adults 18+ found a startling disconnect between user concerns about privacy and security and their actions on social networking sites.
To start, the study found that 69% of online … Read More…

Our friends (and competitors) at Sophos blogged about a new threat that poses as a Windows Update and then infects unsuspecting users with a fake antivirus product.
The update appears to be very real and is tricking users. While my colleagues at Sophos offer excellent advice to help people protect themselves (as I believe we do … Read More…

Update: It seems like the initial article is inaccurate and that Paul Rellis never made any such comments about a 14 year old breaking into the X-Box live servers and have not offered to mentor him http://kotaku.com/5805742/microsoft-is-helping-an-xbox-live-hacker-develop-his-talent
TekGoblin reports (http://www.tekgoblin.com/2011/05/27/14-year-old-call-of-duty-hacker-hired-by-microsoft/) that a teenager who broke into the Call of Duty Modern Warfare 2 gameservers last month, … Read More…

Introduction
As the sun is setting and I breathe some of the night time air I am inspired to write about Facebook.  Yes, *the* Facebook, the third largest country if it were a physical place with boundaries under a common rule of law and government.  When many people use a service such as this, it bears … Read More…

What do these two topics have in common? More than you might think.
The obvious is that neither has arrived yet.
There is no proof of existence of either, you have to take it on faith.
Neither will be here tomorrow… take my word for that.
A story at http://www.reuters.com/article/2011/05/23/uk-linkedin-security-idUSLNE74M02820110523 explains how dreadfully poor security practices at LinkedIn can … Read More…

An article came out yesterday from Clement Genzmer who is a security engineer at Facebook.  His tagline is "searching and destroying malicious links".  Those of us in the business of digital security and safety can certainly identify with that, especially the part where we aim to identify the criminals and work with law enforcement to … Read More…