[NOTE: As we were publishing this articl, our Latin American office discovered another Black Hat SEO campaign incorporating promises of Osama bin Laden videos on Facebook. Click here to view their article in Spanish. We will follow up on this shortly. AG]
The malware phenomenon started by the announcement of Osama Bin Laden’s death continues unabated, … Read More…
One of the most common ways to propagate malware through social engineering is to piggyback it on some attention-catching news event. This can be carried out using a variety of techniques and is certainly nothing new. One infamous example from 2007 was Win32/Nuwar (a/k/a the Storm Worm), which distributed through spam emails with current and/or … Read More…
My latest blog for SC Magazine's Cybercrime Corner looked at the recent APT (Advanced Persistent Threat) attack on RSA, in the light of Uri Rivner's blog on the implementation of the attack.
Unfortunately, the exact nature of the target and damage remains somewhat obscure, so while I certainly consider Rivner's blog worth reading, I also found myself clarifying … Read More…
It is, as Aryeh Goretsky remarked to me recently in a slightly different context, almost like Old Home Week. He was referring to recent work by a number of luminaries formerly prominent in antivirus research like Eugene Spafford, Ken van Wyk, and even Fred Cohen.
But today I'm waxing nostalgic about a piece of malware. Not one of … Read More…
Here's a somewhat novel social engineering attack, flagged by John Leyden in The Register: a voicemail phishing scam (vishing, if you must) that threatens victims with heavy fines and even imprisonment as a result of their visiting the Wikileaks site. The attacker leaves a message including a number victims are supposed to ring to sort … Read More…
This is a (slightly edited) extract from the November ThreatSense Report, included here as it makes a very serious point about social networking,
Andrew Lee conducted a fun but disquieting thought experiment in the course of an amusing and informative presentation on user education at the recent Virus Bulletin Seminar.
Most security researchers have an innate distrust of … Read More…
This weekend, an unnamed worm forced Microsoft to temporarily suspend active links in Live Messenger 2009, in order to prevent the aggressive worm from spreading further. This is quite a surprising measure, because worms spreading through Instant Messaging (IM) such as Skype, Yahoo! Messenger and Microsoft Live Messenger are not new at all! For example, … Read More…
A day or two ago I put up a blog pointing to a number of resources relating to social media and privacy, primarily Facebook (and to a lesser extent Twitter).
One of the articles I mentioned there was Kevin Townsend's Talking privacy and Facebook with Alexander Hanff. Hanff is Head of Ethical Networks at Privacy International, and his thoughts … Read More…
The problem with preventing such scams is that social engineering is very lo-tech in nature, requiring little in the way of technical resources and investment. Scammers are relying on the victims naivety, to grant them access to their computer and credit card details, so there’s very little a security company can do to prevent them, … Read More…
No, I'm not casting aspersions about the acting ability of Ms Jolie.
Yesterday I blogged on the independent Mac Virus site about a threat making use of .MOV (movie) files. That blog refers to a report by Trend Micro's Marco Dela Vega that criminals are making use of the fact that Quicktime Player 7.6.6 allows movie … Read More…
- David Harley (741)
- Randy Abrams (431)
- Cameron Camp (111)
- Stephen Cobb (62)
- ESET Research (56)
- Pierre-Marc Bureau (51)
- Aryeh Goretsky (31)
- Andrew Lee (15)
- Jeff Debrosse (12)
- Robert Lipovsky (12)
- Paul Laudanski (11)
- Sebastian Bortnik (8)
- Dan Clark (6)
- Righard Zwienenberg (6)
- Sébastien Duquette (5)
- Tasneem Patanwala (3)
- Alexis Dorais-Joncas (3)
- Peter Stancik (2)
- Aleksandr Matrosov (2)
RSS
