October 31, 2009 - Sure we have heard a lot about bots and botnets. One key component of a botnet is the command-and-control (C&C) server, which as we know can come in several flavours (IRC, Web pages, newsgroups, custom servers, etc.). Yet, here comes (continue reading...) Read more
October 30, 2009 - On All Hallows Eve, spooky tricks and treats are abound. You will see all sorts of ghouls (princesses too!). But watch out for more than just ghosts and goblins this Halloween. If you live in Rio, New York City (continue reading...) Read more
October 30, 2009 - Defeating Zombies Attackers have a number of avenues leading directly into your network, and more importantly, into your data. Each week I read about new data losses, phishing scams and the release of hundreds of new vulnerabilities and (continue reading...) Read more
October 30, 2009 - The month of October in the threat landscape is often associated with scary social engineering tactics in time for Halloween. As in years past, the threats that lurk in and plague the current threat landscape (continue reading...) Read more
October 30, 2009 - We often associate Halloween with pumpkins and costumes but for cybercriminals it’s merely another avenue to exploit, steal, and trick users into giving away their personal identities. Treats are fun but we all need to be on the lookout for (continue reading...) Read more
October 30, 2009 - Last week, Christine noted that Patch Tuesday the 13th is approaching. In fact, it's tomorrow.This month's Microsoft Updates include 13 bulletins which fix 34 vulnerabilities. This is going to be a large number of (continue reading...) Read more
October 30, 2009 - Stephen Gately (of Irish boyband Boyzone fame) passed away on October 10th 2009.So here's what searching for news of his passing turned up:On (continue reading...) Read more
October 29, 2009 - Symantec Security Response has become aware of a Trojan Horse we detect as Trojan.Ramvicrype. The Trojan uses the RC4 algorithm to encrypt files on compromised computers, rendering them unusable. Presence of files with a .vicrypt extension is a sure-fire (continue reading...) Read more
October 29, 2009 - I recently had the chance to be interviewed by a student from the John's Hopkins University Information Security Institute. The questions cover a wide variety of topics including hacking trends, certifications, penetration testing, compliance and patch management. (continue reading...) Read more
October 29, 2009 - Posted by Pedram AminiRecently I presented a talk titled "Mostrame la Guita!" (regional Spanish for "show me the money") at Ekoparty in Buenos Aires, Argentina. The purpose of the talk was to provide transparency into the world of (continue reading...) Read more
October 29, 2009 - Visa just released its Cardholder Data Security Best Practices for VisaNet Processors. I think there are some things in this document that you as merchants can use, too. Here are a few examples with my comments/observations:Entities (continue reading...) Read more
October 29, 2009 - Today, we announced our Q3 2009 results to Wall Street and delivered McAfee’s 15th consecutive quarter of double-digit, year-over-year revenue growth. It was another “triple double” quarter—achieving double-digit growth in revenue, operating cash flow and non-GAAP earnings-per-share. In the (continue reading...) Read more
October 29, 2009 - While looking through some recent customer submissions a particular filename caught my attention. It was called “googlewaveinvitegenerator.exe”. Google Wave is a new communication application being developed by Google. Many people who missed the initial sign up for this application are (continue reading...) Read more
October 29, 2009 - I have previously blogged that some of the most common techniques scammers and cybercriminals use are news events and holidays. Balloon Boy and the Windows 7 Launch are good examples. My colleague Sam Masiello’s blog on President (continue reading...) Read more
October 29, 2009 - Earlier this week we talked about an emergency kit for your home, now it's time to focus on your car and how to be prepared for the unpleasantness of being stranded in a winter (continue reading...) Read more
October 29, 2009 - Trend Micro researchers found over 200 email samples that spamvertised male sexual enhancement pills. These bore subjects like “Re: Go wild in bedroom,” “Re: Let your lever straight up,” and “Re: Be her concrete-rod satisfier” and contains a URL that points (continue reading...) Read more
October 29, 2009 - Trend Micro threat analysts found several phishing sites registered in China that target specific people or companies. The said email can customize phishing URLs using the names of intended recipients via a technique called “spear phishing.” Spear phishing has been used by cybercriminals before (continue reading...) Read more
October 28, 2009 - I hope you will allow me this personal blog post, but I learned today that David Taylor of the PCI Knowledge Base passed away suddenly Tuesday. Dave was a friend and colleague. I was privileged to know and work (continue reading...) Read more
October 28, 2009 - There was a study done by the Berkman Center that said our kids are more likely to be hit by a car than be abducted by an online predator. The authors also reminded us that people worry about the (continue reading...) Read more
October 28, 2009 - A Blackberry application called PhoneSnoop was released recently, which resulted in an advisory from US-CERT. The application allows remote users to listen in on a Blackberry user’s surroundings. The application as seen (continue reading...) Read more