December 23, 2010 - Do you imagine that the scammers hang up their stockings at Christmas, pour themselves a brandy and take a break from their money-making schemes? Well, think again. There are plenty of scams circulating right now on Facebook, for instance, designed (continue reading...) Read more
December 23, 2010 - A federal court in Minneapolis has heard accusations that a Texan man hacked his way into the systems of well-known ecommerce company Digital River, and stole more than a quarter of a (continue reading...) Read more
December 22, 2010 - Two different new zero-day exploits were published on December 22. Remote attackers could use these exploits to take complete control of a vulnerable system. Websense Security Labs is monitoring the situation, and we will update this blog post as we (continue reading...) Read more
December 22, 2010 - A remote code execution vulnerability against Internet Explorer was announced recently, and a proof-of-concept exploit has already been added to the Metasploit products. Microsoft doesn't (continue reading...) Read more
December 22, 2010 - This isn’t exactly a security post, although when things go wrong on electronic devices viruses almost always are suspected and blamed. Well, the truth is that sometimes it is a hardware problem. Many Kindle users complained of crashes. The Kindle has (continue reading...) Read more
December 22, 2010 - Have you ever watched a movie called "The Abyss?" Near the end of the movie there's a scene that I think is particularly relevant to this post. Our hero has to go 17,000 feet under the sea to (continue reading...) Read more
December 22, 2010 - Last Friday, Google announced a new warning for hijacked sites displayed within search results. The new warnings say "This site may be compromised". Such results represent legitimate sites that have likely been hijacked to host spam which redirect users (continue reading...) Read more
December 22, 2010 - Hello, Today we released Security Advisory 2488013 to address a public vulnerability that could affect customers using Internet Explorer 6, 7 and 8 if they visit a website hosting malicious code. Currently the impact of this vulnerability is limited (continue reading...) Read more
December 22, 2010 - Here in the Cyber Threat Analysis Center we’re starting to add video blogs. If the threat information I share doesn’t scare you, maybe my picture will This short video blog is about drive-by downloads. This (continue reading...) Read more
December 22, 2010 - @font-face { font-family: "Arial"; }@font-face { font-family: "Courier New"; }@font-face { font-family: "Wingdings"; }p.MsoNormal, li.MsoNormal, div.MsoNormal { margin: 6pt 0in; page-break-after: avoid; font-size: 12pt; font-family: "Times New Roman"; }p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph { margin: 6pt (continue reading...) Read more
December 22, 2010 - The case for in-the-lab botnet experimentation: creating and taking down a 3000-node botnet By Joan Calvet, Carlton R. Davis, José M. Fernandez, Jean-Yves Marion, Pier-Luc St-Onge, Wadie Guizani, Pierre-Marc Bureau, and Anil Somayaji This paper, presented at the Annual (continue reading...) Read more
December 22, 2010 - Version 1.3 of the Stuxnet Analysis white paper is now available on the white papers page at http://www.eset.com/documentation/white-papers. Details as follows. Stuxnet Under the Microscope By Alexandr Matrosov, Eugene Rodionov, David Harley and Juraj Malcho, December 2010 Summary: Version 1.3 (continue reading...) Read more
December 22, 2010 - During FOCUS10, we announced our Security Connected initiative as a way to get the enterprise one step ahead, breaking down the silos of security technology and processes. In January, we’ll dissect all the elements of Security Connected here on (continue reading...) Read more
December 22, 2010 - As feared, there has been some fallout after hackers stole a database of supporters from the controversial right-wing English Defence League (EDL). The Register (continue reading...) Read more
December 22, 2010 - Stuxnet continues to be a hot topic. Here's an updated set of Questions and Answers on it.Q: What is Stuxnet?A: It's a Windows worm, spreading via USB sticks. Once inside an organization, it can also (continue reading...) Read more
December 22, 2010 - Tenable Network Security is pleased to announce that SecurityCenter 4 has recently been validated by the National Institute of Standards and Technology (NIST) as conforming to the Security Content Automation Protocol (SCAP) and its component standards. As of December 16, (continue reading...) Read more
December 22, 2010 - A few weeks ago I posted a blog article about how scareware distributors are now using cold calling techniques. Many will quickly dismiss such tactics, believing only fools would fall victim (continue reading...) Read more
December 22, 2010 - A scam is spreading rapidly across Facebook, luring users into clicking on a link, using messages like the following: This American GUY must be Stoned to De@th for doing this to a GIRL: Other (continue reading...) Read more
December 22, 2010 - As a security professional, I'm generally happy to receive spam. Not directly into my inbox, of course, but into a special folder where I can look at it later. For, ah, research purposes only, you understand. Call me an old traditionalist, (continue reading...) Read more
December 21, 2010 - Forget WikiLeaks - Australia is currently embroiled in a data leakage saga of its own, dubbed "DickiLeaks". In short, the story is that a young woman has published (continue reading...) Read more