OS X Lamadai: Flashback isn’t the only Mac malware threat
By Alexis Dorais-Joncas at 25 April, 2012, 6:27 am
The Flashback trojan has been all over the news lately, but it is not the only Mac malware threat out there at the moment. A few weeks ago, we published a technical analysis of OSX/Lamadai.A, the Mac OS X payload of a multi-platform attack exploiting the Java vulnerability CVE-2011-3544 to infect its victims. OSX/Lamadai.A has … Read More…
(No Ratings Yet)
Loading ...QR Codes and NFC Chips: Preview-and-authorize should be default
By Stephen Cobb at 23 April, 2012, 12:01 pm
What do printed QR codes and NFC (Near Field Communication) chips have in common, besides storing instructions that computers can read? They are both hackable and their ability to store and communicate computer instructions is bound to be abused, if not already, then sometime soon. This happens to every new means of communication; QR and … Read More…
(No Ratings Yet) Loading ...DNS Changer (re)lived, new deadline: 9 July 2012!
By Righard Zwienenberg at 21 April, 2012, 2:38 pm
As written in our “Password management for non-obvious accounts” blog post on February 22, the FBI confiscated the DNS Servers used by the DNS Changer malware and replaced them with different servers so that infected users would not be left without internet right away. Initially these replacement DNS Servers were to be taken offline on … Read More…
(No Ratings Yet) Loading ...How to recognize a PC support scam
By David Harley at 18 April, 2012, 1:45 pm
A while ago, I responded to a blog comment promising some thoughts on how to recognize a cold-calling PC support scam. Unfortunately, I wasn't able to do that immediately, and then I was on vacation with no Internet connectivity (I should do that more often!). But then, since the problem isn't going to disappear any … Read More…
(No Ratings Yet) Loading ...Phishing Using HTML and Intranet Security Settings
By Righard Zwienenberg at 16 April, 2012, 9:10 pm
Phishers always try to find new ways to bypass security features and trick ‘educated’ users. Over the years we have seen simplistic phishing attempts where the required information had to be typed into the e-mail body. This worked at that time because phishing was new and hardly anyone had a notion of the implications. Later, … Read More…
(No Ratings Yet) Loading ...CeCOS VI: The Counter eCrime Operations Summit
By David Harley at 16 April, 2012, 2:35 pm
[Updated to repair a glitch in the registration link.]
I’ve had a long if intermittent association with the Anti-Phishing Working Group, going back to the early noughties when I represented the UK’s National Health Service there for a while, and subsequently as an individual member and through my association with ESET. Its focus has widened from … Read More…
(No Ratings Yet) Loading ...Fighting the OSX/Flashback Hydra
By Pierre-Marc Bureau at 13 April, 2012, 2:53 pm
The biggest Mac botnet ever encountered, the OSX/Flashback botnet, is being hit hard. On April 12th, Apple released a third Java update since the Flashback malicious code outbreak. This update includes a new tool called MRT (Malware Removal Tool) which allows Apple to quickly push malware removal code to their user base. The first mission … Read More…
(No Ratings Yet) Loading ...Pinterest security update
By Cameron Camp at 12 April, 2012, 5:26 am
We recently highlighted a security walkthrough on Pinterest.com, the pinboard style sharing website that’s taking the social media by storm. Since then, they’ve continued to grow, and continued to have accompanying growing pains common in organizations with rapid growth. Here we highlight ways they are adapting, changes they are making, and what it means to … Read More…
(No Ratings Yet) Loading ...Will of the WISP: Your company’s Written Information Security Program
By Stephen Cobb at 11 April, 2012, 6:41 am
Does your company have a written information security program? If not, you could be an easy target for cybercriminals AND end up on the wrong side of the law, regardless of where your company is located or what size it is. Which law? Something they passed about two years ago in the Commonwealth of Massachusetts, … Read More…
(No Ratings Yet) Loading ...Mac Flashback Trojan: If you use Java the time to patch your Mac is now
By Stephen Cobb at 5 April, 2012, 11:39 am
If you are a Mac user and you have Java installed on your Mac, then right now would be a good time to run Software Update… from the Apple menu to make sure you have installed the latest Java for Mac OS X update. Installing this update will help protect your Mac from a malicious … Read More…
(No Ratings Yet) Loading ...
