RSS Alerts
Click here...

Tag Cloud

BUSINESS VALUE Blackhat SEO hacking Web Security malware Compliance Rogue AV compromised sites

Bloggers

Blog

Follow and talk to Infosecurity's bloggers.

Follow Infosecurity's bloggers as they share their thoughts on the industry, technology, and much more. Our bloggers have been selected for their industry expertise. They welcome interaction, so we encourage you to add your opinions to theirs.

0
comments
Virus Alert! Twitter, Google, Hallmark and Others Subject To Attack
The eSoft Threat Prevention Team is warning customers today of a new email scam circulating very quickly.  These fraudulent emails claim to be from Google Staffing, Hallmark, Twitter as well as other social networks and legitimate businesses. The email persuades the user to open the attached ...
Posted 05 March 2010 by Patrick Walsh
tags: virus , bot , spam
0
comments
Making the Management of Security Compliance Easier!
As you all know, I have two main pet themes: Risk Management and Compliance Management as I see very often that there is room for improvement when it comes to such processes within our customers. Internally, we often think about how we can make it easier for our customers to manage compliance in the ...
Posted 18 February 2010 by Roger Halbheer
tags: Compliance , Policy
0
comments
Hotmail Users Look for Answers in Dangerous Places
An outage of the Windows Live ID service affected a large number of MSN users today, including users of the popular Hotmail email service. Hotmail is one of the largest web-based email outlets and not surprisingly news of the outage spread quickly as users were not able to access their email. Th ...
Posted 17 February 2010 by Patrick Walsh
tags: Blackhat SEO , PageRank Bomb , Rogue AV , Fake AV , Rogue Anti-Virus
0
comments
IRS Tax Avoidance Scam
Today, eSoft is alerting customers to a new targeted email scam. This newest twist to the common IRS email scam seems to be targeted to organizations, notifying the recipient of a tax evasion complaint being filed against the company. Opening the file infects the user's machine with dangerous t ...
Posted 08 February 2010 by Patrick Walsh
tags: Fraud , Virus , Malware , Scam
0
comments
Fake Firefox Update Pages Push Adware
Since its’ release on January 21st, the newest version of the Firefox web browser has received a great deal of attention. In just a short time it has achieved over 30 million downloads. Adware pushers are capitalizing on the success of Firefox, packing ad serving software in with the prog ...
Posted 03 February 2010 by Patrick Walsh
tags: firefox , adware , web security
0
comments
SPAM! Well, it's finally caught up with me - as confirmed by the research
I have lots of email addresses, but there's one that I use as the main catch all one, it’s the one I usually give to most people, and it's the one account I like to clean and clear out regularly. Because it is the most publicised one of all my many accounts, it's the only one that I receive SP ...
Posted 02 February 2010 by Sarb Sembhi
tags: not tagged.
0
comments
I've been hacked - Give me back my money
I recently read a story where a business bank customer had $800K stolen from her business account, and although the bank has been able to recover $600K, there is still the outstanding $200K. The customer is claiming that the bank lacked good security, and the bank is claiming that it had good securi ...
Posted 02 February 2010 by Sarb Sembhi
tags: not tagged.
0
comments
Super Bowl associations: football, nachos, big screens and … malware?
The Super Bowl is the one of the biggest and most watched television events of the year in the United States. People everywhere scour the internet looking for predictions, gambling spreads and news before the event and scores, stories and clips after the event. In anticipation of the increased ...
Posted 19 January 2010 by Patrick Walsh
tags: Blackhat SEO , PageRank Bomb , Web Security , Rogue AV , Google Search
0
comments
Lack of Egress Filtering Spurs Success of Injected IFrame Attack
The security community at large and the eSoft Threat Prevention Team have recently noticed an uptick in sites compromised by a new injection attack that results in an injected iframe. This attack can be recognised by its attempts to masquerade the malicious script as GNU, GPL or LGPL.  GPL and ...
Posted 18 January 2010 by Patrick Walsh
tags: Web Security , Injection Attack
0
comments
MTaS: Malware Testing as a Service
Well, in my last post I wrote about the prices for malware. Today I read the next evolution of this: The possibility of having malware tested against anti-malware tools – not to make sure malware is really recognised, no, the other way round: To make sure it is not recognised. I read this art ...
Posted 05 January 2010 by Roger Halbheer
tags: not tagged.
0
comments
The Cybercriminal’s Wish List
I know that Christmas is over and I know how my kids actually compile a Wish List: They take most of the ads (which are targeted to them) and glue them onto a piece of paper for mum and dad to make sure that everything can be found under the Christmas tree… I guess you know the drill. If you ...
Posted 01 January 2010 by Roger Halbheer
tags: not tagged.
0
comments
Live.com Exploited as Pharma-Fraud Cover
The FDA crackdown on online pharmacy sites has driven a lot of attention to illegal and fraudulent online pharmacies and in particular to their methods for tricking people to visit their sites. These practices include prolific spam and search engine poisoning. eSoft’s Threat Prevention Team h ...
Posted 23 December 2009 by Patrick Walsh
tags: Spam , Fraud , Pharma-Fraud
0
comments
Boeing 787 searches hijacked by rogue anti-virus
Today, the Boeing 787 Dreamliner jet completed its much awaited first flight. As users searched to find videos and news articles related to the story, blackhats quickly moved in for yet another attack against Google search results. The most popular search for several hours today was “787 fi ...
Posted 16 December 2009 by Patrick Walsh
tags: Web Security , Rogue AV , Google Search , Blackhat SEO
0
comments
Beware of MySpace JPG File Downloader - GTALK Messenger Infection
The malware infection attack surface is increasing day by day. Recently, some of the infected machines with different malware classes such as file downloader are using GTALK for downloading JPG based files from the internet. Actually this file is not a JPG file but a zipped file that contains an ex ...
Posted 15 December 2009 by Aditya K Sood
tags: Malware , Messenger
0
comments
CIO required - security background essential
Normal 0 false false false EN-GB X-NONE X-NONE ...
Posted 11 December 2009 by Sarb Sembhi
tags: programming background , security professionals , security background , CIO
0
comments
Dedicated Spamming - NING House of Hackers Network
The internet world has become a playground for spammers. Every day there is a new attack pattern. You will find one or another social networking website facing this problem. The reason for this trend is the centralised working of these websites. The interconnection among identities have helped the s ...
Posted 11 December 2009 by Aditya K Sood
tags: WEB , Spamming , Ning , hackers , spam
0
comments
Get Safe Online: Don’t be a Money Mule
You know, there are people who blog late, there are people who blog very late and then there is me… I actually missed that one even though I was triggered: Mid November there was the Get Safe Online Week 2009 in the UK. Usually they do really good stuff and this is the reason I usually blog ...
Posted 04 December 2009 by Roger Halbheer
tags: Consumer
0
comments
Reverse Honey Traps - Beating Online Anti-virus Engine in its Own Game
The web is ever changing arena. Online anti-virus engines provide a diversified functioning of analysing a malware executable thereby providing efficient analysis. This is an online democracy of anti-virus engines. But every positive entity can be transformed into a playground and players can be be ...
Posted 25 November 2009 by Aditya K Sood
tags: Antivirus , Honeytraps , Web
0
comments
Blackhats Unleash Fake Blog Campaign Spreading Rogue AV
In September, eSoft reported as many as 720,000 compromised sites hosting fake blog pages and being used to distribute rogue anti-virus programmes. Many of these sites are still active and continue to plague searches with malicious results. Earlier today, Cyveillance issued this report of a nearl ...
Posted 18 November 2009 by Patrick Walsh
tags: web security , compromised sites , rogue AV , malware
0
comments
CoolerEmail Hit by Phishing Scam
CoolerEmail is notifying customers of a new phishing scam used to steal login credentials. The web based email marketing programme carries an impressive client list including Walmart, Toyota, Pepsi and dozens of other big name brands. Any phished credentials can be used to impersonate these companie ...
Posted 13 November 2009 by Patrick Walsh
tags: Phishing , Web Security
1
comment
Ten Computer Hacks In The Movies
Some of the most successful blockbuster films released in the last two decades have been themed on the potential destruction that computer hackers can cause. Here are some of Hollywoods top hacking themed movies. Swordfish A secretive renegade counter-terrorist co-opts the world's greatest hac ...
Posted 29 October 2009 by Slack Alice
tags: movie computer hackers , hacks in the movies , hacking in films
0
comments
Compromised Web Servers Host Koobface Malware Cocktail
The Koobface gang has struck again using compromised web servers to deliver a potent mix of malware. eSoft threat researchers have found hundreds of newly exploited sites hosting malware which includes downloaders, keyloggers and multiple variants of the Koobface worm. Attackers using compromised ...
Posted 21 October 2009 by Patrick Walsh
tags: Web Security , Koobface , Social Networking , Social Engineering , Compromised Sites
0
comments
Unresolved Compromised Fox Sports Host Heading Into Third Week
eSoft first detected a compromise on the Fox Sports website two weeks ago and as of today, at least one Fox Sports host continues to contain automatic links to a multitude of dangerous exploits.  Even with media coverage and direct emails, this compromised host has not be taken offline or clean ...
Posted 17 October 2009 by Patrick Walsh
tags: Compromised Sites
0
comments
AJAX-JSON - Inside Crux
The development is occurring at a rapid pace. The innovation is going on. The web is transitioning from the web 1.0 to web 2.0. The implementation structures of various technologies have changed. The Web 2.0 has revolutionized the web in a stringent manner from all the perspectives. The Asynchronous ...
Posted 13 October 2009 by Aditya K Sood
tags: AJAX , JSON , Web 2.0
0
comments
Recapping the Fox Sports Website Compromise
On October 2nd eSoft published a blog warning visitors of the Fox Sports website about compromised pages with the potential to serve malicious software. To date, the threat remains on their website despite direct warnings to Fox Sports webmasters and domain contacts of the infection. This website ...
Posted 09 October 2009 by Patrick Walsh
tags: Compromised Sites , Web Security
3
comments
Web 2.0 – Truth and Lies in AJAX World
Web 2.0 has metamorphosed the complete scenario of internet. In the AJAX world, most of the working functionality is derived by efficient technology methods and ingrained software dependency. In order to scratch deep down the bottom the differential aspect of this technology must be understood. The ...
Posted 08 October 2009 by Aditya K Sood
tags: AJAX , JSON , WEB 2.0
0
comments
The Africa Cable – A Chance for Africa! – A Threat for the Internet?
The development in Africa especially with the new broadband services to me is a huge chance for the whole continent. I just found a map (Image 1) on the next two years. Even though I have not been in Africa over the last few months, I heard that in different cities fiber is brought directly to the ...
Posted 07 October 2009 by Roger Halbheer
tags: Trends , Broadband
1
comment
Why Linux servers are more secure than Windows
The Linux/Windows debate is an oldie but a goodie, and there have been many long threads on most computer related forums discussing their relative merits. Linux is free, open-source and community based. Windows is expensive, professionally developed and has effectively held a monopoly over the sof ...
Posted 06 October 2009 by Slack Alice
tags: linux , it security , microsoft windows , servers
0
comments
Your password isn't safe - take this simple test to find out how many minutes it would take to crack
There's a well-known saying in information security that the weakest part of any computer system is the person using it. One area where this becomes abundantly clear is in the use of passwords. Allowing users to choose their own passwords can be fatal, with most people not having the first clue abou ...
Posted 06 October 2009 by Slack Alice
tags: online security , passwords , hacking
0
comments
When hacking is legal
The Merriam-Webster dictionary gives two different definitions of “hacker” related to computer security. A hacker is either “an expert at programming and solving problems with a computer” or “a person who illegally gains access to and sometimes tampers with information ...
Posted 06 October 2009 by Slack Alice
tags: hacking
0
comments
Why retina scanning works better for James Bond than it ever would for us
Since the late 80s retinal scanning has been featured in a whole bevy of sci-fi and action films. It's been the security system of choice for some of the silver screen's top spies: James Bond used it in GoldenEye and Ethan Hunt in the Mission Impossible movies. As a result, whilst retinal scanning m ...
Posted 06 October 2009 by Slack Alice
tags: retina scanning , james bond
0
comments
Which famous Twitter accounts have been hacked?
Early in 2009, Twitter suffered two major security lapses. Once when a wave of highly successful phishing campaigns were successful in obtaining a lot of Twitter passwords, and then again when an 18 year old hacker and student of computer games development brute-force'd an administrator account. In ...
Posted 05 October 2009 by Slack Alice
tags: twitter , hacking , barack obama
0
comments
Thoughts on the registered traveler programmes at airports
When I entered the US this time, I got a brochure on how I could avoid the line at immigration and just get a fast track by registering with the Global Entry Program, a programme, which would pre-screen me and then I just have to register with a machine by entering the US. As I understand, this is a ...
Posted 30 September 2009 by Roger Halbheer
tags: Privacy , Processes
0
comments
Hey, You, Get Off of My Cloud
I recently had different discussions with different customers and we were looking into the key questions to ask, when you plan to move to the cloud (yes, I am working on a corresponding blog post). I was then asked whether we have an answer to these questions – well no. For sure not for a ...
Posted 27 September 2009 by Roger Halbheer
tags: Cloud Computing
0
comments
Why it pays to be secure - Chapter 2 - Vulnerabilities
The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. http://www.microsoft.com/security/portal/sir.aspx Updatin ...
Posted 23 September 2009 by Roger Halbheer
tags: Business Value
0
comments
Moving to the Cloud: Where it worked and where I was challenged
I am running a whole environment at home to experience our technology. However, up to now it was all “on premise”, no Cloud integration. This has to change. Therefore I was more than happy to join our internal  Hosted Exchange 14 beta program. We are offering the hosted Exchange pro ...
Posted 21 September 2009 by Roger Halbheer
tags: Cloud Computing
0
comments
Microsoft SDL Team Releases New Security Testing Tools
I often mention that we try to give you all the tools we have as long as it makes sense form a risk perspective. The risk perspective is a simple one: If we give it to you as our customer, we give it as well to the criminals. There are two new tools which just made the bar and which are now release ...
Posted 16 September 2009 by Roger Halbheer
tags: Development
3
comments
H1N1 (Swine) Flu Preparedness - Guide for Critical Infrastructure and Key Resources
This morning I stumbled across a guide by the US Health & Human Services with regards to H1N1. Even though it did not catch much news lately I am not sure whether it is really over. Staying prepared it definitely not a bad thing. Even though it is US-centric, you should probably look into it: ht ...
Posted 16 September 2009 by Roger Halbheer
tags: Incident Response
0
comments
French mobile data, VPNs and email
Just got back from a 10-day holiday in Paris, which was great, apart from the fact that, as many IT professionals will understand, you still need to stay on top of your email. I could have taken my trusty Blackberry, but since my journalist's job involves a lot of web surfing, I really needed a not ...
Posted 14 September 2009 by Steve Gold
tags: BUSINESS VALUE , AUTHENTICATION , VPN
0
comments
Why it pays to be secure - Chapter 1 - Data Breaches
In my first post here, I opened the field for a series on “Why it pays to be secure”. As I told you there, Henk van Roest, our Security Support Program Manager in EMEA kicked this off for internal training. Let’s return to the theme of deploying security updates once more, we need ...
Posted 14 September 2009 by Roger Halbheer
tags: Compliance , Policies , Business Value , Processes
0
comments
Why it pays to be secure
You might all know that feeling: You need money to finance security activities and you are asked why this money shall be invested. And then we start to argue that if we do not do it – bad things happen. These are questions that myself and our support get often. That was the reason why we start ...
Posted 11 September 2009 by Roger Halbheer
tags: Processes , Policies , Business Value , Compliance
View the RSS feed for this blog »
Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water