http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2012-09-11 18:50:56 - The AVIEN Blog : Here are some recent unedited comments to one of my ESET articles on support scamming The latest comments to How to recognize a PC support scam include three particularly interesting comments The first includes a couple of phone numbers that might be worth investigating The second indicates an oddity as regards the scammer s caller ID, and http://www.secuobs.com/revue/news/398953.shtmlhttp://www.secuobs.com/revue/news/398953.shtml Secuobs.com : 2012-08-28 08:16:13 - The AVIEN Blog - Report received via the ESET blog of a scam call using the ASSOC and Event Viewer ploys scammer used the name Alex Parker, and said his company was Creative Solutions Online creativesolutionsonlinenet Whocallsmecom came up with a number 4034563615 used by scammers claiming to represent the same company, or for Windows Internet Office address given http://www.secuobs.com/revue/news/396175.shtmlhttp://www.secuobs.com/revue/news/396175.shtml Secuobs.com : 2012-08-24 21:47:30 - The AVIEN Blog - More about PC support scams First, here s a somewhat free translation of part of an article at http wwwwaarschuwingsdienstnl Risicos Actuele dreigingen Softwarelekken WD-2012-069 Malware besmetting infecteert office bestandenhtml that describes the support scam gambit described in Dorifel Quervar the support scammer s secret weapon whereby victims in the Netherlands, where Dorifel is somewhat prevalent, have been rung by scammers offering help with removal of the virus By http://www.secuobs.com/revue/news/395631.shtmlhttp://www.secuobs.com/revue/news/395631.shtml Secuobs.com : 2012-08-21 09:43:57 - The AVIEN Blog - more info from readers of ESET s Threatblog on globalpchelplinecom, IPC Support, and Online Tech And did you know that your motherboard has a CLSID No, it doesn t David Harley http://www.secuobs.com/revue/news/394788.shtmlhttp://www.secuobs.com/revue/news/394788.shtml Secuobs.com : 2012-08-09 23:17:02 - The AVIEN Blog - It occurs to me that I haven t flagged here a couple of updates to the scam resources page that I ve made this month Misrepresenting System Utility Output 6th August Support Scam Anna-lytics and a very dodgy phone number 9th August 2012 I need to put in some anchors to those sections, but at the moment http://www.secuobs.com/revue/news/392727.shtmlhttp://www.secuobs.com/revue/news/392727.shtml Secuobs.com : 2012-07-15 15:36:25 - The AVIEN Blog - I haven t updated the scam resources page on the AVIEN blog site since November 2011 Mea Culpa However, that doesn t mean I haven t been beavering aways at raising awareness of this scam among readers of my blog, the security industry, and not least law enforcement So I ve finally got around to updating the page Firstly, I ve http://www.secuobs.com/revue/news/387351.shtmlhttp://www.secuobs.com/revue/news/387351.shtml Secuobs.com : 2011-12-02 16:49:20 - The AVIEN Blog - Well, that s not particularly unusual in itself, except that it s been flagged by the Internet Storm Center as a happening right now and b escalating somewhat dramatically in fact, it appears to resemble the lizamoon attack which was reported as affecting around a million sites earlier in the year According to Mark Hofman, if you re in http://www.secuobs.com/revue/news/345039.shtmlhttp://www.secuobs.com/revue/news/345039.shtml Secuobs.com : 2011-11-30 13:45:21 - The AVIEN Blog - Having been blogging this topic for quite a while, I figure this might be a good time to highlight some of the snippets of information that people have posted on some of those blogs as the comments I quoted were all to ESET articles, I ve posted that information on the ESET blog too, in Support-Scammer Tricks, but http://www.secuobs.com/revue/news/344559.shtmlhttp://www.secuobs.com/revue/news/344559.shtml Secuobs.com : 2011-11-09 20:04:47 - The AVIEN Blog - In the wake of a blog I posted today at ESET, on my perennial warhorse of support scams and cold-calling, I ve been talking to Martijn Grooten of Virus Bulletin and Steve Burn, both of whom contributed to that article While we and other people in the industry hack away from time to time at this unpleasant but http://www.secuobs.com/revue/news/339780.shtmlhttp://www.secuobs.com/revue/news/339780.shtml Secuobs.com : 2011-09-22 12:19:09 - The AVIEN Blog - An interesting and instructive story flagged by Softpedia Turkish Hackers Confuse Israel with Palestine A report by Ilil Ben Zur-Laron for ynetnews, the English language version of a major Israeli news site, quotes Shai Blitzblau, the head of Maglan-Computer Warfare and Network Intelligence Labs, as claiming that Turkish hackers left anti-Israel messages on 70 websites http://www.secuobs.com/revue/news/330359.shtmlhttp://www.secuobs.com/revue/news/330359.shtml Secuobs.com : 2011-09-09 17:47:47 - The AVIEN Blog - I was more than a little flattered to find myself included in Sys-Con Media s Top 25 Most Powerful Voices in Security article by Jim Kaskade Let s not get too excited I just scraped in at number 22 But when I checked through the whole top 100 and saw some very familiar names there, I d have been http://www.secuobs.com/revue/news/328017.shtmlhttp://www.secuobs.com/revue/news/328017.shtml Secuobs.com : 2011-08-15 20:15:26 - The AVIEN Blog - Actually, this has very little to do with Trojans, directly at any rate My face is unlikely to launch a thousand ships though it might sink a few , but my fingers have just launched a new blog at The Geek Peninsula which is intended among other things to address the frustrating fragmentation of outlets for my blogs and http://www.secuobs.com/revue/news/323172.shtmlhttp://www.secuobs.com/revue/news/323172.shtml Secuobs.com : 2011-08-07 17:29:44 - The AVIEN Blog - and ordinarily, there d be a witty allusion here to Tom Lehrer, who used the same title for one of his songs, but there s a very serious edge to this post The part of the world I live in is mostly spared touch wood the sort of dramatic, extreme disaster that I sometimes discuss here in the context of http://www.secuobs.com/revue/news/321596.shtmlhttp://www.secuobs.com/revue/news/321596.shtml Secuobs.com : 2011-08-05 20:16:08 - The AVIEN Blog - Well, not entirely, my last post notwithstanding Andrew Lee and I have been busily housekeeping and fitting various bits of ideas and web pages together over the last week or so, and have managed to keep more of the old site together than I originally anticipated So I hope it won t sound like I m blowing my own http://www.secuobs.com/revue/news/321373.shtmlhttp://www.secuobs.com/revue/news/321373.shtml Secuobs.com : 2011-07-29 16:58:04 - The AVIEN Blog - but not of AVIEN Since AVIEN has gently declined from being a major player on the fringes of the anti-malware industry to a few low-volume mailing lists, I m reducing its footprint on the web and the drain on the pocketbooks of Andrew Lee and myself subscribers haven t been charged for some time, so there is http://www.secuobs.com/revue/news/319967.shtmlhttp://www.secuobs.com/revue/news/319967.shtml Secuobs.com : 2011-04-30 08:30:50 - The AVIEN Blog - Some people might have heard the news that the son of Eugene Kaspersky was kidnapped last week This sort of nightmare scenario is the worst thing any parent could imagine and so it is with some relief that I can post that Vanya is home and safe, and the kidnappers are awaiting trial, having been http://www.secuobs.com/revue/news/301779.shtmlhttp://www.secuobs.com/revue/news/301779.shtml Secuobs.com : 2011-04-08 12:32:35 - The AVIEN Blog - I ve spent a lot of time this morning looking through a wave of comment spam that s hitting this blog Interesting and instructive, perhaps even flattering that suddenly we re worth a serious spam attempt is that because I ve started using this for resources blogs, I wonder , but not really attractive as a regular chore This isn t a http://www.secuobs.com/revue/news/297087.shtmlhttp://www.secuobs.com/revue/news/297087.shtml Secuobs.com : 2011-04-06 21:04:52 - The AVIEN Blog - It s reasonable to assume that the Epsilon fiasco will lead to an epidemic at any rate, luminaries such as Brian Krebs and Randy Abrams are making that assumption, and publishing some excellent proactive advice accordingly So rather than go over the same ground, I ll just cite some of the more useful blog posts around that http://www.secuobs.com/revue/news/296692.shtmlhttp://www.secuobs.com/revue/news/296692.shtml Secuobs.com : 2011-03-12 22:48:08 - The AVIEN Blog - This is an attempt to bring together a number of disparate blogs highlighting resources I ve been collecting over the past couple of days, relating to the Japanese earthquakes and tsunami Apologies if there s nothing here that s new to you, but I think it s important to spread this information as far as possible This will now http://www.secuobs.com/revue/news/291254.shtmlhttp://www.secuobs.com/revue/news/291254.shtml Secuobs.com : 2011-03-01 00:23:34 - The AVIEN Blog - An interesting, if rather lengthy, article over at InfoWorld discusses the long history of Windows malware though the first few viruses mentioned are strictly speaking not Windows malware at all rather DOS com infectors I m not really sure what these articles tell us, more than that it s been a long and fairly inglorious progression from http://www.secuobs.com/revue/news/288323.shtmlhttp://www.secuobs.com/revue/news/288323.shtml Secuobs.com : 2011-01-24 15:18:00 - The AVIEN Blog - Don t you hate it when people send you reminders meaning here s something I should have told you about before Well, here s something that would have been a reminder if I d actually blogged it here before The next members meeting of AMTSO the Anti-Malware Testing Standards Organization, a body whose intent to raise AV testing standards http://www.secuobs.com/revue/news/280297.shtmlhttp://www.secuobs.com/revue/news/280297.shtml Secuobs.com : 2011-01-14 01:19:28 - The AVIEN Blog - First of all, congratulations to Andrew Lee on his new role as CEO of ESET LLC It s as well that my work for AVIEN is unpaid, as otherwise he d be my boss twice over Reading the press release here, it includes substantial references to AVIEN and the AVIEN book, to which many AVIEN members contributed, http://www.secuobs.com/revue/news/278134.shtmlhttp://www.secuobs.com/revue/news/278134.shtml Secuobs.com : 2010-11-25 16:41:29 - The AVIEN Blog - I spoke at the VB 2010 Seminar in London on ways that Social Engineering can affect your business users During the talk, I used some links for demos many thanks to my good friend Dave Marcus for originally showing me a few of these For those that are interested, here are the links Trend Tracking http://www.secuobs.com/revue/news/267455.shtmlhttp://www.secuobs.com/revue/news/267455.shtml Secuobs.com : 2010-09-25 20:35:46 - The AVIEN Blog - Even if you re not thoroughly sick of the word Stuxnet, you may well be pretty confused as to what the truth about it is I know I am I think it will probably be a while before we get the whole picture, though there are a couple of last minute presentations scheduled for the Virus http://www.secuobs.com/revue/news/251708.shtmlhttp://www.secuobs.com/revue/news/251708.shtml Secuobs.com : 2010-09-22 01:07:00 - The AVIEN Blog - In honour of our 10th Anniversary here at AVIEN, we re sponsoring the pre-dinner drinks reception at the 20th Virus Bulletin Conference in Vancouver next week In case you didn t know AVIEN was formed out of conversations held at Virus Bulletin in 2000, and the relationship has been a long and friendly one between the two http://www.secuobs.com/revue/news/250495.shtmlhttp://www.secuobs.com/revue/news/250495.shtml Secuobs.com : 2010-09-16 23:57:32 - The AVIEN Blog - Virus Bulletin have announced the first in a new series of Seminars Aimed towards the corporate IT Admins and security practitioners, the day long seminar will look at protecting organisations in the modern age of Internet enabled crime Speakers include Bryan Littlefair, Vodafone Group Bob Burls, Police Central e-Crime Unit Graham Cluley, Sophos Alex Shipp http://www.secuobs.com/revue/news/245973.shtmlhttp://www.secuobs.com/revue/news/245973.shtml Secuobs.com : 2010-09-16 23:57:32 - The AVIEN Blog - It s not really related to malware, but this is an interesting article that brings up a few issues that should be highligthed http wwwbankinfosecuritycom articlesphp art_id 2846 Firstly, the cheque images in question are used as a security feature, you can view them online to see when and where they were cashed, and they are attached to a specific http://www.secuobs.com/revue/news/245972.shtmlhttp://www.secuobs.com/revue/news/245972.shtml Secuobs.com : 2010-09-16 23:57:32 - The AVIEN Blog - Intel announced today that it has bought out McAfee, http mcafeecom us about intel_mcafeehtml It s definitely a time of consolidation in the industry, and this is an interesting move on the part of a player that hasn t so far gotten it s feet wet in the software security arena although Intel Capital has invested in other AV companies such as http://www.secuobs.com/revue/news/245971.shtmlhttp://www.secuobs.com/revue/news/245971.shtml Secuobs.com : 2010-09-16 23:57:32 - The AVIEN Blog - In what seems to be something of a trend for big investments or buyouts of AV companies, AVAST, the Czech based makers of the popular free AVAST Anti-virus, have sold a minority stake in their company to investment firm Summit Partners http wwwitnewscomau News 229866,avast-takes-113m-equity-injectionaspx AVAST formerly ALWIL software has long been in the free anti-virus game, as http://www.secuobs.com/revue/news/245970.shtmlhttp://www.secuobs.com/revue/news/245970.shtml Secuobs.com : 2010-09-16 23:57:32 - The AVIEN Blog - In an interesting piece of research, Michael Sutton details the vulnerability opened up by leaving HP s Webscan service enabled on your network attached scanner printer devices http researchzscalercom 2010 08 corporate-espionage-for-dummies-hphtml This really does highlight the fact that, when thinking about security, it is never good to assume anything Any device attached to your network should be thoroughly examined, and http://www.secuobs.com/revue/news/245969.shtmlhttp://www.secuobs.com/revue/news/245969.shtml Secuobs.com : 2010-09-16 23:57:32 - The AVIEN Blog - This is a really good article about how poor security products can appear to work, but actually increase the problem http hackersorg blog 20100904 the-effect-of-snakeoil-security The article also links to a good article about the ACUTrust product which no longer exists http hackersorg acutrust which contains the following quote like most systems that use cryptography it is not a vulnerable http://www.secuobs.com/revue/news/245968.shtmlhttp://www.secuobs.com/revue/news/245968.shtml Secuobs.com : 2010-09-16 23:57:32 - The AVIEN Blog - In a frankly bizarre incident, a young British teen has been banned for life from entering the USA, after sending an abusive and threatening email to the Whitehouse email account The 17 year old escaped criminal prosecution, but will be denied the opportunity to ever visit the land of opportunity Though this lad probably just http://www.secuobs.com/revue/news/245967.shtmlhttp://www.secuobs.com/revue/news/245967.shtml Secuobs.com : 2010-07-14 11:53:17 - The AVIEN Blog - They say there s no such thing as bad publicity, though quite who they are, and why they would make such a clearly daft statement is beyond me It seems that AMTSO has had it s fair share of bad publicity recently - a further example is the piece by Ed Moyle over on his blog at http://www.secuobs.com/revue/news/240465.shtmlhttp://www.secuobs.com/revue/news/240465.shtml Secuobs.com : 2010-07-13 13:56:41 - The AVIEN Blog - David Harley has now started to maintain a log of media mentions of AMTSO over on the AMTSO blog http amtsowordpresscom amtso-in-the-media It s hoped this will contain all articles good or bad about AMTSO, so please leave a comment over there if you see some article that s not listed Andrew Lee AVIEN CEO CTO K7 Computing http://www.secuobs.com/revue/news/240029.shtmlhttp://www.secuobs.com/revue/news/240029.shtml Secuobs.com : 2010-07-09 19:32:46 - The AVIEN Blog - The people who are condemning AMTSO and their efforts are in some cases well respected in the general security arena, and are very knowledgeable, and this is the rub These people, most people in academia, and in management as well do not recognize Malware research and prevention as a specialty niche http://www.secuobs.com/revue/news/239192.shtmlhttp://www.secuobs.com/revue/news/239192.shtml Secuobs.com : 2010-07-07 12:48:45 - The AVIEN Blog - First, let me start out by saying that I am in a bad mood I probably shouldn t write when I m in this mood, because I m in danger of just ranting, but I m going to anyway I m in a bad mood because I am pretty fed up that some people are so deliberately trying to destroy http://www.secuobs.com/revue/news/238317.shtmlhttp://www.secuobs.com/revue/news/238317.shtml Secuobs.com : 2010-07-05 08:17:44 - The AVIEN Blog - Our reader may note that it s been quiet around here for a few weeks Far from this being due to a lack of news, it s rather that there have been a huge number of other things demanding time and attention Not least of these is me trying to submit my master s thesis on time, that http://www.secuobs.com/revue/news/237621.shtmlhttp://www.secuobs.com/revue/news/237621.shtml Secuobs.com : 2010-06-10 23:10:50 - The AVIEN Blog - Well, actually, it s an old one It s at the Mac Virus site I kicked back into life a few months ago, primarily as a blog site However, I ve been under some pressure to restore some of the features of the old Mac Virus site While I ll be restoring some more of the pre-OSX stuff for its historical http://www.secuobs.com/revue/news/230513.shtmlhttp://www.secuobs.com/revue/news/230513.shtml Secuobs.com : 2010-06-10 15:20:44 - The AVIEN Blog - Given all the hype generated by the ridiculously titled Gawker Article about the so called iPad hack, I m somewhat reluctant to add to any more of the noise over what is really a pretty run of the mill story, but because I m procrastinating on other jobs, I ll write something Warning this story does involve the http://www.secuobs.com/revue/news/230384.shtmlhttp://www.secuobs.com/revue/news/230384.shtml Secuobs.com : 2010-05-27 11:58:43 - The AVIEN Blog - Yesterday there was widespread reportage of one of those periodic stories that make media types drool and make security experts cringe in despair However, this summer slow day news story was so widely mis reported, that it does bear commenting on The story in question was titled by the BBC as First Human Infected with Computer Virus http://www.secuobs.com/revue/news/226222.shtmlhttp://www.secuobs.com/revue/news/226222.shtml Secuobs.com : 2010-05-05 11:30:41 - The AVIEN Blog - The LoveBug Loveletter Iloveyou worm much more geekishly called VBS Lovelettera mm by, well, AV geeks has become one of those legendary events in malware history The fact that 10 years on we re still writing about it Not only that, but many of us will remember exactly where we were and what we were doing when we first heard http://www.secuobs.com/revue/news/218977.shtmlhttp://www.secuobs.com/revue/news/218977.shtml Secuobs.com : 2010-05-04 19:15:31 - The AVIEN Blog - I don t think I ve ever seen Kramer versus Kramer , but I did actually read the novel by Avery Corman, a long, long time ago And I have a vague recollection of Ted Kramer saying something to his wife Joanna about the birth of their son, and of her responding that she doesn t remember Ted having http://www.secuobs.com/revue/news/218713.shtmlhttp://www.secuobs.com/revue/news/218713.shtml Secuobs.com : 2010-04-22 13:18:28 - The AVIEN Blog - I know this Blog is devoted primarily to computer security, specifically emphasizing Malware issues I d like you to indulge me for a small side trip to another area of security that impacts most of us, and hopefully this will fire some stray neurons and perhaps give ideas and insight to how we do business This all http://www.secuobs.com/revue/news/214878.shtmlhttp://www.secuobs.com/revue/news/214878.shtml Secuobs.com : 2010-04-22 13:18:28 - The AVIEN Blog - Sometimes I think I should just stop killing myself multi-blogging and retweet Graham Cluley s blog URLs This is a good item, anyway The web site Please Rob Me, not the Sophos blog mashes together content from Foursquare and Twitter, providing an easy way for potential burglars and stalkers to find out where you are supping your cappuccino, http://www.secuobs.com/revue/news/214877.shtmlhttp://www.secuobs.com/revue/news/214877.shtml Secuobs.com : 2010-04-22 13:18:28 - The AVIEN Blog - This is a blog I nearly put up here, but then thought it was about time I did an ISC 2 blog, so it s here instead http blogisc2org isc2_blog 2010 02 demotivational-speakinghtml However, I suspect the issue will strike chords with many people in AVIEN, too The article that sparked off my commentary is at http hbswkhbsedu archive 5289html http aviennet blog p 389 Educating the CIO and http aviennet blog p 368 Who will educate http://www.secuobs.com/revue/news/214876.shtmlhttp://www.secuobs.com/revue/news/214876.shtml Secuobs.com : 2010-04-22 13:18:28 - The AVIEN Blog - So, we hear the news that Google really has ceased censorship in China At least, that is the meme currently working its way around the internet Actually, this is rather disingenuous, and shows a particularly unsavoury side of how the Google PR machine really works If you ve been living on Mars or want some background, here http://www.secuobs.com/revue/news/214875.shtmlhttp://www.secuobs.com/revue/news/214875.shtml Secuobs.com : 2010-04-22 13:18:28 - The AVIEN Blog - I don t know what Peter Norton is up to these days In the anti-virus industry, he s probably best remembered for a the security products marketed by Symantec that still bear his name though not the famous pink shirt photograph , though he sold his company to Big Yellow about 20 years ago In researcher circles, he s also http://www.secuobs.com/revue/news/214874.shtmlhttp://www.secuobs.com/revue/news/214874.shtml Secuobs.com : 2010-04-22 13:18:28 - The AVIEN Blog - The horrific Russian suicide bombings have, inevitably, generated a load of blackhat SEO search engine optimization attacks, not to mention Twitter profile attacks, using topical keywords to lure victims into running malicious code I ve blogged on that elsewhere recently eg Here come more of the Ghouls , at http wwwesetcom blog 2010 03 30 here-come-more-of-the-ghouls - so I won t repeat myself here However, I http://www.secuobs.com/revue/news/214873.shtmlhttp://www.secuobs.com/revue/news/214873.shtml Secuobs.com : 2010-04-22 13:18:28 - The AVIEN Blog - The latest Virus Bulletin Anti-Malware product test, the largest ever of it s type a mammoth 60 product test demonstrates several things that testing Anti-Virus products never gets any easier that discussing or dissing the tests never gets any less popular and that the results of testing are never less than controversial Virus Bulletin has been in http://www.secuobs.com/revue/news/214872.shtmlhttp://www.secuobs.com/revue/news/214872.shtml Secuobs.com : 2010-04-22 13:18:28 - The AVIEN Blog - I m seeing a lot of traffic about a story in the Boston Globe and taken up elsewhere suggesting that changing passwords is a waste of time Well, actually, the study by Cormac Herley doesn t exactly say that, and I suggest that you read the actual study to see what it does say It s actually well worth http://www.secuobs.com/revue/news/214871.shtmlhttp://www.secuobs.com/revue/news/214871.shtml Secuobs.com : 2010-04-22 13:18:28 - The AVIEN Blog - If you re expecting me to try to capitalize on the misfortunes of McAfee and more so of its customers because I work for another vendor, boy, are you looking at the wrong blog This is yet another case of there but for the grace of God no vendor is immune to false positives, and while we would http://www.secuobs.com/revue/news/214870.shtmlhttp://www.secuobs.com/revue/news/214870.shtml