Having been blogging this topic for quite a while, I figure this might be a good time to highlight some of the snippets of information that people have posted on some of those blogs (anonymized, of course). You might also be interested in a resource page I've started here at AVIEN.One prospective victim instructed to connect via the Run window to www.support.November 27, 2011 | San Diego, CA
On the "old hoaxes never die" tack,it seems that last year's Christmas Tree App "virus" warning is circulating again: at any rate, Facecrooks has found it necessary to put a warning on its Facebook page against spreading it.There is plenty of information available about this little beauty, so I'll just give you a few pointers:Facecrooks cites a write-up at Hoax SlayerSnopes has a write-up hereGeek Squad, which is alleged in the hoax message to have validated the alert, has denied it here (and also thrown in some advice for Facebook users)Graham Cluley included some screen shots and a historical note here, and I gilded the lily with some more information on the CHRISTMA EXEC worm here.As I haven't seen a recent version of the message myself, here's the one that Graham cited in 2010.WARNING!!!!!!….November 24, 2011 | San Diego, CA
Well, not you exactly you, but malls are rolling out technology that tracks customers’ patterns throughout the mall using cell signals. They say they aren’t collecting personal information, but say they want to be able to track customer traffic patterns, for example, how many customers visit Starbucks after visiting Nordstroms.The technology, called FootPath, is being rolled out at a mall in California and Virginia. There are signs hanging around the mall describing the technology, and apparently customers may opt-out by turning off their mobile devices.November 24, 2011 | Bratislava
ESET, the leader in proactive protection against cyber-threats, has released its flagship product for the mobile Android platform ESET Mobile Security. With ESET Mobile Security, the company offers advanced protection for three operating systems including Symbian, Windows Mobile and Android. ESET Mobile Security for Android is available for download from the company’s website, ESET.com.November 22, 2011 | San Diego, CA
SCADA, an old, stodgy network setup for controlling infrastructure, is hitting the headlines in force for falling victim to cyber scammers. There have been several incidents of unauthorized access to the Supervisory Control and Data Acquisition (SCADA) recently, from guessing simple passwords, to full-on spear phishing attacks against a hardware vendor, which were then used to access infrastructure equipment at a water treatment site without permission. While we’ve discussed industrial hacking here and here, we now see more exploits in the wild.The attacks range from targets-of-opportunity, basically checking every car at the mall for an open door or cracked window, to one targeting credentials at an upstream equipment supplier.November 21, 2011 | San Diego, CA
Awhile back we noticed signals from the US Pentagon that they were considering the possibility of a traditional military response to cyber attacks on US physical infrastructure. Basically, a cyber attack on infrastructure could be considered an act of war. We now see the official report released, confirming this.The report states, “When warranted, we will respond to hostile acts in cyberspace as we would to any other threat to our country.November 16, 2011 | San Diego, CA
SOPA and PIPA are pieces of legislation currently under consideration in the United States Congress that have serious implications for DNS, the Domain Name System which makes possible the Internet as we know it. To give them their full names these bills are HR 3261, the Stop Online Piracy Act (SOPA), and S.968, the Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011 or PROTECT IP Act (PIPA). What follows is an open letter to Congress explaining why these bills, as currently written, are bad for the Internet and bad for our economy.November 15, 2011 | San Diego, CA
Months back a rather vocal series of micro-hacktivist groups formed a somewhat larger, more vocal pseudo-organized non-organization ruled essentially democratically via IRC (among other things), attempting to cast light on perceived misdeeds by the large corporation (or government organization) du-jour they thought had behaved badly. The idea was to hack an organization, parade them around a bit, hopefully attracting attention to convince them to get right with the world and the greater good.Now months later, some announced attacks have gone as planned, and others (shutting down NYSE on a given date) never came to fruition (well yet anyway). So are they to be believed as an organization, and – more importantly – is this an idea who’s time has come, or just a passing fad?During the nascent stages of the Occupy Wall Street (and others) movement, Anonymous chimed in saying they would provide collateral support aiding the folks on the ground, sort of a synergistic parallel movement online, marching “virtually” along with the sign bearers, and possibly even defending them against perceived heavy-handed treatment by law enforcement (and the alleged proxy forces behind them).