Monthly Archives: April 2011

Vanya Kaspersky home and safe

Some people might have heard the news that the son of Eugene Kaspersky was kidnapped last week. This sort of nightmare scenario is the worst thing any parent could imagine and so it is with some relief that I can post that Vanya is home and safe, and the kidnappers are awaiting trial, having been captured.

A message from Eugene is here:

I am sure every member of AVIEN will join me in sending my best wishes to Eugene and family, and expressing our gladness that this awful situation turned out with the best possible result in the circumstances.
Andrew Lee


Fame at Last?

I’ve spent a lot of time this morning looking through a wave of comment spam that’s hitting this blog. Interesting and instructive, perhaps even flattering that suddenly we’re worth a serious spam attempt (is that because I’ve started using this for resources blogs, I wonder?), but not really attractive as a regular chore.

This isn’t a blog that attracts a lot of comments in the ordinary way, but I don’t want to go straight to stopping comments altogether. So for the moment, you’ll have to register to comment. I suspect that won’t be much of a delaying tactic, but we’ll see, I guess. I don’t usually get much involved with blog maintenance (as opposed to writing the things…), so I’m just feeling my way here.

Apologies in advance for any inconvenience.

AVIEN Dogsbody
ESET Senior Research Fellow

Status Epsilon-icus*

Ok. That wasn’t the last update.

And very possibly the last update here (the target blog suggests why…): Epsilon Overkill and the Security Ecology

Update 3: Rebecca Herson evaluates some of the advice given by Epsilon customers for coping with the phlurry of phish anticipated post-Epsilon:

Links and a little extra irony from me:

Update 2: a discomfiting suggestion that there was a longstanding problem that Epsilon were actually aware of:,epsilon-breach-used-four-month-old-attack.aspx (hat tip to Kurt Wismer, again)

Update: a few more articles you might find worth reading.

It’s reasonable to assume that the Epsilon fiasco will lead to an epidemic: at any rate, luminaries such as Brian Krebs and Randy Abrams are making that assumption, and publishing some excellent proactive advice accordingly. So rather than go over the same ground, I’ll just cite some of the more useful blog posts around that.

Two highly relevant posts by Brian Krebs:

And two relevant posts by Randy:

A list of companies known to have been affected from ThreatPost:

And a characteristically to-the-point rant by Kurt Wismer on why it wouldn’t be an issue in a sane world:

*Yes, a rather forced pun, I know. 

AVIEN Dogsbody
ESET Senior Research Fellow