Tag Archives: Infosecurity Magazine

Fake BSOD, Fake Tech Support

Tara Seals for Infosecurity Magazine: Tech Support Scam Malware Fakes the Blue Screen of Death

“The infamous Blue Screen of Death (BSOD) is one of the most-dreaded sights for Windows users. Adding insult to injury, a new malware is making the rounds that fakes a BSOD, and then tries to swindle victims into paying for tech support tools.”

Malwarebytes describes ‘Troubleshooter’ as a hijacker, but it’s one of those instances where a tech support scam edges close to ransomware.

David Harley

Pre-KeRanger Mac Ransomware

While working on an internal project at ESET, I came across an article I wrote for Information Security Magazine back in 2013: Mac Ransomware Deviating from the (java)script.

With the recent kerfuffle about KeRanger, it’s interesting to recall one of its (rare) precursors on the OS X platform. In this case, there wasn’t actually a malicious executable as such, and the whole system wasn’t really locked, even though a pop-up told the victim that his or her browser was locked and that ‘ALL PC DATA WILL BE DETAINED AND CRIMINAL PROCEDURES WILL BE INITIATED AGAINST YOU IF THE FINE WILL NOT BE PAID.’ However, the pop-up did make it very difficult to quit Safari, which was probably scarier than it sounds for the victims.

The story was based on an article by Jérôme Segura for Malwarebytes. Irritatingly, there doesn’t seem to be a link in my article, but this looks like Jérôme‘s article: FBI Ransomware Now Targeting Apple’s Mac OS X Users

The present article was also published on Mac Virus.

David Harley

A few links

We hear a lot about identity fraud, but here’s a page that looks at it from the point of view of the small (UK) business. 

http://www.businesslink.gov.uk/bdotg/action/detail?site=210&r.s=sl&r.lc=en&type=ONEOFFPAGE&itemId=5001406645

Also interesting from a UK point of view, despite the awkward title,  is Cath Everett’s Infosecurity article on “Securing the defence – information security and the defence”:

http://www.infosecurity-magazine.com/view/5559/securing-the-defence-information-security-and-the-defence/

And here’s a very useful link tweeted by Mikko Hypponen:

 http://longurl.org/ lets you see the expanded version of a shortened URL before you go there. TinyURL will let you do this for tinyURLs, but this site can expand a long list of other shortened URLs – see http://longurl.org/services.

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://dharley.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/

(ISC)2 on Cyberterrorism

Interesting article from Infosecurity Magazine.

Cyberterrorism: A look into the future
12 November 2009
(ISC)2 US Government Advisory Board Executive Writers Bureau

Available at:

 http://www.infosecurity-magazine.com/view/5217/cyberterrorism-a-look-into-the-future/.

More thoughtful than you might expect from an article with the overhyped word cyberterrorism in its title.

You might also find this interesting: The Drums of Cyberwar
http://www.technewsworld.com/story/68669.html?wlc=1258483867

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN

Also blogging at:
http://dharley.wordpress.com/
http://www.eset.com/threat-center/blog
http://blogs.securiteam.com
http://blog.isc2.org/