I don’t write for the Security Week site any more, as it seemed to me that Security Week was doing better out of the arrangement than either I or ESET, but some of those articles may still be of interest. So since this seems to be developing into my ‘archive’ site, here’s the list of links, complete with summaries for each article.
- Perfect Ten: Truth and Prognostication Tis the season to compile lists. Not just for the security industry of course: anyone whose job includes a PR dimension has learned by now that the reading public loves a top ten.
Facebook is able to see a customer’s User ID, IP address and operating system if the customer is logged into Facebook at the time they visit a site that uses certain features of Facebook Social Plug-Ins. Does this sharing pose a serious privacy risk?
Some thoughts on the latest developments from the AMTSO and the Anti-Malware Industry.
Win32/Stuxnet might be described as a worm of a slightly different color, though it’s attracted interest from the media that’s comparable in intensity to Conficker, or Code Red, or Blaster.
The vulnerability in Windows Shell’s parsing of .LNK (shortcut) files presents some interesting and novel features in terms of its media lifecycle as well as its evolution from zero-day to patched vulnerability. For most of us, the vulnerability first came to light in the context of Win32/Stuxnet, malware that in itself presents some notable quirks.
The anti-malware industry sometimes sees more complicated problems than you might imagine, and they can’t all be fixed by tweaking detection algorithms or giving the marketing team a productivity bonus.
- Anti-Malware Testing – Industry Insight Maybe only shareholders care about the financial health of an anti-malware company, but wouldn’t you rather have reliable information about the product you choose to protect your systems.
Small Blue-Green World
ESET Senior Research Fellow