No Image

“Not all AV software are the same” – CompTIA Security+ 2008

CompTIA Security+ 2008, page 99, Chapter Antivirus Not all AV software is the same. Free AV software that is available for download through the Internet will typically only look for viruses in standard files. However, most commercial AV software will also look for Trojans, worms, macro viruses, and adware in standard files as well as in compressed (.ZIP) files. In which decade are you guys from CompTIA living ? *Any* AV product looks for those malware in all files. Maybe you should update the book 😉

No Image

Romanian Phishing: Ministertul Finantelor Publice – Taxe si Impozite

“Romanian tax return phishing” published in the Avira Techblog From: Ministerul Finantelor Publice Date: 25.11.2010 07:54:34 Subject: Ministertul Finantelor Publice – Taxe si Impozite Dupa ultimele calcule ale activitatii dumneavoastra anuale am stabilit ca va sunt eligibile pentru primirea unei rambursari a impozitului in conformitate cu sectiunea 501 (c). Valoarea impozitului returnat este de 473,27 RON. Va rugam sa ne trimiteti cererea de rambursare a impozitului si sa asteptati 6-9 zile pentru verificarea datelor introduse. Pentru a accesa formularul de plata va rugam sa va completati datele aici : Aceasta notificare a fost trimisa de catre Ministerul Finantelor Publice , Biroul de plati pentru persoane fizice. MINISTERUL FINANTELOR PUBLICE Serviciul de Comunicare si Relatii Publice sef serviciu : Cristian Marin The domain was registered in the same morning, at 4 AM. Creation date: 25 Nov 2010 04:33:00 Expiration date: 24 Nov 2011 23:33:00 Now it is closed after I wrote to the ISP.

No Image

“Cybercriminals from Eastern Europe”

“Cybercriminals from Eastern Europe” – quote from CompTIA Security+ 2008, Chapter 1, Page 36 Oh, please… this is stupid ! It is true that many of the attacks are conducted from Eastern Europe, but this is not the way to publish something like this. You are ruining their chances. There are many good guys and they are brilliant ! I have the pleasure to work with many such young people every day. Cybercriminals There is a new breed of computer attackers known as cybercriminals. Cybercriminals are a loose-knit network of attackers, identity thieves, and financial fraudsters. These cybercriminals are described as being more highly motivated, less risk-averse, better funded, and more tenacious than hackers. Many security experts believe that cybercriminals belong to organized gangs of young and mostly Eastern European attackers. Reasons why this area may be responsible for the large number of cybercriminals are summarized in Table 1-6. Table 1-6 Cybercriminals often meet in online “underground” forums that have names like and The purpose of these meetings is to trade information and coordinate attacks around the world.

No Image

onMouseOver() Twitter security flaw (+Update)

A Twitter security flaw is being widely exploited on Twitter, showing remote content from third-party websites without user’s consent. The flaw uses a JavaScript function called onMouseOver() which creates an event when the mouse is passed over a text or link. Any user can use this flaw to create simple popups, redirect the page to somewhere else, retweet some messages or hide parts of the message. The link has to be constructed in such a way that it starts with<text>@”onmouseover=”<code>” The problem is that Twitter doesn’t filter the code, it instead executes it. To overcome the problem, use some 3rd party websites to work with Twitter. These website use the API directly and not the website GUI. Another solution is to use the mobile website, which doesn’t seem to have the flaw. Update: Twitter fixed the problem :

No Image

Interview with me in Signal Magazine : “Web Surfers Suspicious”

This is an interview I gave on telephone for Signal Magazine. “… Internet can be a dangerous activity, but the security status of different types of websites is not the same, Sorin Mustaca, data security expert, says. … ” I am a little bit unhappy about this, which I never said: “Mustaca admits that the survey information is more anecdotal than scientific” What I said was: “the interview was made with a random sample of Avira users”. But from experience I know that it can be much worse. 🙂 Enjoy.

%d bloggers like this: