…we also indicated in that paper that there are two Elevation of Privilege (EoP) vulnerabilities that we chose not to describe while patches were pending. One of these has now been patched, so we’re now able to publish some of the information we have on it. (When the other vulnerability has been patched, we plan to update the Stuxnet paper with information on both issues.)

Surprised to find annual cybercrime damage spread somewhere between 300 million and 54 BILLION? So is the Director of National Intelligence. Today Brian Krebs of the Washington Post and Krebsonsecurity.com detailed a strong push for mandatory disclosure of cyber intrusion to include account hijacking and online identity theft.

It was a tough choice to choose a title for this post. I also considered “It ain’t necessarily so” for a title. This blog is aimed at our less technical users, but perhaps more technical users will find it useful as a teaching aid as well. Today I am going to teach you how to

And a giant step for users! While working on a blog soon to follow this I discovered a behavior in Windows 7 that Microsoft has changed to make a small, but meaningful improvement in security. For decades the bane of IT professionals has been users who double click on anything they can. This has lead

In the first two parts (Part 1, Part 2) of this series I discussed some of the privacy issues associated with Flash and also explained the configuration options that Adobe offers. If you are willing to go through the hassle of creating an mms.cfg file and maintaining it then you really do have the ability

Now that cyberwarfare is out of the bottle, will anyone agree to not use it? In the summer of 1945 in New Mexico, the Trinity test gave rise to the term ground zero. Could Stuxnet may be measured as a definitive ground zero in cyberwarfare comparable to Trinity? Concerning Stuxnet’s latest rise in China, David

This is an item you may not have seen amid all the speculation about Stuxnet, Iran and Israel.

1) Another Virus Bulletin conference paper has just gone up on the ESET white papers page, by kind permission of the magazine. Large-Scale Malware Experiments: Why, How, And So What? by Joan Calvet, Jose M. Fernandez, our own Pierre-Marc Bureau, and Jean-Yves Marion, discusses how they replicated a botnet for experimental purposes, and what use they

Since its release in 2007, ESET Smart Security has received many accolades for its antimalware, antispam and firewall functions.  However, we have recently been the recipient of a very dubious honor; a rogue antivirus program which masquerades as our own software. The Rogues Gallery Rogue antivirus is a loose family of programs that claim to

In the first part of this blog I told you how to use the basic Flash configuration utility. This blog is for the techies. This time I’ll share with you how to shut the doors on Flash and only open them to the sites you want to trust. Very few people seem to know that