…given the amount of detailed analysis that’s already available (and I mean substantial blocks of reverse-engineered code, not high-level analysis and code snippets and descriptions), I’m not sure that anyone with malicious intent and a smidgen of technical skill would need the original code…

…conceptually there is a direct line of succession from this worm to the social engineering worm/Trojan hybrids of the early noughties. Clearly, the line continues through to the social network malware (real and memetic) of today…

…an article suggests that “Stuxnet was developed to improve the quality of enriched uranium, so that it no longer can be used for the production of atomic bombs.” It’s an interesting theory, and I’m certainly not going to say it’s wrong…

After quite a few months of trying to raise public awareness of the problem of fake support cold-calling both here [and elsewhere, it's good to see other vendors also starting to publicize the issue. I've previously cited an article by Symantec's Orla Cox that describes one exchange of civilities with one of the scammers, and

This weekend, an unnamed worm forced Microsoft to temporarily suspend active links  in Live Messenger 2009, in order to prevent the aggressive worm from spreading further. This is quite a surprising measure, because worms spreading through Instant Messaging (IM) such as Skype, Yahoo! Messenger and Microsoft Live Messenger are not new at all! For example,

If you read my previous blogs about P2P/inbox-mediaone/traclickmedia spam offering the currently-defunct Limewire (though some sort of replacement has been promised), you'll be glad to know that not only have they caught up with the latest news, but are now offering an alternative that is cleaner, faster, friendlier and safer. Yeah, right… In fact, looking

…Eric Chien … tells us that “Stuxnet requires the industrial control system to have frequency converter drives from at least one of two specific vendors…”

Speaking of the October 2010 ThreatSense report, which includes an article on fake support and AV… A few days ago I wrote an article about fake support scams, a topic I've addressed before for Security Week – Fake AV, Fake Support  -and here on the ESET blog. What was missing, I guess, was that extra edge

…ESET’s October ThreatSense report is available on the Threat Center page …

In response to my recent cookie theft blog a reader asked the following questions: What is VPN, what is SSL and what is the significance of https? What precautions can we take if we need to do Internet banking from a public computer, Internet café for example? VPN, SSL and https are all about encryption.