category
More Technical

Virus Bulletin 2012 Slides

The slides for many of the presentations by ESET researchers at VB 2012 can now be found on the Virus Bulletin conference web pages.

How’s your cyber security awareness? Or, do we really need security training?

As you may know, October is National Cyber Security Awareness Month in America, which is a good time to ask yourself how aware you are when it comes to threats to your digital devices and personal information.

Avoid Election Season Scams: Donations and cruises to avoid

As the Better Business Bureau recently warned, scam artists are gearing up for the Presidential election season. So what pitfalls do consumers face during the final stretch of campaigning, on computers and on the phone? Recently, we’ve seen examples of phony phone calls, phony websites seeking donations, and there may be more to come. Regular

Defeating anti-forensics in contemporary complex threats

Alexandr Matrosov summarizes the evolution of complex threats using hidden storage, as discussed in his presentation with Eugene Rodionov at Virus Bulletin 2012.

Study finds 90 percent have no recent cybersecurity training

A new study finds that only 1 in 10 consumers have had any classes or training about protecting their computer and/or their personal information during the last 12 months. Indeed, a shocking 68 percent say they have never had any such training, ever. These and other findings, first revealed by ESET at the Virus Bulletin

A white paper: Windows 8’s Security Features

[NOTE: For the latest information about compatibility between ESET’s software and Windows 8, please see the following blog post: W8ing for V6: What ESET has in store for Windows 8 Users. (10/23/2012, 4:15PM)] Windows 8 will be available to the public in three weeks, and interest in the latest version of Microsoft’s flagship operating system

Huawei? The how, what, and why of telecom supply chain threats

You spell it Huawei and say it wah-way and it’s all over the news. But what does it mean for the security of your data when, as the Wall Street Journal put it, “A U.S. Congressional report has labeled Chinese telecommunications company Huawei Technologies a national security threat”? As we will see, the implications for

FTC cracks down on tech support scams and feds nail fake AV perps

The federal government took much needed action today against sleazy PC tech support scammers and fake AV peddlers. Actions include lawsuits, a judgment of $163 million, and freezing of multiple assets. PC tech support scammers will be familiar to regular readers of this blog because David Harley and others have charted the progress of this

Free Android USSD vulnerability protection from ESET now on Google Play

If you use an Android phone you may have heard of something called the USSD vulnerability. This allows a nasty piece of malicious software to reset your Android to its factory default settings and permanently delete your data.

PC Support Scams – Virus Bulletin paper

Another year, another fine Virus Bulletin conference come and gone. And some of us even got long-service badges. (My first VB was in 1996, and my first VB presentation in 1997, but there are people like our own Righard Zwienenberg whose attendance record goes back way further.) (Yes, it did rain the last day or

Facebook timeline privacy/security: protect your account and identity (2/2)

In our last post (part 1 of 2), we dove into Facebook timeline privacy and security, prompted by the universal imposition of the timeline view that is currently under way on the world’s largest social network. In this second part, we continue reviewing our Facebook timeline from other people’s perspective, using a tool called View

Flashback Wrap Up

Six months ago, Flashback was attracting a lot of attention from researchers and media due to its wide spread and interesting features. Since then, we have witnessed its operator abandoning control of the botnet by shutting down its latest command and control server. This happened in May this year. The number of infected systems has

Choosing a non-obvious PIN

There is very little research data on PIN prevalence available, so analysis of a new dataset of 4-digit passcodes can’t be ignored.

Ransomware Part III: another drop of the Irish

Where to find more information about current trends in international ransomware design.

Ransomware Part II: not just an Irish problem

More on the Gaelic ransomware, and how to spot ransomware in your own language, even if you aren’t Irish.

The Dynamic Duo for Securing your Android: Common Sense and Security Software

On Thursday, September 12, Duo Security, a young-but-respected vendor of two-factor authentication devices, announced the preliminary results of a study of over 20,000 Android devices from a two month old study they performed. Based on the results, they calculated that over half of Android devices on the market have security vulnerabilities that are, as yet,

Nitol Botnet: You Will Never Break The Chain

Nitol versus Michelangelo: the supply chain is much more than the production line.

Facebook timeline security & privacy: steps to keep your account & identity safe

Now that Facebook’s timeline feature is in the final stages of being rolled out to all users (including, finally, to my account), it is important that everyone understands how to use the feature and, most importantly, how to secure your identity and privacy in its new context. Timeline is quite a simple feature, introduced by

Dancing Penguins: a case of organized Android pay-per-install

For years, cyber criminals have organized their operations and traded resources through discussion forums and auction sites. One popular item to trade is access to virus infected PCs for cash. These trading schemes are often called pay-per install (PPI) programs. We have recently started an investigation on a new type of pay-per install program, this

Threat Reports and other Information

Information about the August Global Threat Report and where to find other ESET resources

Follow us

Copyright © 2016 ESET, All Rights Reserved.