Apache modules are add-on code taking advantage of the Apache module API to extend the functionality of the standard Apache distro. In this case, the binary’s functionality was malicious, but there is no exploitation of a known Apache vulnerability in this case.
Win32/Spy.Ranbyus shows how it is possible to bypass payment transaction signing/authentication with smartcard devices and has started to modify java code in one of the most popular remote banking systems (RBS) in the Ukraine.
More than half of all web servers on the Internet use Apache, so when we discovered a malicious Apache module in the wild last month, we were understandably concerned.
[UPDATE #1: (21 Dec 2012, 5:30PM) ESET Researcher Cameron Camp has just published the second part of this series on securing your Android device. Read it here on the ESET Threat Blog at Securing Your Holiday Tech Gifts, Part 2: Android Guide. AG] December is upon us, and whether you have a Christmas tree, menorah,
When something in your vicinity happens, you know right away if it is good or right. When the traffic light on a busy road is red, you know not to cross and when it is green you can cross, but still be looking around to see if it is safe. With different instances that are
In 2012 the number of unique detections of malware for Android increased globally by a factor of 17X (yes, that is 1,700%), and we expect the increase in 2013 to be even greater. This is one of the main predictions in the white paper we are releasing today: "Trends for 2013: astounding growth of mobile
USB flash drives continue to present a serious challenge to information security, for consumers and companies alike. You will be aware of this if you read our recent article on the Win32/Pronny worm, just one example of a piece of malicious software that is “in the wild” and actively seeking to spread via USB flash
419 (Advance Fee Fraud) scams aren’t amusing to the victim, but the chutzpah of a dictator’s wife claiming her $700m Swiss bankroll back is worth a chortle.
Malware activity exploiting Autorun on Windows computers has been generating quite a few calls to ESET support lines lately, reminding us that old infection techniques seldom die and USB flash drives can still be an effective means of getting malicious code onto a computer. USB drives can be used to infect computers that automatically execute
It has happened before, it just happened again and it will happen in the future. It is inevitable! Some company that needs to get some press coverage or public visibility will release yet another statement on how worthless Anti-Virus is, based on its own dysfunctional test. For this “test”, they used the VirusTotal service. VirusTotal
Online passwords are a pain, and not just when you have to type them to access your online bank account or shop at your favorite digital emporium. Password pain extends to the people who have to manage them. A few weeks ago we shared some initial findings from a recent poll of 2,129 U.S. adults
Does the expression 'In the Wild' still mean anything today? Well yes, in the sense of something that is 'out there' threatening real-world systems. But things move a lot faster these days than they did in the 90s and later, fastburning mass-mailers notwithstanding. Just a few days ago (on the 30th of November, to be
Six months ago, Flashback was attracting a lot of attention from researchers and media due to its wide spread and interesting features. Since then, we have witnessed its operator abandoning control of the botnet by shutting down its latest command and control server. This happened in May this year. The number of infected systems has
A shortened and updated version of the advice that David Harley and Andrew Lee gave to potential phish victims in an earlier paper. Part 3 of a three-part article on phishing scams old and new, and some of the ways to recognize the baited hook.
Phishing scams and online shopping. Part 2 of a three-part article on phishing scams old and new, and some of the ways to recognize the baited hook.
Brutalize? Yes, that’s what the Governor of South Carolina wants to do to the person who breached security at the South Carolina Department of Revenue (SCDOR) and exposed Social Security Numbers and other information pertaining to 3.6 million people, as well as 387,000 credit and debit card records. Speaking to the press on Friday, Gov.