category
More Technical

TDL Tracking: Peer Pressure

Recently … our TDL tracker picked up a brand new plugin for TDL4 kad.dll (Win32/Olmarik.AVA) which we haven’t seen earlier … we discovered that it implements a particularly interesting network communication protocol …

FBI nabs international “scareware” ring

Long a puzzling challenge, the FBI seems to be making strides in tackling international coordinated scams, in this case, scareware. Scareware, the practice of providing fake infection notifications to users’ computers, and then offering to sell solutions to problems that don’t exist, has been quite a boon as of late for fraudsters. FBI claims the

Giving Cold Callers the Cold Shoulder

…And therein lies a problem that goes beyond support scams. The telephone network, like the Internet, isn’t very good at recognizing national boundaries. Which is why I have a couple of rules of thumb when it comes to cold callers…

EU to urge shorter data breach notification times

Following a string of data breach notifications which seem to be less than forthcoming, the EU is urging much stricter guidelines for data breach reporting timelines. It a recent article, European Commissioner Viviane Reding was shocked “that companies needed two or three weeks to inform people that their personal data had been stolen.” Recently I

Calling for Backup

…what I had principly in mind at that point was the impact of some 4,800 of its customers whose businesses may have been threatened when data, sites and email on four of its servers were lost…

SCADA still scary

“Infrastructure Attacks: The Next Generation?” now includes the speaker notes, which hopefully makes it more interesting and useful.

White House to double jail time for hackers?

The Obama administration seems intent on pushing for stiffer sentences for hackers caught endangering national security to 20 years prison time, doubling the current sentence. A stiff penalty, to be sure, the latest in a series of volleys from D.C. to curb the flurry of recent high-profile attacks and restore confidence in the U.S. Government’s

LinkedIn Privacy: An Easy How-to Guide to Protecting Yourself

Introduction LinkedIn is a social network platform whose specialty is connecting professionals together to build relationships and create business opportunity. Recently the company became publicly traded and grabbed the attention of the world as its initial public stock offering more than doubled on the first day. Here we focus tools and options for user privacy

The Social Networking/Cybersafety Disconnect

Survey Reveals Chasm between Users’ Concerns and Behavior A recent Survey commissioned by ESET and conducted online by Harris Interactive from May 31-June 2, 2011 among 2,027 U.S. adults 18+ found a startling disconnect between user concerns about privacy and security and their actions on social networking sites. To start, the study found that 69%

419: UK lets the Good Times Roll

…It’s a 419 (Advance Fee Fraud) message, of course. Stripped of the pseudo-governmental flim-flam, the core of the message is that they want you to forward them this…

New your.brand domain names to increase phishing?

ICANN has just approved a new batch of individualized TLD’s (Top Level Domains), so now you can register your.brand, whatever yourbrand is, instead of the usual yourbrand.com, .net, etc., if you can prove to ICANN you deserve it. The problem? Users tricked by similar looking domain names have long been a boon for phishing exploits,

#1 Bitcoin Exchange Data Breached

Mt. Gox, the most popular Bitcoin exchange, has had a database compromised and user information stolen, sparking rapid devaluation and temporary exchange freeze to halt the slide. According to a Mt. Gox breach notification e-mail sent to users on June 19th: “Our database has been compromised, including your email. We are working on a quick

Thank you, fans….

So, a (long) while ago I wrote about the Haiti earthquake, with some commentary about the intersection between natural disasters, Black Hat SEO, scare tactics for education in good security practice, plus some links relevant to the earthquake. Well, I'm certainly not ashamed of that blog, though I haven't thought about it for a long time,

Anti-Phishing Day

Too bad it doesn’t exist. I mean really exist. Here is how an anti-phishing day that is designed to be a highly effective educational deterrent to phishing would work. Google, Facebook, Hotmail, Yahoo, Twitter, Myspace, Banks, Online Gaming sites, such as World of WarCraft, and others would all send phishing emails to their users. Yes,

Support Scams: Cold Calls, Cold Hearts

Here's a diagnostic window that your shouldn't panic over, certainly if some cold-calling scammer directs you to it by persuading you to run a diagnostic on your own system. But I'm getting ahead of myself. You might think I've blogged more than enough about support scams already – you know, where someone calls you out

The Good Virus: White Knight or Red Queen?

I encountered an old acquaintance today. Tip of the hat to Peter Radatti for pointing me towards an article by John Breeden II that proposes a very familiar idea: the Good Virus. (One that also often pops up in the form of the Good Worm, such as the various hues of Code that were proposed

Bitcoin “wallet” hacked – heisted $500K?

Old western cowboys beware, this heist didn’t happen with a stagecoach at gunpoint, it’s a new era out there. A user, going by the username allinvain reports he had 25,000 Bitcoins (BTC) stolen when his computer was infected. At the current BTC exchange rate, that haul would net about $500,000. Not too shabby for a

Got Hacked? You have 48 hours to fess up

Or so the current legislation being proposed in a U.S. House of Representative subcommittee would like it. A hearing scheduled for today at the House Energy and Commerce Committee’s Commerce, Manufacturing, and Trade Subcommittee centered around draft legislation proposed by Rep. Mary Bono Mack (R-Calif.) hoping to accomplish a security baseline companies must adhere to,

I Can Neither Confirm nor Deny

As website appear to fall to hacks like the rain falls in Seattle, the question du jour doesn’t change from day to day. The same question is always asked… “Did Anonymous perform the attack?” What do all of these links below have in common? You don’t have to read them, I’ll tell you.. http://sdchamber-members.org/Business%20Online%202009-10/Business%20Action%20Online%20May%202010/Business%20Action%20Online%20May%20ESET.html http://www.theregister.co.uk/2008/03/17/scientology_anonymous_round_three/

TDL file system

@RedNose commented on the blog I put up recently about the tool my Russian colleagues have made available for dumping TDL's hidden file system: I'm going to respond here in case anyone else is confused about this. "I ran the tool and it did not show anything. Does it mean that TDSS is not present?"

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
17 Aug 2011
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.