Conference Papers
White Papers

BYOD: (B)rought (Y)our (O)wn (D)estruction?

Presented at the Virus Bulletin 2012 conference in September, this paper considers the pros and cons of the BYOD trend, potential attack vectors, and advice on countermeasures. First published in Virus Bulletin 2012 Conference Proceedings*

By Righard Zwienenberg .
Download

Dorkbot: Hunting Zombies in Latin America

Presented at the Virus Bulletin 2012 conference in September, this paper introduces the main capabilities and features of Win32/Dorkbot and considers why and how Win32/Dorkbot’s activity in Latin America differs from the rest of the world. First published in Virus Bulletin 2012 Conference Proceedings*

By Pablo Ramos .
Download

Festi botnet analysis and investigation

A comprehensive analysis of the evolution of the Festi botnet, its features, its networking protocol, and the ways in which it tries to protect itself from detection. As presented at the AVAR 2102 conference in Hang Zhou.

By Aleksandr Matrosov and Eugene Rodionov .
Download

Defeating anti-forensics in contemporary complex threats

Technical and in-depth analysis of the implementation of hidden encrypted storage, as used by complex threats currently in the wild including TDL4, Carberp and ZeroAccess. First published in Virus Bulletin 2012 Conference Proceedings*

By Eugene Rodionov and Aleksandr Matrosov .
Download

FUD and Blunder: Tracking PC Support Scams

Presented at the Cybercrime Forensics Education & Training Conference in September 2012, this paper looks at the support scam problem from a forensic point of view.

By David Harley, Martijn Grooten, Craig Johnston and Stephen Burn .
Download

My PC has 32,539 errors: how telephone support scams really work

Presented at the Virus Bulletin 2012 conference in September, this is a comprehensive consideration of the ongoing evolution of the PC telephone support scam. First published in Virus Bulletin 2012 Conference Proceedings*

By David Harley, Martijn Grooten, Steven Burn and Craig Johnston .
Download

PIN Holes: Passcode Selection Strategies

Presented at the EICAR 2012 conference in May, this paper considers common strategies for selecting four-digit passcodes, and the implications for end-user security. Originally published in the EICAR 2012 Conference Proceedings.

View more

By David Harley .

After AMTSO: a funny thing happened on the way to the forum

Presented at the EICAR 2012 conference in May, this paper looks at how the Anti-Malware Testing Standards Organization might yet retain enough credibility to achieve its original aims. Originally published in the EICAR 2012 Conference Proceedings.

View more

By David Harley .

Man, Myth, Malware and Multi-Scanning

The use and misuse of public multi-scanner web pages that check suspicious files for possible malicious content, and why they’re no substitute for comparative testing.
Presented at the 5th Cybercrime Forensics Education & Training (CFET 2011) Conference in September 2011

By David Harley & Julio Canto .
Download

Same Botnet, Same Guys, New Code

A paper describing the functionality and P2P protocol of Win32/Kelihos, its evolution and its points of similarity to Win32/Nuwar (Storm) and Win32/Waledac.
First published in Virus Bulletin 2011 Conference Proceedings*

By Pierre-Marc Bureau .
Download
1234

Follow Us

FacebookYoutubeTwitterLinkedInGoogle+RSS

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2013 ESET, All Rights Reserved.