tag
autorun

Ten Ways to Dodge Cyber-Bullets (Part 1)

OK, so I lied about not doing a top ten. Twice. For a paper that's going through the publication process at the moment, I revisited some of the ideas that our research team at ESET LLC came up with this time last year for a top ten things that people can do to protect themselves

Septic Thumb Drive

The Register has reported that it cost Ealing Council, in London (UK) some £500,000 in lost revenue and repairs after a "virus infection" in May. According to El Reg’s John Leyden, the virus in question was Conficker-D, though because of differences in Conficker variant naming, it’s difficult to say exactly which variant that would refer to.

Now You Can Fix Autorun

Microsoft has released the patches required to make autorun work with only CD and DVD drives. There is one little catch, a USB drive can be configured to look like a CD, but this patch definitely helps reduce risk. I highly recommend you install the patch so that you can connect most thumb drives, GPS

Potentially Abandoned Conficker Grows

Potentially Abandoned Conficker Grows According to an article at Internetnews.com http://www.internetnews.com/security/article.php/3832846 the authors of the Conficker botnet may have abandoned it, yet it continues to grow in numbers. The growth of the botnet is troubling because it is completely preventable and because it means the infected computers are vulnerable to other threats and that these

The April Threat Report

As we do each month, ESET has released its monthly threat report. As you might expect, there were a lot of Conficker detections out there. There were also almost as many detections for autorun threats that are not Conficker. In other words, if you have disabled autorun, then you protect against a lot more than

Conficker: rising and shining…

So now for a little more tech detail on Win32/Conficker.AQ (kindly supplied by Juraj Malcho at our labs in Europe – however, if I get anything wrong, that will almost  certainly be down to my faulty interpretation!) The new variant has two main components. The server component is an .EXE that infects vulnerable PC’s in

For the Hypochondriacs…

I’ve tried to convince you all that you really need to watch out for all of the threats and that it really isn’t worth worrying about Conficker, but if you are still worried about Conficker we do have a knowledge base article you can peruse at http://kb.eset.com/esetkb/index?page=content&id=SOLN2209. If you apply your security patches, disable autorun,

Who is the April Fool?

I kept telling everyone to worry about being secure, not about Conficker. Some people listen, some don’t. So what happened over about the past 24 hours? According to ESET’s ThreatSense.Net, by about 2 PM GMT on April 1st, of the top 20 threats encountered by our users in the past 24 hours, four out of

Conficker Launches Cyber Attack Against Big Ben

In an apparent effort to cause British commuters to miss their trains, Chinese hackers have ordered the Conficker.C botnet to randomly change the time on the venerable and vulnerable Big Ben. This has caused millions of Londoners to be late for work this morning. Hey, this is no more ridiculous than trying to protect against

Watch out for the Honda Accords

Why watch out for the Honda Accords?  Well, automobile accidents are one of the leading causes of injury and death and Accords are very common cars. This sounds pretty silly, doesn’t it? I mean, wouldn’t it make sense to drive like any car is a potential threat and drive as best as you can to

Conficker Removal (Update)

[Update: it seems that people who missed the whole MS-DOS/having fun with the C> prompt and batchfiles thing are still struggling with the fact that vendors are releasing cleaning tools that are really command-line tools, so some step-by-step notes are added below.] I’m sure you’re almost as bored with this issue as I am with the

Conficker: Before the Flood (April Showers)

I don’t, of course, know for sure what’s going to happen on April 1st, when Conficker is timed, potentially, to go to its next stage of evolution. We do know, from inspecting code in the variants and subvariants that have come our way, that infected machines will be looking for instructions and updates on that date. At the very least,

Conficker Clarified

I just happened upon a blog that made an interesting point about the information that’s been made about Conficker. Essentially, the writer was fulsome in her praise of an article by Gary Hinson here, which gave some simple advice on dealing with Conficker/Downadup. As it happens, I’m familiar with the name Gary Hinson: he also contributes

Confounding Conficker

[Update: Spiegl Online reports (in German!) that the total may be as high as 50 million infected machines: however, this figure seems to be extrapolated from the number of infections picked up Panda's online scanner. Statistically, I'm not sure it makes any sense at all to try to correlate this self-selecting sample to the total population of

Confused about Conficker?

CNN reported that there a new sleeper virus out there. http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html There is nothing sleepy about the Conficker worm, it is wide awake and looking for people who are asleep at the security wheel. CNN reports that Conficker could allow hackers to steal personal and financial data, and they also report that it “it is

Conficker a través de Autorun

Conficker (o Downadup) se ha transformado en una verdadera epidemia tal y como lo indica nuestro Reporte de amenazas de Diciembre y, en los últimos días, sus creadores han puesto énfasis en multiplicar sus técnicas de infección, ampliándolas a través de recursos compartidos, explotación de claves débiles y a dispositivos de almacenamiento removibles. Este último

Virus indetectable

Es muy común escuchar la frase “Ningún antivirus detecta este virus”. Sin embargo y tal como expliqué en troyanos indetectables, esto es una situación pasajera. Tomemos por ejemplo el siguiente gusano, no detectado en ese momento por ningún antivirus: Esto sucede porque es muy común que los desarrolladores de malware prueben sus creaciones una y

Prevenir la ejecución automática de malware a través de USB

Actualización 31/08/2009: Microsoft ha liberado un parche para realizar esta tarea automáticamente. Ver Eliminar el AutoRun para dispositivos USB. En gran porcentaje de códigos maliciosos logran infectar equipos explotando una funcionalidad incorporada en plataformas Microsoft Windows que permite la ejecución de cualquier dispositivo que sea insertado en el puerto USB. Esta funcionalidad se encuentra habilitada

Sobre INF/Autorun

Hace un tiempo nuestro laboratorio viene notando una clara confusión en torno a lo que realmente constituyen los archivos Autorun.inf, donde la confusión radica básicamente en si este archivo es o no un código malicioso. La realidad es que existen muchas aplicaciones que si bien no son desarrolladas precisamente con ánimo malicioso son aprovechadas a

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

3 articles related to:
Hot Topic
30 Dec 2009
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.