Why the ZeroAccess rootkit family modifications are important to the end user.

…but it doesn't necessarily want you to be free. Since Cameron Camp and I have written here and here about the implications of the UK government's meditations on curbing civil unrest by curbing social media services, it's interesting to see that the estimable Kim Davis, who previously categorized UK Prime Minister David Cameron's pronouncements as bluster, has also

Although the “Ready to Ride” group originated in Russia it distributes Win32/Cycbot outside the borders of the Russian Federation. Going by the prices per installation the primary target of the group is the US.

… I haven’t recently posted any pointers to our content on SC Magazine’s Cybercrime Corner, and now might be a good time to recap on what Randy and I have been posting there this month (so far…) …

*http://en.wikipedia.org/wiki/Skeeter_Davis  Here in the UK it's just turned 6pm on the 21st May, which apparently means I'll shortly be either invited to a rapturous celestial street party or subjected to various unpleasant experiences starting with a giant earthquake and ending with a front seat at a subterranean bonfire on or before 21st October. Though according to

One of the most common ways to propagate malware through social engineering is to piggyback it on some attention-catching news event. This can be carried out using a variety of techniques and is certainly nothing new. One infamous example from 2007 was Win32/Nuwar (a/k/a the Storm Worm), which distributed through spam emails with current and/or

As you'd expect, there have already been reports of Black Hat SEO (Search Engine Optimization) being used to lure people looking for news of the earthquake and subsequent tsunami onto sites pushing fake AV. (Stop me if you've heard this before…) My colleague Urban Schrott, however, offered some pretty good advice on what to look out

My colleague Aleksandr Matrosov today received an interesting sample of TDL4 from another of my colleagues, Pierre-Marc Bureau: this sample downloads and install another malicious program, Win32/Glupteba.D. This was the first instance he’d come across of TDL4 used to install other malware, and here's his account of what he found. A sample of Win32/Olmarik.AOV was

…one interesting trend in blog comment spam that I’ve noticed in recent months is that a number of comments are obviously intended to push a product or site, but contain content that is actually relevant…

My colleague Urban Schrott, from ESET Ireland, wrote a nice feature article for our monthly ThreatSense report (which should be available shortly on the Threat Center page at http://www.eset.com/threat-center) on seasonal scams. As the scam season is starting to get into full swing, we thought it might be good to give it a wider audience here.