Obtener información de servidores web con banner grabbing

Uno de los aspectos a la hora de realizar controles sobre una aplicación web es la información que puede obtenerse a través de lo que se conoce como banner grabbing. Este concepto se refiere a la interacción manual  en texto plano para obtener información sobre sobre el servidor donde reside la aplicación web. El banner

Solucionada la vulnerabilidad de Skype que permite robar contraseñas

Hace unos pocos días Microsoft informaba de su decisión después de adquirir la conocida plataforma para hacer videollamadas por Internet Skype que cuenta con alrededor de 280 millones de usuarios de fusionarla con el ya clásico servicio de mensajería Windows Live Messenger, con un estimado de 360 millones de usuarios activos mensuales, de los cuales

W8ing for V6: What ESET has in store for Windows 8 Users

[UPDATE: 10/23/2012, 3:00PM — Testing agency AV-Comparatives has reviewed both ESET NOD32 Antivirus and ESET Smart Security for Windows 8 compatibility.   I have updated the blog post below.   AG] The release of Windows 8 is this week and interest remains high in Microsoft’s new flagship operating system.   We have already taken a

A white paper: Windows 8’s Security Features

[NOTE: For the latest information about compatibility between ESET’s software and Windows 8, please see the following blog post: W8ing for V6: What ESET has in store for Windows 8 Users. (10/23/2012, 4:15PM)] Windows 8 will be available to the public in three weeks, and interest in the latest version of Microsoft’s flagship operating system

MS12-063: Microsoft soluciona grave vulnerabilidad 0 day en Internet Explorer

Hace tan solo tres días, publicamos un el blog una alerta sobre la vulnerabilidad 0-day en Internet Explorer que fue aprovechada para propagar el troyano detectado por ESET NOD32 Antivirus como Win32/Poison.NKX. Microsoft decidió adelantar la fecha de publicación del parche para solucionar esta vulnerabilidad. Todos los usuarios que utilicen Internet Explorer 9.0 y versiones

The Dynamic Duo for Securing your Android: Common Sense and Security Software

On Thursday, September 12, Duo Security, a young-but-respected vendor of two-factor authentication devices, announced the preliminary results of a study of over 20,000 Android devices from a two month old study they performed. Based on the results, they calculated that over half of Android devices on the market have security vulnerabilities that are, as yet,

Operación b71: Microsoft desmantela algunas botnets relacionadas a Zeus

El cibercrimen es desde hace bastante tiempo el principal motivo por el cual podemos observar numerosos códigos maliciosos emergiendo cada día y evolucionando constantemente con el fin no sólo de evadir la detección de los antivirus, sino que también para maximizar las ganancias ilícitas. De este modo, nos encontramos ante un panorama de delitos cibernéticos

Grave vulnerabilidad MS12-020 afecta a sistemas Microsoft

La semana pasada surgió una nueva vulnerabilidad en los sistemas operativos desarrollados por Microsoft, denominada MS12-020 de acuerdo al sistema implementado para identificar las vulnerabilidades por la afamada empresa de software. Esta vulnerabilidad afecta al protocolo RDP (Remote Desktop Protocol), es decir, a cualquier sistema operativo que posea el servicio de administración remoto activado. Los sistemas

WSUS: actualizaciones centralizadas en las empresas

A la hora de gestionar una empresa que cuenta con diversos recursos informáticos, es indispensable mantener sus sistemas operativos actualizados para adoptar el mayor nivel de seguridad posible. De esta manera se reduce en una gran medida la exposición que poseen estas empresas a la gran cantidad de amenazas. ¿Para qué sirven las actualizaciones? Antes

Windows Phone 8: Security Heaven or Hell?

Introduction Mobile World Congress 2012 is almost upon us, and one of the most hotly-anticipated topics is the next generation of Microsoft’s smartphone operating system Windows Phone 8, which has been kept under wraps far more tightly than its PC counterpart, Windows 8. While Microsoft was an early adopter in the creation of smartphones with

A dozen predictions for 2012

While I share the reluctance of my colleagues to predict the future, I think there are some trends that can be classified as “reasonably likely to occur” in 2012. I make no promises, but here’s what I think we will see, in no particular order of importance or certainty. We will see increased interest in

Top exploits 2011

Todos los años el laboratorio independiente, Virus Bulletin, celebra el evento más importante del año para la comunidad de investigadores de la industria antivirus, la Virus Bulletin Conference. En esta conferencia participan los principales investigadores de los laboratorios antivirus, entre ellos ESET, presentando las principales tendencias en lo que respecta al mundo del malware y

Much Ado About Facebook, Part II

Since yesterday’s Much Ado About Facebook post in the ESET Threat Blog, we have written additional articles, received a few comments, and also received updated information on the “threat,” so it seems that now is a good time for a follow-up article.  Reports continue to come in of pornographic and violent imagery on Facebook, and

Resumen de amenazas de septiembre

Escuchá el resumen mensual de amenazas en formato podcast: Nuevamente compartimos un resumen mensual de amenazas correspondiente al mes de septiembre. Se reporto durante este mes una nueva propagación de una amenaza denominada Ramnit. La amenaza fue calificada como severa (la más alta), por el centro de protección de Microsoft: Ramnit un malware del tipo

1000 days of Conficker

Nearly three years old, the Conficker worm continues to pose a threat to PCs. Aryeh Goretsky wants to know why this is, and what can be done about it.

Anti-Phishing Day

Too bad it doesn’t exist. I mean really exist. Here is how an anti-phishing day that is designed to be a highly effective educational deterrent to phishing would work. Google, Facebook, Hotmail, Yahoo, Twitter, Myspace, Banks, Online Gaming sites, such as World of WarCraft, and others would all send phishing emails to their users. Yes,

Support Scams: Cold Calls, Cold Hearts

Here's a diagnostic window that your shouldn't panic over, certainly if some cold-calling scammer directs you to it by persuading you to run a diagnostic on your own system. But I'm getting ahead of myself. You might think I've blogged more than enough about support scams already – you know, where someone calls you out

Protecting Consumers from Rogue Online Pharmacies

Over the past couple of years rogue online pharmacies have been advertising their domains on search engines and promoting themselves through search engine optimization.  Legitimate pharmaceutical companies have their own measures in place to work on taking these sites offline.  The problem with rogue online pharmacies is that they do not meet federal regulations.  To

An ethical dilemma

Update: It seems like the initial article is inaccurate and that Paul Rellis never made any such comments about a 14 year old breaking into the X-Box live servers and have not offered to mentor him http://kotaku.com/5805742/microsoft-is-helping-an-xbox-live-hacker-develop-his-talent TekGoblin reports (http://www.tekgoblin.com/2011/05/27/14-year-old-call-of-duty-hacker-hired-by-microsoft/) that a teenager who broke into the Call of Duty Modern Warfare 2 gameservers last

Facebook gets something right

It seems a little strange to have the words "Facebook" and "privacy" in the same sentence in one of my blogs, yet it seems that Facebook CTO Bret Taylor testified at a Senate Commerce Committee hearing on mobile phone and internet privacy. But it turns out the story is about rather more than privacy: it's

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar


Select month
Copyright © 2015 ESET, All Rights Reserved.