tag

Microsoft

Resumen de amenazas de enero

Escuchá el resumen mensual de amenazas en formato podcast: Nuevamente compartimos con ustedes el resumen mensual de amenazas más importantes del mes de enero. En estos días, pudimos comprobar nuevamente que las redes sociales son un blanco muy importante a la hora de distribuir malware. En este caso, la afectada fue la red social de

MS10-092 and Stuxnet

…among the 17 security bulletins just released by Microsoft on Patch Tuesday, MS10-092 addresses the Task Scheduler vulnerability prominently exploited by Win32/Stuxnet…

Vulnerabilidad de Internet Explorer explotada

La explotación de vulnerabilidades les brinda a los atacantes la posibilidad de llevar adelante tareas delictivas como la distribución de malware. En este caso en particular la aparición de un nuevo 0-day en el navegador de Microsoft, Internet Explorer, nos ha alertado a todos debido a su criticidad y a la posibilidad de ejecución de

Java es más explotado que Adobe

El pasado lunes el centro de Microsoft Malware Protection, publicó en su blog un informe estadístico relacionado a la explotación de vulnerabilidades y las plataformas. En el mismo, se destaca el aumento de ataques hacia Java, superando así notablemente a Adobe, que en estos últimos tiempo ha sido blanco habitual de ataques . En el

That’s One Small Step for Windows…

And a giant step for users! While working on a blog soon to follow this I discovered a behavior in Windows 7 that Microsoft has changed to make a small, but meaningful improvement in security. For decades the bane of IT professionals has been users who double click on anything they can. This has lead

Stuxnet: ataque a sistemas de control industrial

Mientras los especialistas de la industria antivirus debaten sobre los temas de relevancia en materia de amenazas en la conferencia Virus Bulletin, aprovechamos la oportunidad para contarles justamente sobre una de las amenazas que fueron tratadas a través de dos papers en el evento, con un amplio debate suscitado el día de ayer. Se trata

Resumen de amenazas de septiembre

Como indicamos en reportes anteriores, el ambiente delictivo, en relación al desarrollo y propagación de amenazas, se encuentra de forma constante buscando nuevas  formas para lograr mayores indices de infección. Septiembre se caracterizó por presentar un crisol de metodologías de ataque y de propagación de amenazas bastante particular. Como todos los meses les presentamos un

DLL loading vulnerability

Scarcely had we got our breath back mainly after Microsoft addressed a serious vulnerability in handling .LNK (shortcut) files, before researcher HD Moore made public a serious security failure in the dynamic loading of libraries in Windows that came to light when he was investigating the .LNK issue.

Microsoft publicó parche de seguridad fuera de ciclo

Tal como anunciábamos el último viernes, Microsoft ha cumplido con lo que indicó hace unos días y ya está a disposición de los usuarios la actualización de seguridad MS10-046, que corrige la vulnerabilidad CVE-2010-2568, que se relacionaba a la forma en que Windows Shell manejaba los archivos LNK (accesos directos) en los sistemas operativos afectados

Save your work! Microsoft Releases Critical Security Patch

As expected, Microsoft has released a critical out-of-band patch for the LNK shortcut file vulnerability which received attention last month. As a critical patch, this update will be delivered through Windows’ Automatic Update service, as well as being directly available for download from Microsoft’s site without a Windows Genuine Advantage check. A reboot is required for the

Support Scams Part Umpteen

UK journalist Kevin Townsend has blogged today on what sounds like two support scam phone-calls of a type I’ve mentioned here a few times since a colleague at another company drew my attention to it last month.

A few facts about Win32/Stuxnet & CVE-2010-2568

We realize there have been a lot of articles in the blog now about the Win32/Stuxnet malware and its new vector for spreading, but when vulnerabilities emerge that can be widely exploited, it is important to share information so that people can protect themselves from the threat. Detection for Win32/Stuxnet and the shortcut (LNK) files

There’s Passwording and there’s Security

Kim Zetter’s article for Wired tells us that “SCADA System’s Hard-Coded Password Circulated Online for Years” – see the article at http://www.wired.com/threatlevel/2010/07/siemens-scada/#ixzz0uFbTTpM0 for a classic description of how a password can have little or no value as a security measure. Zetter quotes Lenny Zeltser of SANS as saying that ““…anti-virus tools’ ability to detect generic versions of

Win32/Stuxnet Signed Binaries

On July 17th, ESET identified a new malicious file related to the Win32/Stuxnet worm. This new driver is a significant discovery because the file was signed with a certificate from a company called "JMicron Technology Corp".  This is different from the previous drivers which were signed with the certificate from Realtek Semiconductor Corp.  It is

(Windows) Shellshocked, Or Why Win32/Stuxnet Sux…

…But that doesn’t mean that this particular attack is going to vanish any time soon, AV detection notwithstanding. Now that particular vulnerability is known, it’s certainly going to be exploited by other parties, at least until Microsoft produce an effective fix for it, and it will affect some end users long after that…

Microsoft Takes the Security out of Security Conferences

In May it was reported that IBM handed out some USB drives that were infected. A month later I spoke at a security conference that I will not name. I gave the AV (audio/visual) technician a USB key with my presentation on it to copy to the laptop they were using for the presentations. About

Marketing Misusing ESET’s Name

The individual concerned had received a phone call from someone claiming to be from Microsoft, and informing him that notification had been received concerning a virus infection on his PC, and offering to help him to install antivirus software. When asked what antivirus software was being offered, the caller claimed that it was ESET’s.

Keylogging taken seriously: Security upgrades in the new Hotmail

Microsoft Hotmail has a new feature: Out of Band Authentication via cell phone SMS Text. They call it ‘single-use codes’: Single-use codes This new security feature is designed to further protect you when you sign in from a public computer, such as those found in internet cafés, airports, and coffee shops. When you request a

Consecuencias de la Operación Aurora: ¿Google dejará de utilizar Microsoft?

Durante el día de ayer cientos de sitios web y redes sociales publicaron y comentaron una noticia que involucra a dos de las empresas tecnológicas más importantes del mundo: Google abandonaría Windows como Sistema Operativo. La noticia original fue la publicada por el Financial Times donde se afirma entre otras cosas (y en traducción libre):

Please do not change your password – The Boston Globe

I find it hard to not be shocked at a headline like this… Then I remembered the recent top cybercrime city survey conducted by one of our competing software vendors which had Boston ranked the SECOND HIGHEST risk city in the entire United States. I’m also not one to simply lie down and let cybercriminals

Follow us

Copyright © 2016 ESET, All Rights Reserved.