tag
Microsoft

Win32/Stuxnet Signed Binaries

On July 17th, ESET identified a new malicious file related to the Win32/Stuxnet worm. This new driver is a significant discovery because the file was signed with a certificate from a company called "JMicron Technology Corp".  This is different from the previous drivers which were signed with the certificate from Realtek Semiconductor Corp.  It is

(Windows) Shellshocked, Or Why Win32/Stuxnet Sux…

…But that doesn’t mean that this particular attack is going to vanish any time soon, AV detection notwithstanding. Now that particular vulnerability is known, it’s certainly going to be exploited by other parties, at least until Microsoft produce an effective fix for it, and it will affect some end users long after that…

Microsoft Takes the Security out of Security Conferences

In May it was reported that IBM handed out some USB drives that were infected. A month later I spoke at a security conference that I will not name. I gave the AV (audio/visual) technician a USB key with my presentation on it to copy to the laptop they were using for the presentations. About

Marketing Misusing ESET’s Name

The individual concerned had received a phone call from someone claiming to be from Microsoft, and informing him that notification had been received concerning a virus infection on his PC, and offering to help him to install antivirus software. When asked what antivirus software was being offered, the caller claimed that it was ESET’s.

Keylogging taken seriously: Security upgrades in the new Hotmail

Microsoft Hotmail has a new feature: Out of Band Authentication via cell phone SMS Text. They call it ‘single-use codes’: Single-use codes This new security feature is designed to further protect you when you sign in from a public computer, such as those found in internet cafés, airports, and coffee shops. When you request a

Consecuencias de la Operación Aurora: ¿Google dejará de utilizar Microsoft?

Durante el día de ayer cientos de sitios web y redes sociales publicaron y comentaron una noticia que involucra a dos de las empresas tecnológicas más importantes del mundo: Google abandonaría Windows como Sistema Operativo. La noticia original fue la publicada por el Financial Times donde se afirma entre otras cosas (y en traducción libre):

Please do not change your password – The Boston Globe

I find it hard to not be shocked at a headline like this… Then I remembered the recent top cybercrime city survey conducted by one of our competing software vendors which had Boston ranked the SECOND HIGHEST risk city in the entire United States. I’m also not one to simply lie down and let cybercriminals

Vulnerabilidad 0-Day crítica en Microsoft Internet Explorer

Se ha descubierto que una nueva vulnerabilidad del tipo 0-day (identificada por MITRE como CVE-2010-0806) está circulando in-the-wild en Internet. Microsoft ha confirmado la vulnerabilidad 981374 y ha dicho que se encuentra trabajando en la solución. La vulnerabilidad hace uso de “use-after-free” (puntero de referencia inválida) en la librería iepeers.dll y afecta a las versiones

Patchwork for the Home and the Enterprise

SC Magazine's Dan Raywood reports that "To be completely patched requires an average of between 51 and 86 actions per year", quoting findings by Secunia that " in order for the typical home user to stay fully patched, an average of 75 patches from 22 different vendors need to be installed, requiring the user to

The Biggest Botnet in the World

You may have seen the news about the bot masters in Spain who were arrested. Defense Intelligence http://defintel.com/docs/Mariposa_Analysis.pdf dubbed this Mariposa botnet. It is claimed that this botnet had the power to perform much stronger attacks than what Estonia witnessed a couple of years ago.  Still, this botnet is dwarfed by the largest botnet in

Fake Conficker Alerts

Urban Schrott, IT Security & Cybercrime Analyst at ESET Ireland, reports seeing more e-mail pretending to be from Microsoft is circulating, "warning" computer users that "Conflicker" is again spreading rapidly. ESET's ThreatSense engine identifies the malware as Win32/Kryptik.CLU trojan, and running it would result in further malware infections. Here's an example Urban quotes of one

Microsoft y BMW utilizados para propagar Scam

En los últimos días hemos detectado amplia actividad en la propagación de ataques de scam, que particularmente utilizan los nombres de grandes marcas, como Microsoft y BMW, para engañar al usuario. En el caso de la empresa creadora de Windows, su nombre es utilizado para el envío de correos electrónicos indicando a los usuarios sobre

Falsos correos de Microsoft propagan malware

Esta semana han sido reportados distintos casos de propagación de malware con un factor común: la utilización de falsos correos de Microsoft como técnica de Ingeniería Social para llevar a cabo el ataque. A comienzos de semana, el blog de seguridad de ZDNet publicó el alerta sobre falsos correos de Microsoft, que alertaban a los

Fake Windows Update

[Update: I notice that at about the same time that I posted this, Sophos also flagged a blog reporting a somewhat similar fake update for Microsoft Outlook/Outlook Express (KB910721). The message is a lot different and links to a different site pretending to be Microsoft’s update site, but is clearly not to be trusted. So the

Falsas actualizaciones de Microsoft, infectan usuarios

En el día de la fecha hemos recibido una alta tasa de correos que simulan provenir de Microsoft y que mencionan una supuesta actualización de Live Messenger (correo en español) y otra de Windows (correo en inglés): En realidad lo que menciona el correo es falso ya que es fundamental conocer que Microsoft lanza sus

September’s Global Threat Report

ESET released its Global Threat Report for the month of September, 2009, identifying the top ten threats seen during the month by ESET's ThreatSense.Net™ cloud.  You can view the report here and, as always, the complete collection is available here in the Threat Trends section of our web site.  While the report identifies a number

SSL: to certify web security is not to guarantee it

Hard on the heels of the translated blog by Sebastián Bortnik that I posted at the weekend comes news from the Register (http://www.theregister.co.uk/2009/10/05/fraudulent_paypay_certificate_published/) of a bogus Paypal SSL certificate released yesterday exploiting a bug in Microsoft’s crypto API that has remained unpatched for more than two months, when Moxie Marlinspike (can I have a handle

Exploit público para vulnerabilidad de Microsoft

El 8 de Septiembre Microsoft publicó al alerta de seguridad 975497, donde se describe una vulnerabilidad en el protocolo SMB (Server Message Block) de los sistemas Microsoft Windows. Las versiones afectadas son Windows Vista, Windows Server 2008 y Windows 7 RC. El parche aún no está disponible, y se espera que el mismo esté disponible

Crisis? What Crisis?

In the AV industry, we’re not unaccustomed to security scare stories met with a debunking response. For example, Peter Norton was quoted in 1988 in Insight as saying that computer viruses were an urban myth, like the alligators supposed to inhabit the sewers of New York. (He did change his mind around 1990 when he gave

ThreatSense.Net® Report for July

Our July ThreatSense.Net® report has been released today, and will eventually be available from the Threat Center page here. Most of the top ten entries are old friends: well, familiar names might be a better way of putting it. One of the disadvantages of having a scanner that makes heavy use of advanced heuristics is

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2015 ESET, All Rights Reserved.