Does the expression 'In the Wild' still mean anything today? Well yes, in the sense of something that is 'out there' threatening real-world systems. But things move a lot faster these days than they did in the 90s and later, fastburning mass-mailers notwithstanding. Just a few days ago (on the 30th of November, to be
Our friends (and competitors) at Sophos blogged about a new threat that poses as a Windows Update and then infects unsuspecting users with a fake antivirus product. The update appears to be very real and is tricking users. While my colleagues at Sophos offer excellent advice to help people protect themselves (as I believe we
Pierre-Marc and I reported a few days ago that we were seeing both new malware and older families starting to incorporate the same .LNK exploit used by Win32/Stuxnet. We also predicted that “…more malware operators will start using this exploit code in order to infect host systems and increase their revenues.” Well, that was a pretty safe bet.
Perhaps you're getting as tired of this thing as I am (though with the information still coming in, I'm not going to be finished with this issue for a good while, I suspect). But without wishing to hype, I figure it's worth adding links to some further resources. There's a very useful comment by Jake
ESET is not going to try to capitalize on McAfee's unfortunate false positive problem (and nor, I'm sure, is any other reputable vendor). Such problems can arise for any AV vendor: it's an inevitable risk when you're trying to walk the line between the best possible detection of threats and avoidance of false detections (someone please
(1) Websense, our neighbour in San Diego, has reported a fake anti-malware scam centred on Labor Day social engineering. The scam uses malicious SEO (Search Engine Optimization) techniques, sometimes referred to as index hijacking or SEO poisoning, to misdirect potential victims. When the victim uses Google to search for Labor Day sales (apparently these are very