Do I need to worry about state-sponsored threats like Regin?

Since the discovery of Stuxnet several years ago, there has been a parade of targeted malware that may have been created or sponsored by nation states. Does an average person or business really need to worry about these things?

Support Scams: we don’t really write all the viruses…

…and nor are we responsible for fake AV/scareware and (more recently) ransomware, though I did suggest in a paper I presented at EICAR a couple of years ago that the bad guys who do peddle that stuff are all too proficient at stealing our clothes, and that maybe some security companies were making it easier

Stuxnet: Wired but Unplugged

I've stopped maintaining Stuxnet resource pages recently, but occasionally I come across an article that adds something useful to the mix, or simply summarizes aspects of the Stuxnet story neatly and accurately. Besides, its authors must be feeling a little left out with all that fuss about TDL4. ;-) A recent report in Wired gives

MS10-092 and Stuxnet

…among the 17 security bulletins just released by Microsoft on Patch Tuesday, MS10-092 addresses the Task Scheduler vulnerability prominently exploited by Win32/Stuxnet…

Fake Support: the War Drags On

After quite a few months of trying to raise public awareness of the problem of fake support cold-calling both here [and elsewhere, it's good to see other vendors also starting to publicize the issue. I've previously cited an article by Symantec's Orla Cox that describes one exchange of civilities with one of the scammers, and

Stuxnet Unravelled…

…Eric Chien … tells us that “Stuxnet requires the industrial control system to have frequency converter drives from at least one of two specific vendors…”

Stuxnet the Inscrutable

This is an item you may not have seen amid all the speculation about Stuxnet, Iran and Israel.

False Positives and Apportioning Blame

All this is potentially frightening and inconvenient (or worse) for a home user. And if it happens in a corporate environment, it can be very, very expensive to remedy. So while some of the public comments we see in the wake of such incidents may seem over the top, “FP rage” is certainly understandable.

Millennium Falcon: Crash & Burn Revisited

I originally posted this on the AVIEN blog site at http://avien.net/blog/?p=286, but in view of the increasing volume of "Y2.10k" date-related bug reports, I'll re-post it here with an updated list. (Thanks to Mikko Hypponen for posting a couple of links I hadn't seen.) Windows Mobile/SMS bug (Welcome to 2016!) http://www.theregister.co.uk/2010/01/05/windows_mobe_bug/ http://www.wmexperts.com/y2016-sms-bug Bank Bugs: http://www.theregister.co.uk/2010/01/04/bank_queensland/ http://www.msnbc.msn.com/id/34706092/ns/technology_and_science-security/?ocid=twitter]

What a performance!

 We came across an interesting test report at http://www.passmark.com/ftp/antivirus_10-performance-testing-ed2.pdf. Symantec commissioned a comparative performance test from Passmark. That is, a test measuring performance in terms of speed and resource usage rather than looking at detection rates. Not surprisingly, Symantec came out very well overall, and deserves congratulations for demonstrating how far it's gone in addressing

Fake Anti-Malware: Blurring the Boundaries

It won’t come as a surprise to regular readers of this blog that there’s a lot of fake/rogue anti-malware about. (see http://www.eset.com/threat-center/blog/category/fake-anti-malware-fake-software). However, a report released at RSA Europe goes some way towards quantifying that threat, and has created something of a stir in the media. That’s to be expected: journalists tend to love facts and figures. Anti-malware

Signed Updates and Social Engineering

Someone raised an interesting point in a comment to yesterday’s blog about Symantec’s own PIFTS.EXE being flagged by their own firewall as a possible problem. Let me quote the comment in full. I by no means buy into the super root-kit routine, I do however think that there will be copy cats (if not already)


PSST! Anyone remember the Telephone party game, also known by various politically incorrect names like Chinese Whispers and Russian Scandal? A series of reports like this and this illustrate a textbook example of how rumour and misunderstanding (some of it probably wilful) can transform a story into something very different to its original form. According

Conficker Resurgent

It appears there are interesting developments in the Conficker/Downadup development front. Peter Coogan of Symantec describes here a variant that doesn’t appear to be interested in infecting new machines, rather more so in updating and protecting itself on systems already infected with previous variants. (And, yes, ESET’s ThreatSense technology does already detect it heuristically!) It seems to have

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar


Select month
Copyright © 2014 ESET, All Rights Reserved.