ESET is seeing a new step of evolution for the Rovnix bootkit family.

…criminals are making use of the fact that Quicktime Player 7.6.6 allows movie files to trigger file downloads…the volume of reports picked up our ThreatSense.Net® telemetry suggests the likelihood of significant prevalence, though by no means an epidemic right now…

A reader recently sent in a batch of questions that I thought might be of general interest.  I also invited other members of the Research team to chime in with their thoughts. Question 1- When it is critical to give a malware specific name? [David Harley answers…] For detection/remediation purposes, it isn't really necessary for

[Part 10 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series is also available shortly at http://www.eset.com/download/whitepapers.php as a white paper.] Don’t be a Crackhead Don’t use cracked/pirated software. Such programs provide an easy avenue for introducing malware into (or exploiting weaknesses in) a

I recently learned a new acronym: SODDI (Some Other Dude Did It). What this refers to is the defense that criminals routinely use (plausible deniability) – and even more so when it comes to illicit activities on the Internet. On Sunday, November 8th 2009 the Associated Press published an article regarding an individual that was

There’s been a certain amount of buzz in the past couple of days about messages claiming to link to Wire Transfer information, but actually related to a Trojan commonly called Delf or Doneltart. ESET is detecting the examples we’ve been seeing as a variant of Win32/TrojanDownloader.Delf.OZG. The messages generally look something like this (at least,

Over the weekend our colleagues at ESET Latin America found that Slideshare was being used to spread malware. As they haven’t found much information on the web about this, Sebastián Bortnik blogged today about what they found. (Errors in translation and interpretation should be attributed to David Harley!) I’ve added some thoughts and some content

We’ve just finished working on our monthly Threat Report. There aren’t many surprises in the top ten threats for June. Conficker has taken over the "top spot", relegating INF/Autorun to second place. It’s difficult to say for sure what the significance is, given the relatively small percentage point involved: minor fluctuations in proportions from month