tag
Windows 7

Falla de seguridad en Viber: información sin cifrado en sus servidores

Investigadores han descubierto una falla de seguridad en el modo en que Viber, la popular aplicación de mensajería instantánea y llamadas, recibe imágenes, doodles y videos, así como también la forma en la que envía o recibe información de ubicación geográfica. También se ha detectado que Viber almacena información sin cifrado en sus servidores, y

Time to Move On From Windows XP

Windows XP comes to an end of sorts on April 8, 2014. After this, Microsoft will cease providing security updates or support for this venerable operating system. ESET discusses implications and resources.

Pwn2Own: Premiando la seguridad

Es muy común escuchar acerca de conferencias de seguridad, al igual que del descubrimiento de nuevas vulnerabilidades o vectores de ataques…pero ¿qué si se combinan ambos en una competencia para aumentar la seguridad? Bueno, esto es lo que sucede en Pwn2Own, una competencia iniciada por el equipo de Zero Day Initiative de TippingPoint DVLabs que

Linux y Windows: unidos por el Autorun

Para los lectores frecuentes del blog, o aquellos que lidien día a día con casos de soporte técnico, con seguridad conocerán si les hablo del archivo autorun.inf. Este, alojado en la carpeta raíz de dispositivos extraíbles, es uno de los vectores de ataque más utilizados por los creadores de malware, para propagar sus amenazas por

That’s One Small Step for Windows…

And a giant step for users! While working on a blog soon to follow this I discovered a behavior in Windows 7 that Microsoft has changed to make a small, but meaningful improvement in security. For decades the bane of IT professionals has been users who double click on anything they can. This has lead

Autorun and Windows 7

Autorun and Windows 7. Long time readers know that I think autorun was Microsoft’s longest unpatched vulnerability. For Windows 7 Microsoft has made some serious improvements, but for older versions of Windows Microsoft has ignored the obvious vulnerability and only offered the patch as an optional download instead of making it a critical update, as

End of Year, End of Decade

As our December ThreatSense report (now available at http://www.eset.com/threat-center/threat_trends/Global_Threat_Trends_December_2009.pdf) was not only the last of the year but the last of the decade, it's rather longer and more detailed than usual, including a look back at the last 12 months. I suppose we could have gone back over the whole decade, but I have to

Ten Ways to Dodge Cyber-Bullets (Part 2)

[Part 2 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series will also be available shortly as a white paper.] Catch the Patch Batch Keep applications and operating system components up-to-date with automated updates and patches, and by regularly reviewing the vendors’ product

Ten Ways to Dodge Cyber-Bullets (Part 1)

OK, so I lied about not doing a top ten. Twice. For a paper that's going through the publication process at the moment, I revisited some of the ideas that our research team at ESET LLC came up with this time last year for a top ten things that people can do to protect themselves

Vulnerabilidad 0-day para Windows 7

A pocos días del lanzamiento definitivo de Windows 7, aparece la primer vulnerabilidad 0-day para este sistema operativo. Se trata del descubrimiento por parte de un tercero de un error en el protocolo SMB (Server Message Block) que puede generar una denegación de servicio en el sistema remoto, congelando la pantalla, el mouse y el

iPhone Hack Tool: a Postscript

Update: there's more information on the Windows 7 exploit mentioned below in a Register article at http://reg.cx/1FcX. Update 2: I keep seeing references to this as a virus or worm. However, the code I've seen does not contain any self-replicative functionality. It's not even a Trojan, as such. Following an extract from one of my

Windows 7 Security

The long awaited successor to Windows XP has been released? It’s Windows 7. What about Windows Vista? Well, to be frank, windows Vista is to the Windows family what DOS 4.0 was to the DOS family. For those of you who do not recall the DOS family line, DOS 4.0 was a bit of a

SMB2 0-Day update

Microsoft’s advisory on the SMB driver issue is now available. As expected, it includes some comments on mitigation, but they’re rather fluffy. It advocates "Firewall best practices and standard default firewall configurations", which "can help protect networks from attacks that originate outside the enterprise perimeter,"  and suggests exposing a "minimal number of ports". Well, duh… I’d expect any firewall

SMB2 zero-day

Some traffic has crossed my radar concerning a 0-day exploit that apparently enables a remote attacker to crash a Vista or Windows 7 system with SMB enabled (and according to subsequent reports, Server 2008). The original post and exploit are claimed to demonstrate the possibility of a Blue Screen Of Death (BSOD) and (normally) an automatic reboot when

Reporte de amenazas de mayo

Los problemas de infección por gripe porcina no sólo se limitan a la vida social de las personas sino que también captó la atención en los internautas para infectar sus equipos a través de Ingeniería Social. Sin lugar a dudas, mayo se caracterizó por este y otros temas en materia de malware, que a continuación

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
24 Apr 2014
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.