I received a couple of questions from a reader about cleaning files. I thought the topic might be of interest to more than the reader, so I decided to post and answer the questions here, as well as providing a bit more information. The first question is: When an AV cleans an infected file, why
R.I.P. IE6 Targeted and sophisticated attacks against Google, Adobe, and Juniper used an unpatched vulnerability in Internet Explorer to breach computers. These incidents are receiving a lot of attention from the media much due to the size and notability of the companies affected. France, Germany and now Australia have issued guidelines and urged users to
Apple has released its first patches of 2010 and if you are running Snow Leopard I recommend you apply the patches. Apple users have the distinct advantage of Windows users of predominantly being ignored. Despite the fact that playing a malformed audio file can cause arbitrary code execution (which means your Mac is vulnerable to
There is a vulnerability in Internet Explorer that Microsoft will patch tomorrow. Normally Microsoft releases patches on the second Tuesday of each month, but in the case Microsoft is making the patch available much sooner. The most probable reason for the “out of band” patch is that this vulnerability received a ton of attention as
Jeff Debrosse, ESET's Senior Director of Research, has published some further resources on his personal blog at http://jeffdebrosse.wordpress.com/2010/01/15/haiti-info-and-update/ (help resources and security resources). As he explains there, Jeff is personally and emotionally closer to this tragedy than most of us, and I hope that his family all turn up safe and sound. I've also received pointers to
SC Magazine recently reported a malicious application in Google’s Android online market store http://www.scmagazineus.com/malicious-apps-found-in-googles-android-online-store/article/161001/. Due to the highly open nature of Android applications, this is going to probably be a huge problem. Here is the real irony. Many people will probably switch from Android to the iPhone because of the security concerns. Why is it
Update: more resources I picked up on a security list just now (I'm drowning in email here!) Apologies for any duplication. Update 2: more additions below. @imaguid pointed out in a microblog that there's a pattern to the use of social engineering around disasters like the Haiti earthquake: "first comes the tragedy, then malware purveyors exploiting the
[Part 4 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series will also be available shortly as a white paper.] Good Password Practice Use different passwords for your computer and on-line services. Also, it’s good practice to change passwords on a regular basis
You may have seen the news that Facebook is teaming up with McAfee to improve security. Frankly, providing users with McAfee’s product is not likely to do much in terms of improving security. Facebook users all over the world have access to free and paid solutions, so this isn’t likely to make a big difference.
In this day of high tech international data theft, sometimes we forget that all of the old school attacks are still out there. There was a stark reminder reported by Apple Insider. Apple purchasers may be at more risk because of the high dollar value of Apple computers compared to PCs. If I go to
It doesn't surprise me when someone says, like David Einstein of the San Francisco Chronicle, that there's no need for a Mac user to run anti-virus software. Though the most usual reason I see given is that there aren't any Mac viruses. (There are, but nowadays the main reason to run anti-malware on any platform
I just noticed a blog on "Security vendor’s “top-threat” list proof for their less-than-perfect performance?" at http://hype-free.blogspot.com/2010/01/security-vendors-top-threat-list-proof.html. The essential point seems to be that periodic virus detection statistics (like our monthly ThreatSense reports) are likely to be based in part on infections spotted on a protected machine when a signature/update is released that wasn't available
You might have noticed that there are certain issues that press my buttons: the Beeb's botnet, Mac myopia, using Virus Total as a substitute for comparative detection testing. And malware naming, an issue on which I've blogged several times recently. http://www.eset.com/threat-center/blog/2010/01/09/today-we-have-naming-of-err-malware-1 http://avien.net/blog/?p=121 The estimable Kurt Wismer has taken me to task – well, Tom Kelchner
You may have gathered from some of the blogs published here last year that i'm not biggest fan of the BBC's "Click" programme. I regard the Beeb's forays into buying botnets and stolen credit card details and making active use of them as at best naive. I agree that people need to be aware of such issues,
We're now getting into preparations for the next meeting of AMTSO (Anti-Malware Testing Standards Organization), on 25th-26th February in Santa Clara. In the meantime, I wrote an article for Virus Bulletin called "AMTSOlutely Fabulous" about "the story so far". It's just appeared in the January edition of the magazine. Of course, it's only available to subscribers
Sunbelt have responded to an article in Infosecurity about what I described way back in the early 90s (when putting together the alt.comp.virus FAQ) as the “thorny issue of malware naming”. Well, I’ve been banging the drum about educating users and pretty much everyone else away from the concept that malware naming is useful for quite
The Register reports that "Home Secretary Alan Johnson has confirmed that the National Identity Register contains National Insurance numbers and answers to 'shared secrets'." See: http://www.theregister.co.uk/2010/01/07/id_register_includes_ni_numbers/ Johnson was responding to a parliamentary question about "what information will be held on the National Identity Register which is not held on the UK Passport Database." Inevitably, there
I recently got a new MacBook Pro and set up Windows 7 and ESET Smart Security on it. This morning when I started the computer ESET Smart Security notified me that my operating system wasn’t up to date. This was a bit of a surprise because I updated everything when I installed the operating system.
As our December ThreatSense report (now available at http://www.eset.com/threat-center/threat_trends/Global_Threat_Trends_December_2009.pdf) was not only the last of the year but the last of the decade, it's rather longer and more detailed than usual, including a look back at the last 12 months. I suppose we could have gone back over the whole decade, but I have to
I recently received a couple of questions about malvertising in my askeset@eset.com. AskESET@eset.com is used only to field general security questions, I cannot and do not offer product support. Malvertising is a multi-compound word. Mal, in this case is short for malware, which means malicious software. “vertising” is the advertising portion of the word, so
