Bio

ESET Research

ESET Research

Articles by author

Some People Just Don’t Get It

I read an article on the Newsweek Blog today http://blog.newsweek.com/blogs/techtonicshifts/archive/2009/12/22/antivirus-under-attack-from-polymorphic-threats-and-you.aspx In the blog the author states “Individuals and corporate users are storing less data on their hard drives and more in the cloud — remote servers, operated by giants like Google and Amazon. With less valuable data on individual PCs, the need for virus protection

The New Cyber Security Coordinator

Today it was announced that Howard Schmidt will become the Cyber Security Coordinator for the White House. First off, it’s about time the press stopped calling the position “Czar”. I met Howard Schmidt when he and I both worked at Microsoft. It was right after I had spent a little time teaching helpdesk how to

What Does The World Know About You?

Social networking sites have become living biographies of people and may set them up for social engineering attacks. From time to time I enjoy looking to see what I can find out about people who send question to me using the AskESET@eset.com address. I won’t ever name names, but I wanted to share one example.

PDF – Pretty Darned Fatal

Adobe PDF files were supposed to be a safe alternative to Microsoft Word documents in a time when Microsoft offered no effective protection against macro viruses and had virtually no security model in Office at all. Times change. Microsoft Word documents rarely spread macro viruses and have not for a long time if you are

Upgrade or Die

OK, it isn’t quite that dire, but if you are using Windows XP Service Pack 2, support for that version of the operating system will end in July 2010. If you plan to stay with Windows XP a while longer then it’s a good time to upgrade to service pack 3 if you have not

Que Sera Sera – A Buffet of Predictions for 2010

I was recently asked to share some predictions about what 2010 will bring in the security space. I asked some colleagues from ESET Research to share their thoughts as well -Randy Randy Abrams Director of Technical Education Social Engineering attacks will continue to grow in prevalence. As operating systems and eventually applications become more secure,

Don’t Let a Hacked Website Get You

In a recent article it was reported that more that 300,000 websites had been booby trapped. http://www.theregister.co.uk/2009/12/10/mass_web_attack/. The bad guys were able to compromise these websites and insert programs so that if you visit the web site it will try to infect your computer. You have no way of knowing if a web site has

Behavior Blockers, Immunizers, CRCs, and Active Monitors

I recently received a question at AskESET@eset.com that I thought would be of general interest, so I am answering it here. Could you tell me what the differences among Behavior Blocker, Immunizers, CRCs, and Active monitors? Thanks. A behavior blocker is a type of program that prevents certain actions from being taken. A behavior blocker

Drive‑by Downloads

I recently received a question at askeset@eset.com that I think maybe of interest to more than just the author. I read an interesting article written by Kaspersky Lab titled "Drive-by Downloads.  The Web Under Siege" and have a question I was hoping you could answer. (I have included a link to the article below.)  Are

Holiday Shopping Deadlines

In just a couple of weeks you will be out of time to shop online and have that gift delivered in time for the holiday. I expect that there will be a surge in phishing attacks designed to take advantage of the panic factor. You get an email that says something to the effect that

PayPal Admits to Phishing Users

Yes, it is true, I am not making this up. I do not believe that PayPal has stolen anything from users, but they have told me that their own email is phishing. Here’s what happened. I sent them one of their own legitimate emails and told them it was a bad idea to include a

The Perils of Craig’s List

Frankly, I am really amazed that Craig’s list has not been much more attacked. They must be doing something right. Still, the opportunities for social engineering attacks seem quite bountiful to me. So far the majority of scams I have heard about involve old fashioned attacks, like having someone send an item they sold after

PayPal Phishing

With the holiday purchasing season in full swing, expect to see a rise in PayPal phishing attacks. The bad guys know that there is a high likelihood of increased PayPal use. As we get closer to Christmas, the need for timely orders will increase. This will probably result in a lot more of the phishing

Whitelisting and the iPhone

The much reported/blogged iPhone worm does not affect all iPhones. Specifically it affects SOME iPhones that have been jailbroken. A significant part of the iPhone and iPod Touch security model is a technique called “whitelisting”. This is not new and is known to be a very effective security technology that can be used to prevent

Don’t be a Turkey!

Yes, the time is now here for Thanksgiving e-Cards. Before you click on a link to go get your eCard, make sure that your operating system is fully patched. Even if you use automatic updates, it’s a good idea to go to update.microsoft.com and make sure you’re fully patched. Next try out the Secunia vulnerability

Some Demographics of Cybercrime Risk

I wanted to share with you some more results from the cybercrime survey ESET commission and recently released. You can find the entire report at http://www.eset.com/company/CERC_Poll_2009_Oct.pdf. 57% of American computer owners now bank online, however the more money a person makes the more likely they are to bank online. 2/3rds of computer owners who earn

What if your Virusproof Computer Catches a Virus?

An Australian company claims to have launched a “virus-proof” computer. They even say “ A fast, easy to use, computer that never gets viruses, EVER !” and then on the same page say “In the rare event that you manage to catch a virus on your virus-proof computer, we will re-load both Zone 1 and

Is Cyber Monday the End of Shopping as We Know it?

Cyber Monday is the Monday that follows Thanksgiving in the USA. This is said to be the busiest online shopping day of the year. Does that mean that there is more risk of cybercrime? The answer is yes and no. There is more risk simply because more people are shopping online so malicious web pages,