ESET Research | WeLiveSecurity

Bio

ESET Research

ESET Research

Articles by author

Conficker Launches Cyber Attack Against Big Ben

In an apparent effort to cause British commuters to miss their trains, Chinese hackers have ordered the Conficker.C botnet to randomly change the time on the venerable and vulnerable Big Ben. This has caused millions of Londoners to be late for work this morning. Hey, this is no more ridiculous than trying to protect against

Watch out for the Honda Accords

Why watch out for the Honda Accords?  Well, automobile accidents are one of the leading causes of injury and death and Accords are very common cars. This sounds pretty silly, doesn’t it? I mean, wouldn’t it make sense to drive like any car is a potential threat and drive as best as you can to

Ask ESET

I have an email address, askeset@eset.com that I use to field general security questions. I can’t use this for support questions, or licensing questions though. We have trained support people who do product support full time and these people have the most up to the minute information required to support our products. For general security

Foil Conficker Get Rid of AutoRun

OK, this doesn’t actually foil Conficker, but it does block one of the attack vectors and prevents many other threats from automatically infecting your computer too, It is the longest standing un-patched Microsoft vulnerability and Microsoft calls it a “feature”. The idea of autorun is to attempt to make it so that a person can

Don’t Be An April Fool!

The highly publicized Conficker worm has a new version that is assumed to trigger on April 1st. There are a few steps you should take right now. First, back up any important data. This is just plain sound advice, regardless of viruses, worms, etc. A hard drive crash can destroy data. Make sure that the

There’s more to Jacques Tits Than Meets the Eye

My good friend Righard Zwienenberg received one of these emails claiming that Jacques Tits wanted to register his company’s name. You can read of his experiences at http://norman.com/Virus/Blog/righard_zwienenberg/56117/en-us. I just had a little fun with the scammers. Righard strung them along for a while. It is an interesting read complete with email exchanges. My emails

Arggghhh Google

So far, Google’s response to my blog has been identical to the response you get from abuse@blogspot.com, except without the delayed and failed delivery notifications. Yes, I actually did get a delayed delivery notification from the email I sent to abuse@blogspot.com, and then later a delivery failure. I suspect that from Google’s perspective there is

About The Domain Scam, etc.

A few Days ago I posted a blog titled “The Tits Alternative”. As it turns out, I was not the only one to see this scam. Trefor Davies, the CTO at Timico wrote a post about this also at http://www.trefor.net/tag/domain-names/ If you search for “Jacques tits” AND “Domain” you will find this scam has also

Google – The Pirate’s First Mate

When it comes to software piracy, it is hard to find a more complicit, competent, and friendlier ally than Google, assuming you are a pirate. Google owns the popular blogging site “Blogspot.com”. If you want to know how to illegally gain access to software, blogspot is probably one of the premier resources on the internet

The Tits Alternative

OK, I bet you think I am making this up, but this is real. The Tits alternative is a theorem by an award winning Belgian mathematician named Jacques Tits. According to Wikipedia:  “In mathematics, the Tits alternative, named for Jacques Tits, is an important theorem about the structure of finitely generated linear groups. It states

Introducing,,,

Perhaps this is a little relevant to some of our readers… We just released version 4 of ESET Antivirus (NOD32), and ESET Smart Security. If you have a valid license, then there is no charge for the upgrade. Take a look at http://www.eset.com/smartsecurity/ for the “What’sNew” information. Randy Abrams Director of Technical Education

Feeling Vulnerable?

This is a follow up to David Harley’s post “Targeted Excel Malware Revisited.” I know that for some people “exploiting a vulnerability” is no clearer than the US tax code, so I’ll try to make it a bit more understandable. A “vulnerability” simply means that there is a problem with a program. In this case

TomTom to Get Bit by Microsoft Again

I read this morning that Microsoft is going to sue the GPS maker TomTom for patent infringement. You might recall that TomTom sold a GPS with malware already installed on it. It wouldn’t have been much of a problem if it wasn’t for Microsoft technology. It is Microsoft’s security nightmare called “autorun” that made having

Securing the Perimeter

I recently had the fantastic opportunity to participate on a panel discussion concerning cyber security. The event was hosted by the Bellevue Chamber of Commerce and coordinated by the US Chamber of Commerce and the Department of Homeland Security. Last year the Bush administration launched the Comprehensive National Cyber security Initiative or CNCI. Although focused

The Least Agile Acrobat

Adobe Acrobat has a history of tripping over security and they do so, in part, because Adobe seems to be determined to prove that they cannot be forced to learn from history, Adobe has spent years trying to repeat the mistakes of Microsoft Office’s early macro fiasco by including JavaScript in Adobe Reader and then

A Little Extra Information

I recently started writing weekly tech tips for the San Diego Chamber of Commerce. If you are interested in these tips you can find them at http://www.sdchamber-members.org/TechTip.htm. Past tips are archived there as well. Randy Abrams Director of Technical Education  

The Oldest Un‑Patched Microsoft Vulnerability

It is the longest standing un-patched Microsoft vulnerability I know of, and Microsoft calls it a “feature”. Microsoft calls it “autorun”, I call it “auto-infect”.  The idea of autorun is to attempt to make it so that a person can use a computer with a minimum amount of knowledge. This emphasis away from education is

That Wasn’t Your Sweetheart

Pierre Marc just posted about “Win32/Waledac for Valentine’s Day”. The fake greeting cards are an ongoing scam. As Pierre Marc indicated, this one is using polymorphism, which is a fancy way to say the malicious software disguises itself to look different each time someone encounters it. This is done to break signature based detection, which

More on HIPAA is not privacy

Back in January I blogged about a shortcoming of HIPAA. HIPAA legislation is, in part, supposed to help protect our privacy when dealing with health care providers. Unfortunately there is a hole in the legislation that you can fly a Boeing 747 through. May of us have to log on to a web site to

Threat Trends In January

Here at ESET we have just released our Global ThreatTrends report for January 2009. Not surprisingly, at the top of the list is a family of programs that exploit Microsoft’s longest unpatched vulnerability. That’s right, Autorun.inf, is an evil “feature” that should have been patched out of existence a long time ago. Since it is