White Papers

86 reports
Windows 10 patching process may leave enterprises vulnerable to zero-day attacksDownload

Windows 10 patching process may leave enterprises vulnerable to zero-day attacks

Windows 10 patching process may leave enterprises vulnerable to zero-day attacks

Microsoft recently announced its new patch roll-out strategy for the latest incarnation of the Windows operating system. Aryeh Goretsky considers how the Windows 10 patching process might affect both the enterprise and the home user. Goretsky, A. Windows 10 patching process may leave enterprises vulnerable to zero-day attacks, March 2015, Virus Bulletin. Copyright is held by Virus Bulletin Ltd, but is made available on this site for personal use free of charge by permission of Virus Bulletin.

Windows Exploitation in 2014Download

Windows Exploitation in 2014

Windows Exploitation in 2014

A new version of our earlier report on major trends in Windows exploitation and mitigation for 2014.

TorrentLocker: Ransomware in a country near youDownload

TorrentLocker: Ransomware in a country near you

TorrentLocker: Ransomware in a country near you

In late 2013, the CryptoLocker ransomware gained a lot of attention. It was hit by Operation Tovar mid-2014. Although they share many similarities, TorrentLocker is a different threat.

Lemming Aid and Kool Aid: Helping the Community to help itself through EducationDownload

Lemming Aid and Kool Aid: Helping the Community to help itself through Education

Lemming Aid and Kool Aid: Helping the Community to help itself through Education

This paper, presented at the 2014 AVAR conference, looks at the difficulties  and possibilities of implementing cooperative initiatives for teaching computer hygiene in a complex 21st century threatscape.

Hesperbot – A New, Advanced Banking Trojan in the WildDownload

Hesperbot – A New, Advanced Banking Trojan in the Wild

Hesperbot – A New, Advanced Banking Trojan in the Wild

A new and effective banking trojan has been discovered targeting online banking users in Turkey, the Czech Republic, Portugal and the United Kingdom. It uses very credible-looking phishing-like campaigns, related to trustworthy organizations, to lure victims into running the malware.

Six Months with Windows 8Download

Six Months with Windows 8

Six Months with Windows 8

A look at Windows 8 during the first six months of its release. Just how well is it holding up, security-wise? The challenges faced by developers in securing Modern Windows and how piracy in the Windows Store might affect BYOD rollouts in the enterprise.

Advanced Evasion Techniques by Win32/GapzDownload

Advanced Evasion Techniques by Win32/Gapz

Advanced Evasion Techniques by Win32/Gapz

A presentation from the CARO workshop in May 2013, looking at the technology that makes Win32/Gapz arguably the most complex bootkit to date.

Boxer SMS TrojanDownload

Boxer SMS Trojan

Boxer SMS Trojan

Analysis of an SMS Trojan found on Android smartphones that is capable of executing SMS premium rate scams in a wide range of countries. ESET researchers in Latin America combine code inspection with investigation of consumer forums to reveal the first threat of the kind targeting Latin American countries, but with implications that are global.

‘PokerAgent’Download

‘PokerAgent’

‘PokerAgent’

The ‘PokerAgent’ botnet, which we have tracked in 2012, was designed to harvest Facebook log-on credentials, also collecting information on credit card details linked to the Facebook account and Zynga Poker player stats, presumably with the intention to mug the victims. The threat was mostly active in Israel.