The slow drip of revelations about Flame have kept this piece of malware in the news for more than two weeks so it is worth reminding people that most antivirus programs now protect against Flame (ESET products detect it as Win32/Flamer.A). The coverage of Flame was boosted last week by a conveniently-timed assist from leaks
ResearchExpert content, for researchers by researchers
With the recent announcements of password breaches at LinkedIn, and warnings from Google about state-sponsored attacks on Gmail accounts, it seems like a good idea now to review some password security basics. In this blog post, we’re going to take a look at a rather low-tech solution to a decidedly high-tech problem: How to guard
It's important to know the worst password choices, but also the worst choices for numeric passcodes.
This morning when I logged into LinkedIn I was greeted with several front page references to the reported hacking of the site, and instructions for changing my password, which I did immediately. This is a good time to change all of your social media passwords, making sure you create a fresh password that is hard
We read in the New York Times that Google is rolling out a service that will attempt to alert users when it thinks their accounts might be subject to hacking by a government, hoping the user will take precautions after getting a notice that says “Warning: We believe state-sponsored attackers may be attempting to compromise
Aleksandr Matrosov and Eugene Rodionov presented their research into â€œSmartcard vulnerabilities in modern banking malwareâ€ at PHDays'2012.
Group-IB and ESET Russia assisted in the investigation that led to the arrest of 6 people suspected of stealing 125m roubles from bank customers in Russia .
A week ago the big malware news was the code known as Flame, Flamer, or sKyWIper (detected by ESET as Win32/Flamer.A), then on June 1, this news broke: "A damaging cyberattack against Iran’s nuclear program was the work of U.S. and Israeli experts and proceeded under the secret orders of President Obama." (Washington Post) Clearly,
DNSChanger, a piece of malware that re-routed vast swathes of Internet traffic through rogue DNS servers after users became infected, was shut down by the FBI late last year. But simply shutting down the servers altogether would have ‘broken’ many hundreds of thousands of computers still infected–rendering it difficult for them to get help via
Despite the confusion and the stampede to claim detection ownership, W32/Flamer is more than a media sensation.
The latest research on the Win32 Carberp gang and the technicalities and evolution of the malware, as presented at CARO 2012.
How serious can a malicious software infection be these days? Short answer = Very. The video below is a 16 minute answer to that question using pictures of what a malware infection looks like to the bad guy who manages to get a RAT installed on a victim machine. That’s R.A.T. for Remote Access Tool
I was interviewed yesterday by Fred Donovan, following up on the paper on AMTSO I presented at EICAR earlier this month. I may be prejudiced, but I think he's summarized my current thoughts on the topic pretty well in the article, though it isn't my recommendation that the existing guidelines be reviewed independently: it was
At ESET, we spend a great deal of time researching the latest technologies and how they may be affected by frauds and scams. Sometimes these are “old fashioned” spam through email, or they may be programs like fake antivirus programs or ransomware. And we certainly have blogged extensively about PC support scams where the caller
AMTSO's discussions on its own new directions, and updates to its testing-related resources.
Like Facebook, Twitter wants to know which websites you visit and so it has a system for tracking you as you click from site to site, a fact that leads to a pair of interesting questions: “Did you know that?” and “Are you okay with that?” As we will see in a moment, this system
If the smartphones of ESET bloggers are any indication, scams executed via SMS text, known as smishing or SMS phishing, are on the rise. I don’t do a lot of texting, which makes a smish easy to spot on my phone, but I just read an amazing statistic from a Pew report: Users 18 to
A new conference paper discusses whether AMTSO has the credibility to achieve its aims of raising testing standards on its own.
Here are two staggering Facebook privacy statistics: Nearly 13 million US Facebook users have never set, or don’t know about, Facebook’s privacy tools, and only 37 percent have used Facebook’s privacy tools to customize how much information is shared with third parties. That’s according to a Consumer Reports survey released earlier this month. Given that
When we relayed the FBI/IC3 warning to travelers about a threat involving hotel Internet service overseas last week it produced a lot of requests for advice on how to respond to the threat. So a few of us researchers at ESET came up with a list of data security tips for travelers. These tips will