A week ago the big malware news was the code known as Flame, Flamer, or sKyWIper (detected by ESET as Win32/Flamer.A), then on June 1, this news broke: "A damaging cyberattack against Iran’s nuclear program was the work of U.S. and Israeli experts and proceeded under the secret orders of President Obama." (Washington Post) Clearly,
ResearchExpert content, for researchers by researchers
DNSChanger, a piece of malware that re-routed vast swathes of Internet traffic through rogue DNS servers after users became infected, was shut down by the FBI late last year. But simply shutting down the servers altogether would have ‘broken’ many hundreds of thousands of computers still infected–rendering it difficult for them to get help via
Despite the confusion and the stampede to claim detection ownership, W32/Flamer is more than a media sensation.
The latest research on the Win32 Carberp gang and the technicalities and evolution of the malware, as presented at CARO 2012.
How serious can a malicious software infection be these days? Short answer = Very. The video below is a 16 minute answer to that question using pictures of what a malware infection looks like to the bad guy who manages to get a RAT installed on a victim machine. That’s R.A.T. for Remote Access Tool
I was interviewed yesterday by Fred Donovan, following up on the paper on AMTSO I presented at EICAR earlier this month. I may be prejudiced, but I think he's summarized my current thoughts on the topic pretty well in the article, though it isn't my recommendation that the existing guidelines be reviewed independently: it was
At ESET, we spend a great deal of time researching the latest technologies and how they may be affected by frauds and scams. Sometimes these are “old fashioned” spam through email, or they may be programs like fake antivirus programs or ransomware. And we certainly have blogged extensively about PC support scams where the caller
AMTSO's discussions on its own new directions, and updates to its testing-related resources.
Like Facebook, Twitter wants to know which websites you visit and so it has a system for tracking you as you click from site to site, a fact that leads to a pair of interesting questions: “Did you know that?” and “Are you okay with that?” As we will see in a moment, this system
If the smartphones of ESET bloggers are any indication, scams executed via SMS text, known as smishing or SMS phishing, are on the rise. I don’t do a lot of texting, which makes a smish easy to spot on my phone, but I just read an amazing statistic from a Pew report: Users 18 to
A new conference paper discusses whether AMTSO has the credibility to achieve its aims of raising testing standards on its own.
Here are two staggering Facebook privacy statistics: Nearly 13 million US Facebook users have never set, or don’t know about, Facebook’s privacy tools, and only 37 percent have used Facebook’s privacy tools to customize how much information is shared with third parties. That’s according to a Consumer Reports survey released earlier this month. Given that
When we relayed the FBI/IC3 warning to travelers about a threat involving hotel Internet service overseas last week it produced a lot of requests for advice on how to respond to the threat. So a few of us researchers at ESET came up with a list of data security tips for travelers. These tips will
We have just completed fresh analysis of the malicious software known as Win32/Festi. While the "Festi" botnet created with this malware has been in business since the autumn of 2009 we can see that the software is frequently updated, as described in our analysis, and these updates mean Festi continues to be a potent threat
We received a worrying notice today from the Internet Crime Complaint Center (IC3) which is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C), The headline reads: "Malware Installed on Travelers' Laptops Through Software Updates on Hotel Internet Connections." We felt that the warning which followed the
A short comment piece on how Facebook memetic games could be used in a data aggregation attack.
Internet Storm Center is running a poll on Fake Tech Support Calls, also the topic of a paper for VB 2012.
The wave of new data technology making its way into the next generation of cars – ranging from vehicles which semi-autonomously drive themselves, to realtime data streaming onto head's up displays – begs the question: will they be safe from cyber shenanigans, or will you have to deploy security software on your next (probably hybrid)
The consumer cloud expanded again this week with the addition of Google Drive to more familiar brands like Dropbox, Microsoft SkyDrive, Apple iCloud, and Amazon Cloud Drive. Unfortunately, most of these cloud-based file storage services come with privacy and security caveats, often involving language such as "You give us the right to access, retain, use
What do printed QR codes and NFC (Near Field Communication) chips have in common, besides storing instructions that computers can read? They are both hackable and their ability to store and communicate computer instructions is bound to be abused, if not already, then sometime soon. This happens to every new means of communication; QR and