Six months ago, Flashback was attracting a lot of attention from researchers and media due to its wide spread and interesting features. Since then, we have witnessed its operator abandoning control of the botnet by shutting down its latest command and control server. This happened in May this year. The number of infected systems has
ResearchExpert content, for researchers by researchers
There is very little research data on PIN prevalence available, so analysis of a new dataset of 4-digit passcodes can't be ignored.
Where to find more information about current trends in international ransomware design.
More on the Gaelic ransomware, and how to spot ransomware in your own language, even if you aren't Irish.
On Thursday, September 12, Duo Security, a young-but-respected vendor of two-factor authentication devices, announced the preliminary results of a study of over 20,000 Android devices from a two month old study they performed. Based on the results, they calculated that over half of Android devices on the market have security vulnerabilities that are, as yet,
Nitol versus Michelangelo: the supply chain is much more than the production line.
Now that Facebook’s timeline feature is in the final stages of being rolled out to all users (including, finally, to my account), it is important that everyone understands how to use the feature and, most importantly, how to secure your identity and privacy in its new context. Timeline is quite a simple feature, introduced by
For years, cyber criminals have organized their operations and traded resources through discussion forums and auction sites. One popular item to trade is access to virus infected PCs for cash. These trading schemes are often called pay-per install (PPI) programs. We have recently started an investigation on a new type of pay-per install program, this
Information about the August Global Threat Report and where to find other ESET resources
Well, that was a little unexpected. The Irish Times has reported the discovery of the “first Irish language virus“. (Further checking suggests that the story may have originated with the Donegal Daily.) Actually, it sounds less like a virus – there’s no indication of whether it self-replicates – than the kind of ransomware that we’ve
The odds against losing money may be better with cash machines than fruit machines, but why neglect simple, obvious precautions?
So, we read that one or more hackers claim to have gained access to Mitt Romney’s tax records, reported first in a Nashville paper, then in the tech/business press. The hack allegedly took place at the Franklin office of PriceWaterhouseCoopers just outside of Nashville, and PWC has alleged that no such thing happened. We have
If I sound confused it’s because I just saw my wife’s iPhone and iPad in a very strange place: a million line spreadsheet of iOS device data that includes the unique identifiers of her devices and the names she had given them, published by a group of hackers who call themselves AntiSec. This group claims
AV companies obey the law and cooperate actively with law enforcement. That doesn't mean they turn a blind eye to government spyware.
We read that “FinFisher spyware made by U.K.-based Gamma Group can take control of a range of mobile devices, including Apple Inc.’s iPhone and Research in Motion Ltd.’s BlackBerry…”, at the opening of a Bloomberg article that several readers of the ESET blog sent us yesterday, along with a number of questions that boil down
Now is the time to disable Java in your web browser, or even remove it from your system if that is practical. Why? The bad guys are hard at work trying to exploit a zero day vulnerability in the latest version of Java (version 1.7, Update 6.). This vulnerability is the subject of a US-CERT
Ahead of next week’s VMWorld in San Francisco, here are some thoughts on the safe use of cloud computing for smaller businesses, along with a podcast (see the link at end of the post). The Cloud concept, a flexible Virtual Machine (VM) based system that allows rapid expansion and dedicated functionality without hiring new staff,
More information about how tech support scammers have been using the Quervar/Dorifel outbreak to trick Netherlanders into giving them access to their systems and credit cards.
Ammyy is eager to disassociate its service from Indian tech support scammers misusing it, and has some good advice for victims and potential victims.
Carbon Black assert that if an AV company doesn't detect malware within six days of its being flagged on Virus Total, it probably won't after a month. Is that as dangerous as it sounds?