Malicious Apache module used for content injection: Linux/Chapro.A
More than half of all web servers on the Internet use Apache, so when we discovered a malicious Apache module in the wild last month, we were understandably concerned.
Research
A Load of (Red) Bull
A hoax/chain message claiming that a well-known energy drink poses a serious threat to health, is now spreading on Facebook.
Securing Your Holiday Tech Gifts, Part 1: Windows PC Guide
[UPDATE #1: (21 Dec 2012, 5:30PM) ESET Researcher Cameron Camp has just published the second part of this series on securing your Android device. Read it here on the ESET Threat Blog at Securing Your Holiday Tech Gifts, Part 2: Android Guide. AG] December is upon us, and whether you have a Christmas tree, menorah,
Advanced Heuristics
When something in your vicinity happens, you know right away if it is good or right. When the traffic light on a busy road is red, you know not to cross and when it is green you can cross, but still be looking around to see if it is safe. With different instances that are
Trends for 2013: astounding growth of mobile malware
In 2012 the number of unique detections of malware for Android increased globally by a factor of 17X (yes, that is 1,700%), and we expect the increase in 2013 to be even greater. This is one of the main predictions in the white paper we are releasing today: “Trends for 2013: astounding growth of mobile
Are your USB flash drives an infectious malware delivery system?
USB flash drives continue to present a serious challenge to information security, for consumers and companies alike. You will be aware of this if you read our recent article on the Win32/Pronny worm, just one example of a piece of malicious software that is “in the wild” and actively seeking to spread via USB flash
Diamonds are forever, and so are investment scams
Tempted to invest in colour diamonds or collectible bottles of wine? That irresistible offer could be a boiler room scam.
Maryam Abacha rides again: yes, Virginia, there IS a Sani‑ty Clause!*
419 (Advance Fee Fraud) scams aren't amusing to the victim, but the chutzpah of a dictator's wife claiming her $700m Swiss bankroll back is worth a chortle.
My Little Pronny: Autorun worms continue to turn
Malware activity exploiting Autorun on Windows computers has been generating quite a few calls to ESET support lines lately, reminding us that old infection techniques seldom die and USB flash drives can still be an effective means of getting malicious code onto a computer. USB drives can be used to infect computers that automatically execute
Why Anti‑Virus is not a waste of money
It has happened before, it just happened again and it will happen in the future. It is inevitable! Some company that needs to get some press coverage or public visibility will release yet another statement on how worthless Anti-Virus is, based on its own dysfunctional test. For this “test”, they used the VirusTotal service. VirusTotal
Password handling: challenges, costs, and current behavior (now with infographic)
Online passwords are a pain, and not just when you have to type them to access your online bank account or shop at your favorite digital emporium. Password pain extends to the people who have to manage them. A few weeks ago we shared some initial findings from a recent poll of 2,129 U.S. adults
Spying on Tibetan sympathisers and activists: Double Dockster*
Does the expression 'In the Wild' still mean anything today? Well yes, in the sense of something that is 'out there' threatening real-world systems. But things move a lot faster these days than they did in the 90s and later, fastburning mass-mailers notwithstanding. Just a few days ago (on the 30th of November, to be
Online Shopping and a Phishing Pheeding Phrenzy [3]
A shortened and updated version of the advice that David Harley and Andrew Lee gave to potential phish victims in an earlier paper. Part 3 of a three-part article on phishing scams old and new, and some of the ways to recognize the baited hook.
Online Shopping and a Phishing Pheeding Phrenzy [2]
Phishing scams and online shopping. Part 2 of a three-part article on phishing scams old and new, and some of the ways to recognize the baited hook.
Online Shopping and a Phishing Pheeding Phrenzy
Basics of phishing. Part 1 of a three-part article on phishing scams old and new, and some of the ways to recognize the baited hook.
PC Support Scams: a Forensic View
A paper for the Cybercrime Forensics Education and Training Conference looking at forensic issues that arose during our research into Tech Support Scams.
Brutalized! South Carolina breach exposes data security woes at State level
Brutalize? Yes, that’s what the Governor of South Carolina wants to do to the person who breached security at the South Carolina Department of Revenue (SCDOR) and exposed Social Security Numbers and other information pertaining to 3.6 million people, as well as 387,000 credit and debit card records. Speaking to the press on Friday, Gov.
Telephone Scams: it’s not all about PC support
Recently, I've been hearing about and receiving phone calls from people with Indian accents about something a little different from the classic your PC is virus-infected but you can pay me to get it fixed' support scam.
W8ing for V6: What ESET has in store for Windows 8 Users
[UPDATE: 10/23/2012, 3:00PM — Testing agency AV-Comparatives has reviewed both ESET NOD32 Antivirus and ESET Smart Security for Windows 8 compatibility. I have updated the blog post below. AG] The release of Windows 8 is this week and interest remains high in Microsoft’s new flagship operating system. We have already taken a
Olmasco bootkit: next circle of TDL4 evolution (or not?)
Analysis of the Olmasco bootkit: a TDL4 variation with an interesting approach to dropper technology