Expert content, for researchers by researchers


AV Lingo, et al

A reader recently sent in a batch of questions that I thought might be of general interest.  I also invited other members of the Research team to chime in with their thoughts. Question 1- When it is critical to give a malware specific name? [David Harley answers…] For detection/remediation purposes, it isn't really necessary for

What Do You Get When You Fall In Love?

Let's consider the words of the song "I'll Never Fall In Love" by Burt Bacharach and Hal David: "What do you get when you kiss a girl? You get enough germs to catch pneumonia After you do, she'll never phone ya I'll never fall in love again" OK, it's confession time. I am single and

RSA, AMTSO, the Universe and Everything

There was an AMTSO (Anti-Malware Testing Standards Organization) panel session here at RSA, where Larry Bridwell, Righard Zwienenberg, Andreas Marx, Roel Schouwenberg and Neil Rubenking talked about AMTSO and what it does (and what it hopes to do). And I added to my list of qualifications for being involved with the organization: current vendor representative,

Greetings Austin!!!

After having launched the Securing Our eCity campaign ( in San Diego, ESET is taking cyber security education to Austin Texas. ESET will be offering free educational seminars about cyber security in Austin. ESET recently commissioned a survey of 551 residents of Austin, Texas.  24% of the people interviewed reported that they or someone they

The Biggest Botnet in the World

You may have seen the news about the bot masters in Spain who were arrested. Defense Intelligence dubbed this Mariposa botnet. It is claimed that this botnet had the power to perform much stronger attacks than what Estonia witnessed a couple of years ago.  Still, this botnet is dwarfed by the largest botnet in


Greetings, friends and fiends. I've been uncharacteristically quiet for the past couple of weeks, due to the AMTSO workshop last week in Santa Clara. There was, as usual, some lively discussion: though no papers were approved at the meeting, some are close enough to finished to be voted on shortly. (See also the AMTSO blog

RSA Highlight: Howard A. Schmidt

While RSA 2010 is in high-gear, I took some time out from meetings, speaking at our booth theater and catching up on threats, to listen to the recently-appointed  Cybersecurity Coordinator (Cyber-Czar) share his views on issues involving cybersecurity as well as his objectives and priorities.  The interview started off with an introduction which revealed a

More statistics on infections

Last year (, we posted statistics collected through our online scanner logs.  Below, you will find updated statistics on the number of infected  hosts, malicious files and malware families found on infected systems. In general, the statistics we are seeing in through our online scanner logs are consistent with our observation from last September.  We

Buzz, Privacy, Google, and You

A couple of weeks ago Google added Buzz to Gmail and in doing so exposed the contacts of many users without their knowledge. This created quite a stir and Google had to make some changes fairly quickly. I am quite interested in the thoughts of people concerning how Google launched Buzz and if it changed

Come See Us at RSA

If you’re going to be attending RSA in San Francisco next week, stop by our booth (#1751) and say hi! ESET bloggers Jeff Debrosse, David Harley, and I will be there.  Jeff and I will take turns presenting “Security’s Rosetta Stone: Translating security to human behavior”. You can also enter a drawing to win some

Too Many Chiefs and not Enough Indians

Ahhh that was a coworker’s favorite saying each time administrators would make idiotic decisions because they weren’t in the trenches to see the effects of their decisions. There is a result from the National Cyber Security Alliance survey that I find specifically interesting. First, let me preface this by saying the thing you learn most


The NCSA (National Cyber Security Alliance) just released the detail of a survey of educators and technologists concerning both cybersecurity and cyberethics education in the schools. Cyberethics is prevention. It attempts to decrease cybercrime by teaching that it really is still crime and not very nice.  Cybersecurity is teaching defense. If I covered the whole

Does Anyone Know WHOIS Out There?

A report was recently released which examined the accuracy of the information within the WHOIS system. WHOIS services are intended to provide free public access to information about the registrants of Internet domain names. This report was commissioned by ICANN, the body that oversees the allocation & registration of Internet domain names. Probably the most

New White Papers

Two new white papers have been posted on the white papers page at (1) "Ten Ways to Dodge CyberBullets" by David Harley Around New Year it seems that everyone wants a top 10: the top 10 most stupid remarks made by celebrities, the 10 worst-dressed French poodles, the 10 most embarrassing political speeches and

Ten Ways to Dodge Cyber‑Bullets (Part 10)

[Part 10 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series is also available shortly at as a white paper.] Don’t be a Crackhead Don’t use cracked/pirated software. Such programs provide an easy avenue for introducing malware into (or exploiting weaknesses in) a

Ten Ways to Dodge Cyber‑Bullets (Part 9)

[Part 9 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series is now available as a white paper at] Be Wireless, not Careless Don’t connect to just any “free Wi-Fi” access point: it might alter your DNS queries or be the “evil twin” of

Avoiding Conflict

Some of you may be aware that some users have recently encountered problems with one of Microsoft's security updates. Some user's systems would crash with a "Blue Screen Of Death" (BSOD) after installing Microsoft's latest batch of security updates. The problem has been narrowed down to the MS10-015 update. It seems that systems that have

The Google End Game

I came across an interesting side effect of Google forcing Gmail to be a social networking site. A young lady in middle school replied to a Buzz about what you think about Buzz. Her response? “I am just getting the hang of Buzz right now too. I don't really go on blogging websites since my

Class Action Lawsuit Filed Against Google for Buzz This is not a surprise. Google made an egregious privacy error when they published people’s private contacts without consent.  In a recent blog entry at the official Gmail blog, Google claims to have rolled out the improvements they had promised. The feedback is that the improvements are not working and Google continues to