ESET Threat Blog

I have a theory that says improving information system security–the security of our operating systems, network connections, and applications–just means the bad guys will focus more attention on our endpoints, the digital devices we use to access the information and systems we need to do our work.
Furthermore, as we improve endpoint security technology, the people … Read More…

Here are some recently released podcasts by ESET Rearchers, addressing current topics such as the recent VeriSign hacks, the takedown of MegaUpload, and the problems with using good malware to catch the bad guys:
1. VeriSign, Credit Card Processor, Hacked Multiple Times
2. Mega Upload Website Shutdown by U.S. Department of Justice
3. Is The Stop Online Piracy … Read More…

Scam artists and cybercriminals are looking to turn romance into profit now that Valentine's Day approaches, possibly taking over your computer in the process. According to ESET researchers in Latin America, we can expect the quest for love to be leveraged as an effective social engineering ploy to enable the bad guys to infect unsuspecting … Read More…

A few years ago, from time to time I used to visit the school where my wife taught IT, to talk to some of their students about IT security. In fact, we wrote a paper at that time(along with my good friend Eddy Willems), based on some research data we gathered between us in the … Read More…

In response to recent reports that malicious apps may have made their way into the official Android Market, Google has responded by announcing a new program to more proactively scan the Market and developer accounts for seemingly malicious apps and highlights and/or remove them before users experience trouble.
Traditionally, the barriers of entry for developers in … Read More…

Update: Mila's own blog on the topic is now available here. Other vendors may find the MD5 useful:   A1B3E59AE17BA6F940AFAF86485E5907. However, Mila reports that detection of the sample is already improving.
Update 2: just to clarify, Aleksandr and Eugene should get the credit for the analysis, as is usual with our collaborations. I'm just the scribe/editor … Read More…

As legislators grapple with increasingly vocal smartphone owners concerned with privacy, a new Bill before the U.S. House of Representatives aims to require mandatory consumer consent prior to allowing the collection or transfer of data on such devices.
You may recall that a company called CarrierIQ recently became the center of attention after a user found … Read More…

Privacy and security issues have generated a lot of criticism of Facebook in the past, some of which has been published here on the ESET Threat Blog. So it is only fair that we give Facebook credit for positive steps it has taken on the security front. One security measure that has impressed me recently … Read More…

Aleksandr Matrosov, one of my colleagues in Moscow, writes:
This month we discovered some new facts relating to Win32/Carberp trojan activity. We have spent a lot of time writing about Carberp already, but interesting information is still coming to light. The first interesting information to attract our attention recently concerned stealing money from Facebook users. Before … Read More…

Awhile back we noted a case where Ramona Fricosu, a woman accused of involvement in a mortgage scam, was asked, following a law enforcement raid in which her laptop was seized, to decrypt data on the device for use as evidence, potentially incriminating her. She pleaded the 5th Amendment protection against self-incrimination and refused to … Read More…