ESET Threat Blog

Further to Pierre-Marc’s post on the 25th December about the resemblances between Waledac and Storm, I notice that Steven Adair of Shadowserver has been blogging some very nice notes on much the same topic. Well worth a look.
David Harley
jQuery(document).ready(function($) { window.setTimeout(‘loadLinkedin_321()’,1000);window.setTimeout(‘loadFBLike_321()’,1000);window.setTimeout(‘loadGoogle1_321()’,1000);window.setTimeout(‘loadGBuzz_321()’,1000);window.setTimeout(‘loadTwitter_321()’,1000); }); function loadLinkedin_321(){ jQuery(document).ready(function($) { $(‘.dd-linkedin-321′).remove();$.getScript(‘http://platform.linkedin.com/in.js’); }); } function loadFBLike_321(){ jQuery(document).ready(function($) { … Read More…

Lots of fuss about the paper presented at the Chaos Communication Congress in Berlin yesterday by Alexander Sotirov et al. The paper describes a proof-of-concept attack using a weakness in the MD5 cryptographic hash function to create a rogue Cerification Authority certificate using a hash collision (essentially, two messages with the same MD5 hash value). … Read More…

Here’s the second instalment of the "ten ways to dodge cyberbullets" that I promised you.
Keep applications and operating system components up-to-date with automated updates and patches, and by regularly reviewing the vendors’ product update sections on their web sites.
This point is particularly  relevant right now, given the escalating volumes of Conficker that we’re seeing … Read More…

We’re closing in on the end of 2008 and about to start 7D9, or 2009 for those who do not speak hex. I thought it might be a good time to remind you to change your passwords. There are some important things to remember about passwords. Despite the IT policies that are prevalent throughout the … Read More…

It’s that time of year when everyone wants a top ten: the top ten most stupid remarks made by celebrities, the ten worst-dressed French poodles, the ten most embarrassing political speeches, and so on. Our research team came up with a few rather more serious ideas, most of which are considered at some length in our about-to-be-published … Read More…

Well, not so much about punishment, but I’m sitting in the lounge with Andrew Davies’s version of Dr. Zhivago in the background, so I’m in a Russian mood…
My colleague Jeff Debrosse, Director of Research in our San Diego office, drew my attention to the latest FBI challenge at http://www.fbi.gov/page2/dec08/code_122908.html. Like many people in this business, … Read More…

I’ve just picked up a comment to a previous blog that pointed to what I presumed to be a malicious URL. We’re grateful for all such information, but for obvious reasons, we won’t approve comments that point to malicious code!
You can find information in our knowledgebase here about how to forward malware samples or false … Read More…

This is a sad item for Christmas Day morning. Castlecops have been making considerable efforts to fight crime on the Internet in many areas (surviving many an attack from the bad guys in the process) for a long time, but seem to have suspended the service on 23rd December. I hope there’s nothing more sinister … Read More…

Yesterday, we started to receive reports of emails pretending to carry links to holiday cards.  These emails contain a link that points to a file named ecard.exe.  Of course, this executable is not a seasonal holiday card but malware.  The reason this wave of malware has attracted our attention is that it is very similar … Read More…

I promised you some more thoughts on the AVAR conference. Randy Abrams and I put together a paper on user education for the conference (it should be up on our White Papers page quite soon) about the argument between the two main camps in security thinking on the topic. You could sum it up as … Read More…