ESET Threat Blog

DroneBL, a site that tracks IP addresses that considered vulnerable to abuse that some sites use for its DNSBL (blocking list), blogged yesterday on the fact that it’s been subjected to a Distributed Denial of Service attack (DDoS), apparently by systems infected with malware going by the name of psyb0t.
According to the blog, this … Read More…

Well, Adobe are still not speaking to me: I’ve had no information about updates to address the recent Acrobat vulnerability/exploits to either of the addresses I subscribed to its Security Notification Service. (See PPPS below.)
However, something positive is happening out there in the old clay homestead: updates have arrived for a machine on which I … Read More…

Virus Bulletin have announced the results of a trial run of its new anti-spam product testing, where one product scored platinum, two scored gold, and two scored silver, based on their average scores in the test.
However, you won’t actually get to know which products they were on this occasion: quite rightly, VB has anonymised the results … Read More…

[Updated after further investigation.]
For the past few days, I’ve been seeing spam to one of my accounts offering me various bits of software. Nothing unusual about that, of course, but this one was better constructed than usual, and consistent, and I made a mental note to look more closely when I’m a little less busy. … Read More…

Further to our previous blog about the use of TinyURL to obscure malicious links, a family member drew my attention to a problem she was having with the TinyURL site. Every time she tried to access a TinyURL link, she got a page advertising security products. (She was using their free firewall.) It turned out, though, that this … Read More…

The Tech Herald have brought it to our attention that Comodo, a security company who include an antivirus product in their range, have backed the BBC’s action in buying and exploiting a botnet for the Click programme’s story. This is clearly swimming against the tide – virtually all the mainstream anti-malware companies who’ve commented have … Read More…

My good friend Righard Zwienenberg received one of these emails claiming that Jacques Tits wanted to register his company’s name. You can read of his experiences at http://norman.com/Virus/Blog/righard_zwienenberg/56117/en-us.
I just had a little fun with the scammers. Righard strung them along for a while. It is an interesting read complete with email exchanges. My emails were … Read More…

So far, Google’s response to my blog has been identical to the response you get from abuse@blogspot.com, except without the delayed and failed delivery notifications. Yes, I actually did get a delayed delivery notification from the email I sent to abuse@blogspot.com, and then later a delivery failure. I suspect that from Google’s perspective there is … Read More…

A few Days ago I posted a blog titled “The Tits Alternative”. As it turns out, I was not the only one to see this scam. Trefor Davies, the CTO at Timico wrote a post about this also at http://www.trefor.net/tag/domain-names/
If you search for “Jacques tits” AND “Domain” you will find this scam has also … Read More…

There was a comment posted today on an article on the SC Magazine site from someone who seemed to think we were talking up an obsolete exploit. He seems to have been thinking about this one: "Microsoft Security Bulletin MS08-014 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029)". (Which fixes this issue, … Read More…