ESET Threat Blog

The Wall Street Journal recently ran an interesting article at http://online.wsj.com/article/SB125487044221969127.html.
Of note, was a quote from Los Angeles District Attorney Steve Cooley who said “These days, "practically every crime, from drug dealing to murder, involves digital evidence" .From the invention of the knife, to the gun, to the telephone and car, criminals have always used … Read More…

Recently there were reports of tens of thousands of hotmail passwords being posted on the web. In reality Hotmail, Gmail, Yahoo mail, and all email services are regularly being phished.
If you receive an email telling you to provide your password it is a phish. That is as simple as it gets. Never give out your … Read More…

ESET released its Global Threat Report for the month of September, 2009, identifying the top ten threats seen during the month by ESET's ThreatSense.Net™ cloud.  You can view the report here and, as always, the complete collection is available here in the Threat Trends section of our web site.  While the report identifies a number … Read More…

Hard on the heels of the translated blog by Sebastián Bortnik that I posted at the weekend comes news from the Register (http://www.theregister.co.uk/2009/10/05/fraudulent_paypay_certificate_published/) of a bogus Paypal SSL certificate released yesterday exploiting a bug in Microsoft’s crypto API that has remained unpatched for more than two months, when Moxie Marlinspike (can I have a handle … Read More…

Some readers will be aware of my long-standing connection with the Anti-Virus Information Exchange Network (AVIEN) at http://www.avien.net (I hold the title of Chief Operations Officer there). AVIEN has now instigated a member’s blog at http://www.avien.net/blog, and I’ve put up a couple of blogs today on testing to help kick it off (Andrew Lee, my former … Read More…

The long awaited successor to Windows XP has been released? It’s Windows 7. What about Windows Vista? Well, to be frank, windows Vista is to the Windows family what DOS 4.0 was to the DOS family. For those of you who do not recall the DOS family line, DOS 4.0 was a bit of a … Read More…

Update, 19th October. I was recently contacted indirectly by Eddy Nigg of StartCom, who points out, quite rightly, that this issue is not specific to StartCom, nor a problem created by StartCom. He commented further in a comment to Dan Raywood’s article for SC Magazine arising from this blog entry, and I think it’s only … Read More…

jQuery(document).ready(function($) { window.setTimeout(‘loadLinkedin_1841()’,1000);window.setTimeout(‘loadFBLike_1841()’,1000);window.setTimeout(‘loadGoogle1_1841()’,1000);window.setTimeout(‘loadGBuzz_1841()’,1000);window.setTimeout(‘loadTwitter_1841()’,1000); }); function loadLinkedin_1841(){ jQuery(document).ready(function($) { $(‘.dd-linkedin-1841′).remove();$.getScript(‘http://platform.linkedin.com/in.js’); }); } function loadFBLike_1841(){ jQuery(document).ready(function($) { $(‘.dd-fblike-1841′).remove();$(‘.DD_FBLIKE_AJAX_1841′).attr(‘width’,’92′);$(‘.DD_FBLIKE_AJAX_1841′).attr(‘height’,’20′);$(‘.DD_FBLIKE_AJAX_1841′).attr(‘src’,'http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fblog.eset.com%2F2009%2F10%2F03%2Fvb-2009-another-view&locale=en_US&layout=button_count&action=like&width=92&height=20&colorscheme=light’); }); } function loadGoogle1_1841(){ jQuery(document).ready(function($) { $(‘.dd-google1-1841′).remove();$.getScript(‘https://apis.google.com/js/plusone.js’); }); } function loadGBuzz_1841(){ jQuery(document).ready(function($) { $(‘.dd-gbuzz-1841′).remove();$.getScript(‘http://www.google.com/buzz/api/button.js’); }); } function loadTwitter_1841(){ jQuery(document).ready(function($) { $(‘.dd-twitter-1841′).remove();$.getScript(‘http://platform.twitter.com/widgets.js’); }); }

Search engines are free, powerful and efficient tools. But the same tools can be used to exploit the unsuspecting visitor who trusts the search results. Malicious SEO (Search Engine Optimization) is one such tactic where criminals spread malware through infected websites and poisoned search results. (This is sometimes referred to as index hijacking or SEO … Read More…

"Now may I suggest some of the things we must do if we are to make the American dream a reality. First, I think all of us must develop a world perspective if we are to survive. The American dream will not become a reality devoid of the larger dream of brotherhood and peace and … Read More…