ESET Threat Blog

Fighting modern day piracy is something of a paradox; in an open system that allows freedom (good), scoundrels are also free to skulk around doing nasty things (bad). Various efforts have been made to pounce on evildoers, but it’s a game of whack-a-mole. When one has been thwarted, others pop up as variations on the … Read More…

Forensic software developer PassWare announced a new version of its eponymous software forensics kit on Tuesday. Already several news sources are writing about how the program can automatically obtain the login password from a locked or sleeping Mac simply by plugging in a USB flash drive containing their software and connecting it to another computer … Read More…

I just came across a post from The H telling us that US government warns of potential Stuxnet variants. Of course, concern about the availability and possible portability of the code is hardly a new concern, but it turns out the article refers to a "Statement for the Record" to the (deep breath) United States House … Read More…

So you bought insurance against a data breach. With all the potential loopholes and variables, is it worth the cost for the coverage required to handle a real-world scenario? That’s a tender subject these days at Sony. In light of their recent breaches, soaring near an estimated $180 million, it seems their insurance provider, Zurich … Read More…

Well, really there are far more, but the latest study from Imperva of 10 million attacks against 30 large organizations from January to May of 2011 cites a cocktail of techniques used by would-be hackers to spot the weaknesses and exploit them. For those of us who’ve tailed a log file spinning out of control … Read More…

The most common malware technique for avoiding detection is to create loads of “fresh” variants. Actually, the component that changes so frequently is the packer – the outer layer of the malware, used by malware authors to encrypt the malware and make it harder to detect – whilst the functionality of the malicious code inside … Read More…

Or so the latest report from DEBKAfile states, claiming the Stuxnet worm broke numerous Iranian centrifuges by forcing them to overspeed, causing damage and prompting the replacement of some 5,000-6,000 units. They cite “intelligence sources” as the source of information. Whether or not this will be confirmed, it seems malware authors clearly are targeting political … Read More…

With the proliferation of the data we hold on our mobile devices, it’s no wonder Neil Daswani, CTO of Dasient, says around 8% of the apps they tested have been leaking data. In a similar vein, he states, “The number of malware samples on mobile devices has doubled in the past two years.” Google … Read More…

You might think it strange, but the creation of viruses and malware isn't illegal in most jurisdictions. Most virus-writers have been prosecuted on secondary grounds such as unauthorized access or modification, malicious damage and so on. More recent malware authors, botmasters and such may also fall foul of similar issues, or other criminal activities such as fraud or … Read More…

2 days ago, the FBI announced a series of raids resulting in arrests of alleged members of the hacking group ‘Anonymous’. Hoping to deal a critical blow to the organization, they swept up more than a few potential members, and a tidy stash of computers to boot. So we’re done with ‘Anonymous’, right? Today, we … Read More…