ESET Threat Blog

I was interviewed yesterday by Fred Donovan, following up on the paper on AMTSO I presented at EICAR earlier this month. I may be prejudiced, but I think he's summarized my current  thoughts on the topic pretty well in the article, though it isn't my recommendation that the existing guidelines be reviewed independently: it was … Read More…

 In a recent blog I linked to my recent EICAR paper on AMTSO, but I also referred to an upcoming AMTSO workshop (last week in Munich, which explains the entirely gratuitous photograph taken at the Weihenstephan brewery) in which I anticipated a great deal of discussion about future directions.
Having returned a few days ago from … Read More…

Back in 2008, EICAR rejected a paper proposed by Andrew Lee and myself discussing the state of anti-malware testing and how it might be improved, on the grounds that it was “advertising” the fledgling AMTSO (Anti-Malware Testing Standards Organization) initiative. You can decide for yourselves whether that criticism was justified: the same paper was accepted … Read More…

The slides from an AMTSO-oriented presentation by Larry Bridwell and myself at this year's Virus Bulletin conference, on "'Daze of whine and neuroses (but testing is FINE)" are now available on the Virus Bulletin site are now available here (along with some other excellent presentations).
The paper on which the presentation is based is on the ESET white papers page, … Read More…

With the publication last year of Aryeh Goretsky's paper “Twenty years before the mouse,” a personal perspective on  the history of viruses and malware so far, I took the opportunity to try something a little different for this blog by announcing it here in an article in an interview format.  
Since people seemed to like it, we … Read More…

[Updated. Twice. ]
'Tis the season to get ready for the autumn round of security conferences. For me, it starts at the beginning of September with a small but perfectly formed Forensics conference at Canterbury Christ Church University, in the UK, where I'll be presenting on "Man, Myth, Malware and Multiscanning" – a presentation I'm … Read More…

It's been a busy few weeks. Last week I was in Krems, Austria for the EICAR conference. The week before, I was in Prague for the CARO workshop (where my colleagues Robert Lipovsky, Alexandr Matrosov and Dmitry Volkov did a great presentation on "Cybercrime in Russia: Trends and issues" – more information on that shortly), … Read More…

I may have mentioned from time to time that ESET is a strong supporter of AMTSO (the Anti-Malware Testing Standards Organization), an international organization that promotes improved methodologies for testing security products.
Last week we held an AMTSO workshop in Prague. While there was some hard discussion around some topics that I'll come back to in … Read More…

The March Threatsense report at http://www.eset.com/us/resources/threat-trends/Global_Threat_Trends_March_2011.pdf includes, apart from the Top Ten threats:

a feature article on Japanese-disaster-related scamming by Urban Schrott and myself
news of the Infosec Europe expo in London on the 19th-21st April, the AMTSO and CARO workshops in Prague in May, and the EICAR Conference in Austria that follows
the story of a fake AV … Read More…

The February ThreatSense Report is now available from the ESET Threat Center. As well as the top ten threats reported globally by our ThreatSense.Net telemetry, it includes feature articles from Josep Albors and Urban Schrott, as well as some shorter news items:

From Russia with spam (Josep Albors)
Misplaced trust in trustworthy names? (Urban Schrott)
Nothing exceeds like … Read More…