ESET Threat Blog

At ESET, we spend a great deal of time researching the latest technologies and how they may be affected by frauds and scams.  Sometimes these are "old fashioned" spam through email, or they may be programs like fake antivirus programs or ransomware. And we certainly have blogged extensively about PC support scams where the caller … Read More…

Phishers always try to find new ways to bypass security features and trick ‘educated’ users. Over the years we have seen simplistic phishing attempts where the required information had to be typed into the e-mail body. This worked at that time because phishing was new and hardly anyone had a notion of the implications. Later, … Read More…

Do you use Google? These days the question sounds almost absurd. If you use the Internet, or an iPhone, or an Android phone, or a Kindle or an iPad, then of course you use Google in some shape or form. And if you take a keen interest in how your personal information is used, you … Read More…

In a recent survey of people in America who use their smartphone for work, less than a third said they employ the password protection on their smartphones. Although everyone will agree that not protecting your smartphone isn’t smart, it is all about memorizing. 
Everyone that has an Android-based device knows they do not have to remember … Read More…

This is a just a short post to make available the security awareness slides that I was using at the RSA Conference in San Francisco last week. Several people asked me for copies to use in their own awareness efforts and I am more than happy to oblige. I believe these slides can be effective … Read More…

Computer security is not created, nor is it improved, by calling people stupid. That's the conclusion I have arrived at after more than two decades in computer security and auditing. To put it another way, we should stop dropping the "S" bomb, especially when it comes to people who don't know any better.
Consider the phenomenon … Read More…

I have a theory that says improving information system security–the security of our operating systems, network connections, and applications–just means the bad guys will focus more attention on our endpoints, the digital devices we use to access the information and systems we need to do our work.
Furthermore, as we improve endpoint security technology, the people … Read More…

A few years ago, from time to time I used to visit the school where my wife taught IT, to talk to some of their students about IT security. In fact, we wrote a paper at that time(along with my good friend Eddy Willems), based on some research data we gathered between us in the … Read More…

Awhile back we posted findings of a Harris poll showing public perception of Internet security, with some interesting results. This time we take a look at whether respondents perceive the Government and/or their schools have an implicit responsibility, or whether it lands squarely on their shoulders in the end (or should).
Both schools and government have … Read More…

Cybersecurity Awareness Month is rolling on and I wanted to share some updates, from a free cybersecurity webinar series to a one-day symposium and a YouTube video contest (with great prizes, of course). Now in its eighth year, Cybersecurity Awareness Month takes place every October in the U.S. and I think it's finally getting the … Read More…