Archive for the 'Blackhole' Category
Andrew Lee just drew my attention to a poll carried out by an IT magazine in the UK, asking the question ‘Do you think it's necessary to use paid-for anti-virus software to effectively protect your PC?’ Clearly this is a question that a lot of people ask, but the answer is more complicated than you … Read More…
This week Blackhole has been updated to version 1.2.3 and includes a new exploit for the Java CVE-2012-0507 vulnerability, which ESET calls Java/Exploit.CVE-2012-0507. Earlier this week information was published about the Blackhole update by French malware researcher Xylitol and last week Microsoft shared information about an interesting way of breaching the JRE (Java Runtime Environment) … Read More…
[More research from our colleagues in Russia]
In the beginning of February we found a new modification of our “old friend” Win32/Rovnix (the dropper detected as Win32/Rovnix.B trojan), which is the first bootkit using VBR (Volume Boot Record) infection. An interesting fact is that Rovnix bootkit components were used in Win32/Carberp, the most widely spread banking … Read More…
This article was written in collaboration with my colleague Jean-Ian Boutin.
The Wigon botnet (also known as Cutwail) is being used in a massive spam campaign. A multitude of ruses are used to get the user to click on a link: fake LinkedIn or Facebook notifications, free Windows licenses, fake deliveries etc. The links are pointing … Read More…
- David Harley (740)
- Randy Abrams (431)
- Cameron Camp (111)
- Stephen Cobb (62)
- ESET Research (56)
- Pierre-Marc Bureau (51)
- Aryeh Goretsky (31)
- Andrew Lee (15)
- Robert Lipovsky (12)
- Jeff Debrosse (12)
- Paul Laudanski (11)
- Sebastian Bortnik (8)
- Dan Clark (6)
- Righard Zwienenberg (6)
- Sébastien Duquette (5)
- Peter Stancik (4)
- Alexis Dorais-Joncas (3)
- Tasneem Patanwala (3)
- Aleksandr Matrosov (2)
RSS
