ESET Threat Blog

Well, okay, if you happen to be an extremely fast reader. The Association of Anti Virus Asia Researcher’s (AVAR) 14th AVAR Conference just wrapped up in Hong Kong on Friday. This year, the focus was on security issues in and around the emerging Asian security market, and how to rise to the challenge. As one … Read More…

According to a report from the New Zealand Herald, the US government is formally requesting China release more details on its censorship activities. The action, being pursued under World Trade Organization rules, is purportedly aimed at leveling the playing field of foreign websites trying to compete in China.
The idea is that if the US can … Read More…

I've been seeing a lot of wordage today about Dmitry Alperovitch's Shady Rat report, ranging from "Wow! Who knew?!" to "Nothing new here." Or, as Paul Wagenseil puts it, Don’t Believe the Hype: 'Operation Shady RAT' Is Nothing New. Well, "hype" is way too strong. There's some interesting stuff in the report. However, it's not startlingly … Read More…

[Update: the Washington Post article to which "A Dude" refers in his comment is here.]
Back in 2009 I blogged about the fact that UK telecoms giant BT was buying in components for its £10 billion network from the Chinese telecoms supplier Huawei. This article came in part from a leaked memo demonstrating concerns in Whitehall at the time that … Read More…

Now that cyberwarfare is out of the bottle, will anyone agree to not use it? In the summer of 1945 in New Mexico, the Trinity test gave rise to the term ground zero. Could Stuxnet may be measured as a definitive ground zero in cyberwarfare comparable to Trinity?
Concerning Stuxnet’s latest rise in China, David Harley … Read More…

I’m not always in alignment with Jeffrey Carr’s point of view but in this he is spot on. Succinct and to the point, Jeffrey Carr addresses cybercrime, cyberwarfare rules of engagement and forecasts the United States’ rapid decline:

Should these trends continue unabated, we will have no one to blame but ourselves as the economical and … Read More…

UPDATE: Kurt Wismer has just reminded me of a very apposite blog he posted in 2007: http://anti-virus-rants.blogspot.com/search/label/single%20sign-on.]
A little more information further to my earlier blog. The H (Heise) gives us a number of links to its earlier stories about the Google compromise and tells us that Google have declined to comment on the New York … Read More…

Spoof or SPOF?
IT Security reportage veteran John Markoff reports in the New York Times that the attack on Google's intellectual property reported in January was even more interesting (and disquieting) than most of us realized. According to an unnamed source, some of the information stolen related to the company's password system, Gaia.
Gaia is a single sign-on … Read More…

It has been a year since we last discussed fraudulent domain name registrar scams and we wanted to let people know that this scam continues unabated.
In a nutshell, a message is sent to a publicly-visible email address listed on your website (sales, support, the CEO's office, a public relations contact, et cetera) from a Chinese … Read More…

Well, hopefully my power sockets are not leaking computer viruses and keyloggers, but who knows?
Quite a few news outlets have picked up on a story in the Wall Street Journal claiming that spies from China and Russia have "penetrated the U.S. electrical grid". Scary… A little too scary and not enough detail to convince some commentators, … Read More…