ESET Threat Blog

[This is a free translation of a blog by my colleague at ESET Latin America, Sebastián Bortnik. As ever, mistakes in translation and interpretation are down to me. Would this be a bad time to mention the AVIEN Malware Defense Guide for the Enterprise? DH]
Considering security in the enterprise is no easy task: … Read More…

Update: It seems like the initial article is inaccurate and that Paul Rellis never made any such comments about a 14 year old breaking into the X-Box live servers and have not offered to mentor him http://kotaku.com/5805742/microsoft-is-helping-an-xbox-live-hacker-develop-his-talent
TekGoblin reports (http://www.tekgoblin.com/2011/05/27/14-year-old-call-of-duty-hacker-hired-by-microsoft/) that a teenager who broke into the Call of Duty Modern Warfare 2 gameservers last month, … Read More…

Greetings Dear Reader,
We have published guidance material previously on passwords and passphrases, some are blogs and some are lengthier depending on your liking (link & link).  Even still it is always good practice to reinforce sensible password techniques.  For this blog, I plan on sharing an analogous self-ritual, and one that relies on a third … Read More…

On Thursday I will be participating in a cloud computing security discussion. The virtual event is free and you can register for it at http://techweb.com/iwkcloud. The entire agenda for the event can be found at https://www.techwebonlineevents.com/ars/eventregistration.do?mode=eventreg&F=1002827&K=MAA9&tab=agenda.
Do note that the times listed are EST. I will be participating between 2:45 and 3:30 PM EST.
Even if you … Read More…

This short video blog explains a bit about typo squatting. For our readers who are not native English speakers, typo means typographical error, or in plain English, it means you typed the wrong letters in. Some websites buy domains with similar names so that you will still get where you want to go if you … Read More…

It is generally well-understood that antimalware programs—the software which detects computer viruses, worms, trojan horses and other threats to your system—work by scanning files using signatures they already have. A signature could be as simple as a string[i] (like using the "find" command in your word processor to locate a particular piece of text) or as … Read More…

Here in the Cyber Threat Analysis Center we’re starting to add video blogs. If the threat information I share doesn’t scare you, maybe my picture will
This short video blog is about drive-by downloads. This is aimed at helping people who are not technical to understand the nature of the threat. Drive-by downloads are … Read More…

In response to my recent cookie theft blog a reader asked the following questions:
What is VPN, what is SSL and what is the significance of https?
What precautions can we take if we need to do Internet banking from a public computer, Internet café for example?
VPN, SSL and https are all about encryption. Encryption is what … Read More…

It was a tough choice to choose a title for this post. I also considered “It ain’t necessarily so” for a title.
This blog is aimed at our less technical users, but perhaps more technical users will find it useful as a teaching aid as well. Today I am going to teach you how to write … Read More…

A day or two ago I put up a blog pointing to a number of resources relating to social media and privacy, primarily Facebook (and to a lesser extent Twitter).
One of the articles I mentioned there was Kevin Townsend's   Talking privacy and Facebook with Alexander Hanff. Hanff is Head of Ethical Networks at Privacy International, and his thoughts … Read More…