ESET Threat Blog

[Updated. Twice. ]
'Tis the season to get ready for the autumn round of security conferences. For me, it starts at the beginning of September with a small but perfectly formed Forensics conference at Canterbury Christ Church University, in the UK, where I'll be presenting on "Man, Myth, Malware and Multiscanning" – a presentation I'm … Read More…

It occurs to me that I haven't recently posted any pointers to our content on SC Magazine's Cybercrime Corner, and now might be a good time to recap on what Randy and I have been posting there this month (so far…)
Babushka* dollars
David Harley, May 19, 2011
It's not surprising, given how much cybercrime originates in Eastern … Read More…

It's been a busy few weeks. Last week I was in Krems, Austria for the EICAR conference. The week before, I was in Prague for the CARO workshop (where my colleagues Robert Lipovsky, Alexandr Matrosov and Dmitry Volkov did a great presentation on "Cybercrime in Russia: Trends and issues" – more information on that shortly), … Read More…

Well, the EICAR conference earlier this month was in Krems, in Austria, where I hear that they're not averse to the occasional brandy, but I was actually perfectly sober when I delivered my paper on Security Software & Rogue Economics: New Technology or New Marketing? (The full abstract is available at the same URL.)
To conform with EICAR's usual … Read More…

That Magic Lantern thing just keeps raising its head (and an ugly little head it is too, poor thing…) Earlier this week I was in Krems, Austria, for the EICAR conference,and the story was alluded to in a paper by Eric Filiol and Alan Zaccardelle called “Magic Lantern… Reloaded/Anti-Viral psychosis McAfee Case," though it was kind … Read More…

The March Threatsense report at http://www.eset.com/us/resources/threat-trends/Global_Threat_Trends_March_2011.pdf includes, apart from the Top Ten threats:

a feature article on Japanese-disaster-related scamming by Urban Schrott and myself
news of the Infosec Europe expo in London on the 19th-21st April, the AMTSO and CARO workshops in Prague in May, and the EICAR Conference in Austria that follows
the story of a fake AV … Read More…

EICAR (formerly known as the European Institute for Computer Anti-virus Research, though that title hasn't been used for a good while) is best known for its yearly conference and for the EICAR test file, which can be used as an installation check with most anti-virus programs to check that it's installed and active.
Sadly, I've been … Read More…

Here are a few papers and articles that have become available in the last week or two.
Shortcuts to Insecurity: .LNK Exploits is an article for Security Week (http://www.securityweek.com) on the .LNK vulnerability classified as CVE-2010-2568 and exploited by Win32/Stuxnet.
Stuxnet is not the only malware that exploits this vulnerability, of course, and the September issue of … Read More…

I returned yesterday from Paris, where I attended the iAWACS and EICAR conferences. One of the papers I co-presented at EICAR was on performance testing (as opposed to detection testing). It was written by Ján Vrabec and myself, and it's called "Real Performance?" Here's the abstract:
The methodology and categories used in performance testing of anti-malware … Read More…

 
Some of us are currently busily preparing for the AMTSO workshop in Helsinki on the 24th and 25th May 2010, just before the CARO workshop on 26th and 27th May (for which registration closes on 12th May).
Before the Helsinki events, though, the EICAR conference in Paris includes some interesting testing-related material before and during the main conference.
Among the presenters … Read More…