ESET Threat Blog

 In a recent blog I linked to my recent EICAR paper on AMTSO, but I also referred to an upcoming AMTSO workshop (last week in Munich, which explains the entirely gratuitous photograph taken at the Weihenstephan brewery) in which I anticipated a great deal of discussion about future directions.
Having returned a few days ago from … Read More…

Back in 2008, EICAR rejected a paper proposed by Andrew Lee and myself discussing the state of anti-malware testing and how it might be improved, on the grounds that it was “advertising” the fledgling AMTSO (Anti-Malware Testing Standards Organization) initiative. You can decide for yourselves whether that criticism was justified: the same paper was accepted … Read More…

In a recent blog on whether security professionals really don't use anti-virus (sorry, but quite a few of us do!) I mentioned a paper by myself and Julio Canto on the use and misuse of multi-scanner sites like VirusTotal.  Especially the (Virus-)totally inappropriate use of VT reports as some sort of substitute for real comparative testing.
I … Read More…

The slides from an AMTSO-oriented presentation by Larry Bridwell and myself at this year's Virus Bulletin conference, on "'Daze of whine and neuroses (but testing is FINE)" are now available on the Virus Bulletin site are now available here (along with some other excellent presentations).
The paper on which the presentation is based is on the ESET white papers page, … Read More…

With the publication last year of Aryeh Goretsky's paper “Twenty years before the mouse,” a personal perspective on  the history of viruses and malware so far, I took the opportunity to try something a little different for this blog by announcing it here in an article in an interview format.  
Since people seemed to like it, we … Read More…

I may have mentioned from time to time that ESET is a strong supporter of AMTSO (the Anti-Malware Testing Standards Organization), an international organization that promotes improved methodologies for testing security products.
Last week we held an AMTSO workshop in Prague. While there was some hard discussion around some topics that I'll come back to in … Read More…

EICAR (formerly known as the European Institute for Computer Anti-virus Research, though that title hasn't been used for a good while) is best known for its yearly conference and for the EICAR test file, which can be used as an installation check with most anti-virus programs to check that it's installed and active.
Sadly, I've been … Read More…

Congratulations to our friends at Virus Bulletin for yet another great conference (the 20th) in Vancouver this week. Congratulations also to our own Pierre-Marc Bureau, voted the best newcomer to the AV business at the conference.
By kind permission of Virus Bulletin, we've already put two of the papers written or co-authored by ESET researchers up … Read More…

[This is a joint statement made by a number of anti-malware researchers from a number of security companies, and has been more or less simultaneously published on several vendor sites.]
AMTSO (the Anti-Malware Testing Standards Organization) is a coalition of security professionals, including many antivirus product vendors, product testing organizations and publishers, and some interested individuals.
Given … Read More…

Further to my "top ten of top tens" post, I was encouraged by some queries to revisit the “Top Ten Mistakes Made When Evaluating Anti-Malware Software” list quoted by Kevin Townsend here.
As it was an AMTSO issue and most of the queries have related to an AMTSO blog post, I've returned to it (and slightly … Read More…