ESET Threat Blog

Andrew Lee just drew my attention to a poll carried out by an IT magazine in the UK, asking the question ‘Do you think it's necessary to use paid-for anti-virus software to effectively protect your PC?’ Clearly this is a question that a lot of people ask, but the answer is more complicated than you … Read More…

Even visiting security-oriented websites can sometimes be risky. If you’ve visited the security blog zerosecurity.org this month and you’re also a user of ESET’s security products, you might have encountered an anti-virus alert such as this one:

The detection names may vary. Different variants of the following “generic families” were detected on the compromised websites on different … Read More…

I have a theory that says improving information system security–the security of our operating systems, network connections, and applications–just means the bad guys will focus more attention on our endpoints, the digital devices we use to access the information and systems we need to do our work.
Furthermore, as we improve endpoint security technology, the people … Read More…

Just published in SC Magazine's Cybercrime Corner, expanding on a conversation I had recently with Kevin Townsend, is an article on "Great Expectations" that discusses WPS, "Whoops!!!," the Grim Reaver, and what you can expect from anti-virus. In terms of vulnerability detection, that is.
I'm tempted to say "what the Dickens!" but perhaps I won't in case … Read More…

In recent years there has been a tremendous increase in the Russian region in the number of sites redirecting users to the Black Hole exploit kit. In most cases, successful exploitation of a vulnerability in client software leads to the installation onto the victim’s machine of either the trojan Win32/TrojanDownloader.Carberp or of Win32/Carberp (the version … Read More…

Since yesterday’s Much Ado About Facebook post in the ESET Threat Blog, we have written additional articles, received a few comments, and also received updated information on the “threat,” so it seems that now is a good time for a follow-up article.  Reports continue to come in of pornographic and violent imagery on Facebook, and … Read More…

Amidst a lack of fanfare this past weekend on a mailing list, a memory exhaustion hack popped up for the Apache webserver that may result in a Denial-of-Service (DoS) style attack. Since the Apache application serves up north of 65% of the websites on the internet, a plausible attack becomes quite an issue, especially if … Read More…

Facebook recently launched a facial recognition feature that allows you and others to “tag” photos with your name. As has been the norm for Facebook, this “feature” is turned on by default and users must take their own initiative to limit, or turn it off. The implications are wide-ranging, so if you or anyone in … Read More…

I notice that among the 17 security bulletins just released by Microsoft on Patch Tuesday, MS10-092 addresses the Task Scheduler vulnerability prominently exploited by Win32/Stuxnet.
We will be updating our Stuxnet analysis shortly, but what's really notable about this bulletin for me is the fact that it draws on cooperation between Microsoft, itself an AV vendor, … Read More…

Really – should any Alpha version be fed through a chipper-shredder like Diaspora has? The basics are simple:

The basic premise behind Diaspora is that it will allow users to have social networking functionality similar to that offered by Facebook, but with far greater control over personal data.
Diaspora was born earlier this year largely in response … Read More…