ESET Threat Blog

Our white paper on Potentially Unwanted Applications (PUAs) has been revised with additional information, including information about how legitimate software can become classified as a PUA due to its misuse, a discussion of a type of downloader called a software wrapper and updated screen shots. It can be found in the White Papers section  Problematic, … Read More…

Back in 2008 ESET's global research teams put together some suggestions for "a top ten of things that people can do to protect themselves against malicious activity." That series of blogs was subsequently expanded into a paper called "Ten Ways to Dodge CyberBullets", addressing the question "what are the top 10 things that people can … Read More…

The slides from an AMTSO-oriented presentation by Larry Bridwell and myself at this year's Virus Bulletin conference, on "'Daze of whine and neuroses (but testing is FINE)" are now available on the Virus Bulletin site are now available here (along with some other excellent presentations).
The paper on which the presentation is based is on the ESET white papers page, … Read More…

ESET researchers Aleksandr Matrosov and Eugene Rodionov just gave a talk on Defeating x64: Modern Trends of Kernel-Mode Rootkits at the seventh Ekoparty security conference, which took place at its traditional location of Buenos Aires, Argentina between the 21st and 23rd of September.
The presentation described new trends in bootkit/rootkit development for x64 Microsoft Windows operating … Read More…

The United States Attorney Office for the Southern District of New York received a flurry of attention in April, 2011 when they unsealed an indictment against the three largest Internet poker companies in the United States—Absolute Poker, Full Tilt Poker and PokerStars—for fraud, gambling and money laundering.  Today, the USAO upped the ante with an … Read More…

With the publication last year of Aryeh Goretsky's paper “Twenty years before the mouse,” a personal perspective on  the history of viruses and malware so far, I took the opportunity to try something a little different for this blog by announcing it here in an article in an interview format.  
Since people seemed to like it, we … Read More…

Earlier this year I delivered a presentation at Infosec Europe on SCADA issues, a topic that's come up a lot in my articles here.
There isn't a paper to go with that presentation, but the barebones slide deck on the ESET white papers page has now been replaced with a version – Infrastructure Attacks: The Next … Read More…

Well, the EICAR conference earlier this month was in Krems, in Austria, where I hear that they're not averse to the occasional brandy, but I was actually perfectly sober when I delivered my paper on Security Software & Rogue Economics: New Technology or New Marketing? (The full abstract is available at the same URL.)
To conform with EICAR's usual … Read More…

I just saw an article by Mathew Schwartz for Information Week focused on a series of articles by Aleksandr Matrosov, Eugene Rodionov and myself for Infosec Institute.
The articles are actually based on previous analyses of TDL3 and TDL4 by Aleksandr and Eugene, but even if you've seen those, you might find the aggregation of older and … Read More…

First of all, the guys at ESET North America have just added a paper to the ESET white papers page at http://www.eset.com/us/documentation/white-papers:
Hanging on the Telephone
By David Harley, Urban Schrott and Jan Zeleznak, February 2011
As if fake anti-virus products weren’t bad enough, nowadays we have unsolicited phone-calls from fake AV helpdesks. ESET researchers tell you … Read More…