With the publication last year of Aryeh Goretsky's paper “Twenty years before the mouse,” a personal perspective on the history of viruses and malware so far, I took the opportunity to try something a little different for this blog by announcing it here in an article in an interview format.
Since people seemed to like it, we … Read More…
Forensic software developer PassWare announced a new version of its eponymous software forensics kit on Tuesday. Already several news sources are writing about how the program can automatically obtain the login password from a locked or sleeping Mac simply by plugging in a USB flash drive containing their software and connecting it to another computer … Read More…
[Update: the Washington Post article to which "A Dude" refers in his comment is here.]
Back in 2009 I blogged about the fact that UK telecoms giant BT was buying in components for its £10 billion network from the Chinese telecoms supplier Huawei. This article came in part from a leaked memo demonstrating concerns in Whitehall at the time that … Read More…
The death of Osama bin Laden has gone viral, with blogs, social media and search engines pumping terabytes of rumor, innuendo and conspiracy theories at the speed of light, along with the occasional kilobyte of truth. As the number of people searching for pictures and videos of bin Laden’s execution has skyrocketed, the criminal syndicates … Read More…
[NOTE: As we were publishing this articl, our Latin American office discovered another Black Hat SEO campaign incorporating promises of Osama bin Laden videos on Facebook. Click here to view their article in Spanish. We will follow up on this shortly. AG]
The malware phenomenon started by the announcement of Osama Bin Laden’s death continues unabated, … Read More…
The US Department of Justice's announcement yesterday of the takedown of the command and control (C&C) servers for the Coreflood bots (detected by ESET as Win32/AFCore) and seizure of their domains marks another step in the growing awareness that crime, whether it is committed with bullets or with botnets, is still crime.
This particular botnet, about … Read More…
As David Harley blogged earlier, the Comptroller of Public Accounts office for the state of Texas yesterday began notifying state employees that the names, addresses, social security numbers and other records of some 3.5 million current or former state employees had been accessible via the Internet.
Unlike the earlier Epsilon Data Management data breach, it seems no … Read More…
[Update: more information from ESET on this malware here.]
Last October, my colleague Tasneem Patanwala blogged about rogue antivirus masquerading as an ESET product. In that instance it was a product calling itself Smart Security, and Tasneem's blog includes lots of useful information about that particular malware, and fake AV in general.
Looking through my huge backlog … Read More…
It is, as Aryeh Goretsky remarked to me recently in a slightly different context, almost like Old Home Week. He was referring to recent work by a number of luminaries formerly prominent in antivirus research like Eugene Spafford, Ken van Wyk, and even Fred Cohen.
But today I'm waxing nostalgic about a piece of malware. Not one of … Read More…
UPDATE #1 Randy Abrams has posted a follow-up article, Anatomy of a Biting Bunny – The Infected Microsoft Catalog Update with additional information about how update services work, why they might distribute third-party code and what might be done to prevent malware from being distributed on services like Microsoft's Windows Update in the future. 7-FEB-2011.
Last week, we received … Read More…
- David Harley (741)
- Randy Abrams (431)
- Cameron Camp (111)
- Stephen Cobb (62)
- ESET Research (56)
- Pierre-Marc Bureau (51)
- Aryeh Goretsky (31)
- Andrew Lee (15)
- Jeff Debrosse (12)
- Robert Lipovsky (12)
- Paul Laudanski (11)
- Sebastian Bortnik (8)
- Dan Clark (6)
- Righard Zwienenberg (6)
- Sébastien Duquette (5)
- Alexis Dorais-Joncas (3)
- Tasneem Patanwala (3)
- Aleksandr Matrosov (2)
- Peter Stancik (2)
RSS
