ESET Threat Blog

Yesterday’s announcement by the US Department of Justice that the operators of file-sharing site Megaupload had been indicted for operating a criminal enterprise that generated over $175 million by trafficking in over half a billion dollars of pirated copyrighted material has sent shockwaves across the Internet.  The accuracy of those figures may be questionable, but … Read More…

It has been 1,000 days since the Conficker worm first appeared on November 21, 2008.  For the first two months after its initial appearance we received a trickle of reports through our ThreatSense.NET telemetry system.  By January of 2009 that had become a flood, and then a deluge, as this “super worm” rose to meteoric … Read More…

I guess someone in the general area of Kolkata reads my blog posts. At any rate, after I posted a blog yesterday bemoaning the fact that I had to do my own systems support, I got a phone call from a gentleman with a pronounced accent wanting to help me with my virus problem.
It's Raining … Read More…

I should probably have mentioned this before, but it's only just hit my radar.
ESET's October ThreatSense report is available on the Threat Center page as Global Threats Trends for October 2010. Naturally, it includes the usual information about the top ten global threats reported by ThreatSense.Net telemetry in October, which are:
 

INF/Autorun
Win32/Conficker
Win32/PSW.OnLineGames
Win32/Sality
INF/Conficker
Win32/Tifaut.C
HTML/ScrInject.B
Win32/Bflient.K
JS/TrojanClicker.Agent.NAZ
Win32/Spy.Ursnif.A

It also includes articles on:

Feature Article by … Read More…

This time last year I was on my way to Cambridge to deliver a presentation, having stayed up till the early hours of the morning to post a blog reporting that Conficker, although it had changed its behaviour, as we already knew it would, had not initiated the heat death of the Internet. 
What's really depressing, … Read More…

Two new white papers have been posted on the white papers page at http://www.eset.com/download/whitepapers.php.
(1) "Ten Ways to Dodge CyberBullets" by David Harley
Around New Year it seems that everyone wants a top 10: the top 10 most stupid remarks made by celebrities, the 10 worst-dressed French poodles, the 10 most embarrassing political speeches and so on. … Read More…

Urban Schrott, IT Security & Cybercrime Analyst at ESET Ireland, reports seeing more e-mail pretending to be from Microsoft is circulating, "warning" computer users that "Conflicker" is again spreading rapidly.
ESET's ThreatSense engine identifies the malware as Win32/Kryptik.CLU trojan, and running it would result in further malware infections.
Here's an example Urban quotes of one of the … Read More…

I've read with interest the recent developments regarding the "Aurora" exploit code. As you are probably aware this code exploits a vulnerability in Microsoft's Internet Explorer. Microsoft recently released an out-of-band patch to close off this vulnerability. Very soon after, we are seeing reports that the first widespread attacks that attempt to exploit this vulnerability … Read More…

As our December ThreatSense report (now available at http://www.eset.com/threat-center/threat_trends/Global_Threat_Trends_December_2009.pdf) was not only the last of the year but the last of the decade, it's rather longer and more detailed than usual, including a look back at the last 12 months. I suppose we could have gone back over the whole decade, but I have to … Read More…

[Part 2 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series will also be available shortly as a white paper.]
Catch the Patch Batch
Keep applications and operating system components up-to-date with automated updates and patches, and by regularly reviewing the vendors’ product update sections … Read More…