There is some pretty interesting content in ESET's Threat Report for July:
Urban Schrott talks about ESET Ireland's recent research into the ways in which people can recklessly aid and abet malware in compromising their own systems, by ignoring or bypassing AV protection.
David Harley (oh, that would be me…) summarizes some of the recent research coming … Read More…
I've been seeing a lot of wordage today about Dmitry Alperovitch's Shady Rat report, ranging from "Wow! Who knew?!" to "Nothing new here." Or, as Paul Wagenseil puts it, Don’t Believe the Hype: 'Operation Shady RAT' Is Nothing New. Well, "hype" is way too strong. There's some interesting stuff in the report. However, it's not startlingly … Read More…
A week or so ago we promised you a full paper expanding on our Hodprot is a Hotshot blog. That paper is now up on the white papers page at http://www.eset.com/us/documentation/white-papers.
Title: Hodprot: Hot to Bot
By: Eugene Rodionov, Aleksandr Matrosov, and Dmitry Volkov, August 2011
Abstract: A comprehensive analysis of Win32/Hodprot, one of the families of malware … Read More…
I get a lot of press enquiries currently about hacktivism, usually in the context of certain groups who have had more than enough publicity already. While discussing some related issues with my colleagues at ESET UK, it occurred to me that what we're lacking here is a clear differentiation between types of "hacktivist" or, indeed, "activist": much … Read More…
I just came across a post from The H telling us that US government warns of potential Stuxnet variants. Of course, concern about the availability and possible portability of the code is hardly a new concern, but it turns out the article refers to a "Statement for the Record" to the (deep breath) United States House … Read More…
You might think it strange, but the creation of viruses and malware isn't illegal in most jurisdictions. Most virus-writers have been prosecuted on secondary grounds such as unauthorized access or modification, malicious damage and so on. More recent malware authors, botmasters and such may also fall foul of similar issues, or other criminal activities such as fraud or … Read More…
Yeah, yeah, yet another coldcall scam post, but featuring a ploy I haven't come across before, intended to convince you that the scammer really knows something about your system, so that you're likelier to fall for the scam.
Rebecca Herold reports for InfosecIsland that she was contacted by one of those helpful "support desk" people who … Read More…
A little while ago, one of my Facebook friends mentioned that his Google+ account had been suspended because his name breached community standards. Probably, I suggested, because his name was the same as a character in a Star Trek movie, and it was flagged as pseudonymous.
Looks as if I was probably correct. Or someone over … Read More…
[In their presentation “Cybercrime in Russia: Trends and issues” at CARO2011 -- one of the best presentations of the workshop, in my unbiased opinion -- Robert Lipovsky, Aleksandr Matrosov and Dmitry Volkov mentioned the Win32/Hodprot malware family, which seems to be undergoing something of a resurgence. But why don’t I let them tell you ... Read More…
My Russian colleagues Aleksandr Matrosov and Eugene Rodionov report that recently a cybercrime group called “Ready to Ride” has attracted their attention, by distributing malware of the Win32/Cycbot family. This group started in the fall last year, judging from the domain name registration date – readytoride.su was registered on 8th September 2010.
Its primary activities were … Read More…
- David Harley (741)
- Randy Abrams (431)
- Cameron Camp (111)
- Stephen Cobb (62)
- ESET Research (56)
- Pierre-Marc Bureau (51)
- Aryeh Goretsky (31)
- Andrew Lee (15)
- Jeff Debrosse (12)
- Robert Lipovsky (12)
- Paul Laudanski (11)
- Sebastian Bortnik (8)
- Dan Clark (6)
- Righard Zwienenberg (6)
- Sébastien Duquette (5)
- Tasneem Patanwala (3)
- Alexis Dorais-Joncas (3)
- Peter Stancik (2)
- Aleksandr Matrosov (2)
RSS
