ESET Threat Blog

ESET is not going to try to capitalize on McAfee's unfortunate false positive problem (and nor, I'm sure, is any other reputable vendor). Such problems can arise for any AV vendor: it's an inevitable risk when you're trying to walk the line between the best possible detection of threats and avoidance of false detections (someone please … Read More…

Thanks to Marcin Gajewski for pointing out that Lech Kaczynski was the President of Poland, not the Prime Minister. I really shouldn't try to blog after a full day's travelling
While I was enjoying a rare few days off, my colleagues at ESET Latin America were posting a blog article about the ugly way in … Read More…

 ESET Latin America has confirmed that the Koobface variants they're looking at download rogue security software and other trojans from active urls.
They include:
Win32/TrojanProxy.Small.NEB trojan
Win32/PSW.Delf.NSE trojan
Win32/Qhost.NTN trojan
Win32/Agent.QWU trojan
a variant of Win32/Koobface.NCI worm
a variant of Win32/Koobface.NCP worm
Win32/Adware.Antivirus2009.AA
David Harley CISSP FBCS CITP
Research Fellow & Director of Malware Intelligence
ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on … Read More…

Our colleagues in ESET Latin-America have reported that a huge new malware distribution campaign is being carried out through the popular social network Facebook. In this instance, it is our old friend the Koobface worm that is being propagated. (For more about Koobface see Randy's post here, and for more about this particular iteration, see … Read More…

A press query was passed to me concerning our blogs about the Russian bombings and the fact that criminals are making use of the topic to spread malware using blackhat SEO (Search Engine Optimization) and abuse of the twitter service.
See "Russian Metro Bombings: here come the ghouls" and "Here come (more of) the ghouls" for more information … Read More…

[Update: it's likely that the attacks described below will also take advantage of the more recent bombings in Dagestan, as described by the BBC here. Isn't it bad enough that horrors like this take place at all, let alone provide revenue for cybercriminals?]
Late last  night (30th March) I added a pointer to my earlier blog … Read More…

Looking into their crystal balls (no jokes, please) at the end of 2009, our colleagues in Latin America came up with a prophecy that was later incorporated into a white paper (2010: Cybercrime Coming of Age):
In June 2010, one of the most popular regular sports events, the soccer World Cup, will take place in South … Read More…

Two new white papers have been posted on the white papers page at http://www.eset.com/download/whitepapers.php.
(1) "Ten Ways to Dodge CyberBullets" by David Harley
Around New Year it seems that everyone wants a top 10: the top 10 most stupid remarks made by celebrities, the 10 worst-dressed French poodles, the 10 most embarrassing political speeches and so on. … Read More…

Two new papers have gone up on the ESET White Papers page at http://www.eset.com/download/whitepapers.php. (Strictly speaking, they're not altogether new: they include some material that has previously been blogged here.)
The Internet Book of the Dead is a bit different from other papers you’ll find on the ESET white papers page. (Technically, it’s not actually an … Read More…

Update: more resources I picked up on  a security list just now (I'm drowning in email here!) Apologies for any duplication.
Update 2: more additions below.
@imaguid pointed out in a microblog that there's a pattern to the use of social engineering around disasters like the Haiti earthquake:  "first comes the tragedy, then malware purveyors exploiting the tragedy as … Read More…