ESET Threat Blog

The March Threatsense report at http://www.eset.com/us/resources/threat-trends/Global_Threat_Trends_March_2011.pdf includes, apart from the Top Ten threats:

a feature article on Japanese-disaster-related scamming by Urban Schrott and myself
news of the Infosec Europe expo in London on the 19th-21st April, the AMTSO and CARO workshops in Prague in May, and the EICAR Conference in Austria that follows
the story of a fake AV … Read More…

You may not be aware that ESET writers have been supplying blogs to SC Magazine for a while now. Recently, Randy Abrams and I were drafted in after the original contributors moved on, and we started contributing this week:

Poachers and Gamekeepers considers whether there is a conflict of interest when AV companies work with companies … Read More…

We've already discussed a lo-tech but surprisingly effective attack on ATM users here and elsewhere.
However, Brian Krebs has recently posted on more conventional skimming attacks: Green Skimmers Skimming Green. An interesting and useful comment thread too. However, in view of the mentions there of chip and pin technology, it's worth pointing out that while chip … Read More…

[Update: Oops! Nearly forgot Richi Jennings, who was well ahead of the curve on this.]
…no, not the ESET android graphic…
A couple of days ago I had an interesting conversation with the estimable Steve Gold, Technology Editor at Infosecurity Magazine. Much of the conversation was around Stuxnet and a presentation I'm doing next month at Infosecurity Europe, … Read More…

As I've already posted elsewhere, there are reports of scammers spamming out solicitations for contributions to fake disaster relief funds, in the wake of the recent earthquake in New Zealand (not to mention the one that preceded it).
CAUCE has put up a short list of organizations providing aid known to be genuine, complete with the necessary banking details. … Read More…

Before I started today's flurry of blogs, I was uncharacteristically quiet: first I was at  an AMTSO event in San Mateo, then at RSA in San Francisco, and then in darkest Shropshire for reasons that won't interest you in the least.
I was planning to put up some news about the AMTSO workshop by now, but in … Read More…

 
Just a quick follow up on the Microsoft Security Advisory (2501696) post that my colleague Randy Abrams wrote about on January 28th regarding Microsoft's recent MHTML vulnerability, which is listed by ESET as HTML/Exploit.CVE-2011-0096.A in our signature database.
 
Although reports remain low so far, any vulnerability in a particular version of Microsoft Windows is likely to … Read More…

Our interim analysis of a version of the malware we detect as Java/Boonana.A or Win32/Boonana.A (depending on the particular component of this multi-binary attack) differs in some characteristics from other reports we've seen.
The most dramatic difference is in the social engineering hook used in messages sent to an infected user's friends list. Other reports (including … Read More…

The Stuxnet analysis “Stuxnet under the Microscope” we published a few weeks ago has been updated, as promised, to include some information about the recently-patched win32k.sys vulnerability (MS10-073, or CVE-2010-2743), and just a little about the Task Scheduler issue that hasn't been patched yet.
Randy Abrams has filled a hole in Babelfish's functionality by blogging his … Read More…

Randy wrote a little while ago in a blog called You’re So Vain… (now that takes me back…) about a new ESET-commissioned survey by CERC about social networking.
Along somewhat similar but rather more minimal lines, you might find the results of a 60-second survey carried out by HealthGuard of interest. The survey asked just two questions:

Does your organization have … Read More…