ESET had quite a strong representation at Virus Bulletin this year in Barcelona, as David Harley mentioned in his post prior to the conference.
On the first day, Pierre-Marc Bureau presented his findings about the Kelihos botnet, David Harley and AVG’s Larry Bridwell discussed the usefulness and present state of AV testing, and to finish the … Read More…
Win32/Olmarik (also known as TDSS, TDL, Alureon and sundry less complimentary names) has gone through some interesting evolutions in the last couple of years.
TDL4 is no exception, with its ability to load its kernel-mode driver on systems with an enforced kernel-mode code signing policy (64-bit versions of Microsoft Windows Vista and 7) and perform kernel-mode … Read More…
One that will be of most interest to our readers in the UK, I guess.
Our friends at Virus Bulletin are holding another "Securing Your Organization in the Age of Cybercrime" seminar, this time on the Open University Campus at Milton Keynes on the 24th May. The full agenda is already available on that page, and includes … Read More…
My friend and former colleague Craig Johnston has just had an article published in the January 2011 edition of Virus Bulletin in which he describes conversations he's had recently with "support technicians" who cold-called him at home, offering him "help" with virus problems.
While this is ground we've been covering in this blog since around the … Read More…
Further to my earlier blog about Stuxnet resources, version 1.31 of "Stuxnet Under the Microscope" is now available on the white papers page. It's been updated to add pointers to additional resources, and this is probably the last update of the document. However, any further relevant resources will be added to a list here.
Aleksandr Matrosov … Read More…
Our own Pierre-Marc Bureau was heavily quoted in an article by Tom Simonite on the use by the École Polytechnique de Montreal (in collaboration with researchers from Nancy University, France, and Carlton University, Canada), of a cluster of servers used for an experiment with a live botnet.
The article refers to a recent paper on "The case … Read More…
A couple of years ago, I underwent radical surgery. (Bear with me, even if you've heard the story before: there's a lot more to this issue than the rearrangement of some of my internal organs…)
Outside the operating theatre, as I was awaiting the tender ministrations of the anaesthetist, the surgeon came by for a word … Read More…
This is a (slightly edited) extract from the November ThreatSense Report, included here as it makes a very serious point about social networking,
Andrew Lee conducted a fun but disquieting thought experiment in the course of an amusing and informative presentation on user education at the recent Virus Bulletin Seminar.
Most security researchers have an innate distrust of … Read More…
EICAR (formerly known as the European Institute for Computer Anti-virus Research, though that title hasn't been used for a good while) is best known for its yearly conference and for the EICAR test file, which can be used as an installation check with most anti-virus programs to check that it's installed and active.
Sadly, I've been … Read More…
In the months since Stuxnet first hit our radar, I’ve wiped a lot of brickdust off my forehead. Mostly as a result of banging my head against the wall in the hope of distraction from yet another infuriating, unsubstantiated speculation about who wrote it, what it was for, and who was the target, repeated as … Read More…
- David Harley (770)
- Randy Abrams (437)
- Cameron Camp (102)
- ESET Research (61)
- Pierre-Marc Bureau (50)
- Stephen Cobb (47)
- Aryeh Goretsky (30)
- Paul Laudanski (17)
- Jeff Debrosse (14)
- Andrew Lee (14)
- Robert Lipovsky (10)
- Sebastian Bortnik (9)
- Dan Clark (8)
- Sébastien Duquette (5)
- Tasneem Patanwala (3)
- Peter Stancik (2)
- Andrea Kokavcova (1)
- David Carnevale (1)
- C. Nicholas Burnett (1)
RSS
