May 1, 2012 - A few months ago I wrote a fairly short comment piece for Virus Bulletin on how some popular posts to Facebook that invite you to make use of your personal data might be useful to scammers and others as (continue reading...) Read more
May 1, 2012 - Apologies if you're bored with my banging on about PC support scams, but it seems that there are plenty of people who aren't. At any rate, some of my previous blogs on the subject have attracted more comments than (continue reading...) Read more
April 18, 2012 - A while ago, I responded to a blog comment promising some thoughts on how to recognize a cold-calling PC support scam. Unfortunately, I wasn't able to do that immediately, and then I was on vacation with no Internet connectivity (continue reading...) Read more
April 16, 2012 - I’ve had a long if intermittent association with the Anti-Phishing Working Group, going back to the early noughties when I represented the UK’s National Health Service there (continue reading...) Read more
April 5, 2012 - This week we have detected another interesting attack vector. This time cybercriminals are using an interesting technique for hiding malicious Javascripts and employ implicit iFrame injection. At this moment we are tracking hundreds of infected legitimate web sites in the (continue reading...) Read more
April 5, 2012 - Andrew Lee just drew my attention to a poll carried out by an IT magazine in the UK, asking the question ‘Do you think it's necessary to use paid-for anti-virus software to effectively protect your PC?’ Clearly this (continue reading...) Read more
April 2, 2012 - In a recent blog on whether security professionals really don't use anti-virus (sorry, but quite a few of us do!) I mentioned a paper by myself and Julio Canto on the use and misuse of multi-scanner sites like (continue reading...) Read more
March 30, 2012 - This week Blackhole has been updated to version 1.2.3 and includes a new exploit for the Java CVE-2012-0507 vulnerability, which ESET calls Java/Exploit.CVE-2012-0507. Earlier this week information was published about the Blackhole update by French malware researcher (continue reading...) Read more
March 27, 2012 - Even visiting security-oriented websites can sometimes be risky. If you’ve visited the security blog zerosecurity.org this month and you’re also a user of ESET’s security products, you might have encountered an anti-virus alert such as this one: (continue reading...) Read more
March 20, 2012 - We've spent quite a lot of time on this blog in the last year or more discussing Win32/Carberp, which has also found its way into the occasional paper and presentation. So it gave us particular pleasure to see (continue reading...) Read more
March 17, 2012 - Not long ago we received interesting information from an independent security researcher from Russia, Vladimir Kropotov. (We will be presenting our joint research with him at CARO 2012.) We started to research this information and found an interesting way to (continue reading...) Read more
March 15, 2012 - There's a blog article I've been wanting to write for a few days, but haven't so far been able to make time for. However, Martijn Grooten drew my attention to a blog on much the same topic from our (continue reading...) Read more
March 14, 2012 - Here's a quick summary of the PREFETCH and INF ploys I mentioned in a separate blog here. These are alternatives (or supplements) used by support scammers from India to the Event Viewer and ASSOC/CLSID ploys also used to "prove" to (continue reading...) Read more
March 10, 2012 - Our colleagues at ESET UK drew my attention to another article on the resurrection of the Kelihos botnet (Win32/Kelihos). The article is based on the abuse.ch analysis of a particular sample. The analysis is interesting and (continue reading...) Read more
March 5, 2012 - It was back in the 1990s when someone told me that operating systems like Windows NT were getting so safe that AV would soon be out of business. And I hear on a regular basis that AV is so ineffective (continue reading...) Read more
February 24, 2012 - Introduction Mobile World Congress 2012 is almost upon us, and one of the most hotly-anticipated topics is the next generation of Microsoft’s smartphone operating system Windows Phone 8, which has been kept under wraps far more tightly than its PC (continue reading...) Read more
February 22, 2012 - In the beginning of February we found a new modification of our “old friend” Win32/Rovnix (the dropper detected as Win32/Rovnix.B trojan), which is the first bootkit using VBR (Volume Boot Record) infection. An interesting fact is that Rovnix bootkit (continue reading...) Read more
February 14, 2012 - Here are some further thoughts arising from the ACPO National Cyber Crime Conference held recently in the UK*. DAC Janet Williams, ACPO’s e-Crime lead, summarized the current initiatives (continue reading...) Read more
February 13, 2012 - I spent a couple of days last week at the National Cyber Crime Conference in Sheffield*, UK. I was invited there to talk about those PC support (continue reading...) Read more
February 6, 2012 - A few years ago, from time to time I used to visit the school where my wife taught IT, to talk to some of their students about IT security. In fact, we wrote a paper at that time(along with my (continue reading...) Read more