By David Harley, February 2013
Welcome to the Web 2.0 incarnation of the Misinformation Superhighway. Did you really think that hoaxing had died out?
By Robert Lipovsky, January 2013
The ‘PokerAgent’ botnet, which we have tracked in 2012, was designed to harvest Facebook log-on credentials, also collecting information on credit card details linked to the Facebook account and Zynga Poker player stats, presumably with the intention to mug the victims. The threat was mostly active in Israel.
By ESET Latin America’s Lab, December 2012
ESET Latin America's Malware Analysis Lab reviews the year and compiles threat trends for the upcoming season. So how will the 2013 threatscape look like according to the IT security company ESET? It will definitely see major growth of mobile malware and its variants, increased malware propagation via websites, continuing rise of botnets and attacks on the cloud resulting in information leaks.
ByAndré Goujon and Pablo Ramos, November 2012
Analysis of an SMS Trojan found on Android smartphones that is capable of executing SMS premium rate scams in a wide range of countries. ESET researchers in Latin America combine code inspection with investigation of consumer forums to reveal the first threat of the kind targeting Latin American countries, but with implications that are global.
By David Harley and Urban Schrott, October 2012
Phishing scams old and new, and some ways to recognize the baited hook before you bite off more than you can chew.
By Aryeh Goretsky, October 2012
An analysis of the newest and most interesting security features in Windows 8, Microsoft's newest desktop operating system, as well as how it may be attacked in the future.
By Marc-Etienne Leveille , September 2012
The first malware to infect hundreds of thousands of Apple Mac
By Robert Lipovsky and Righard Zwienenberg, June 2012
10000‘s of AutoCAD Designs Leaked in Suspected Industrial Espionage.
By ESET Latin America, January 2012
ESET Latin America's Malware Analysis Lab looks at the implications of changes in the threat landscape, focusing in particular on anticipated developments in mobile threats.
By David Harley, December 2011
An updated version of the paper "Ten Ways to Dodge CyberBullets", addressing the question "what are the top 10 things that people can do to protect themselves against malicious activity?"
By Aryeh Goretsky, November 2011
What is a potentially unwanted application (PUA)? This paper gives some examples of "potentially unwanted" and "potentially unsafe" applications, explaining how they differ from out-and-out malware.
By Aleksandr Matrosov, Eugene Rodionov, Dmitry Volkov and David Harley, December 2011
This paper consolidates information published By ESET and Group-IB researchers on Russian malware that attacks Russian RBS (Remote Banking Systems) transactions: now updated to version 1.1 to include additional material.
By Aryeh Goretsky, August 2011
If you know you need to back up your data but you're not sure how to do it, here's a practical guide on how to get started.
By Eugene Rodionov, Aleksandr Matrosov, and Dmitry Volkov, August 2011
A comprehensive analysis of Win32/Hodprot, one of the families of malware most used in banking fraud in Russia and its neighbours.
By Eugene Rodionov and Aleksandr Matrosov, June 2011
A comprehensive analysis of the TDSS/Olmarik/Alureon family, which has learned some radical new tricks. Updated to include information on a new plugin making radical changes to Olmarik's botnet.
By David Harley, Urban Schrott and Jan Zeleznak, February 2011
As if fake anti-virus products weren’t bad enough, nowadays we have unsolicited phone-calls from fake AV helpdesks. ESET researchers tell you pdf about support scams.
By Alexandr Matrosov, Eugene Rodionov, David Harley and Juraj Malcho, January 2011
Version 1.31 of a comprehensive analysis of the Stuxnet phenomenon, updated to add pointers to additional resources. This is probably the last update of the document, but further relevant resources will be added to a list here.
By ESET Latin America, November 2010
Researchers from ESET's Laboratories in Latin America summarize the main trends anticipated for 2011 in malicious programs and antivirus security.
By Aryeh Goretsky, June 2010
Written in the form of a personal retrospective, this paper compares the earliest days of PC computer viruses with today’s threats, as well as provides a glimpse into the origins of the computer anti-virus industry.
By Cristian Borghello, translated By Chris Mandarano, added April 2010
A discussion of some of the ways in which attackers use psychological manipulation to trick their victims.
By David Harley, added April 2010
Some ways of avoiding easily guessable passwords.
By David Harley, February 2010
Around New Year it seems that everyone wants a top 10: the top 10 most stupid remarks made By celebrities, the 10 worstdressed French poodles, the 10 most embarrassing political speeches and so on. We revisited some of the ideas that our Research team at ESET North America came up with at the end of 2008 for a "top 10 things that people can do to protect themselves against malicious activity."
By Sebastián Bortnik, February 2010
This is a translation for ESET LLC of a document previously available in Spanish By ESET Latin America Click here.
By David Harley, January 2010
This paper is a bit different from other papers you'll find on the ESET white papers page. Following is a mock interview between Dan Damon, of BBC radio and David Harley discussing the complications of a digital world when someone passes away.
The Research teams in ESET Latin America and ESET North America put their heads together in December 2009 to discuss the likely shape of things to come in the next 12 months in security and cybercrime.
By David Harley, September 2009
On the Information Superhighway, the traffic signals are always at amber. Here are some suggestions for reducing the risk from collisions and carjacks. Part One of a series of short papers.
By David Harley and Randy Abrams, August 2009
Everyone knows that passwords are important, but what is a good password and how do you keep it safe?
By David Harley, August 2009
Americans are often expected to share their SSNs inappropriately: what are the security implications, and how serious are they?
By Cristian Borghello, August 2009
Describes in detail how criminals make money out of stealing online gaming credentials and assets.
By Jeff Debrosse
Cybersecurity is about protecting information and its related resources. This paper examines the different threats we face from cybercrime (the threatscape), real-world statistics to explain the scope and reach of cybercrime, and consumer and business best-practices — to protect both critical and non-critical information.
By Cristian Borghello, March 2009
Understanding and avoiding fake anti-malware programs that offer "protection" from malware that doesn't really exist.
By David Harley, May 2008
An ongoing series of papers that describe some of the commonly-found lies and half-truths that continue to circulate on the Internet, and discuss some ways of identifying them.
By David Harley and Andrew Lee, February 2008
Describes the botnet phenomenon in detail: its origins and history, current trends, and what you need to do about it.
By David Harley and Andrew Lee, November 2007
A detailed overview of spam, scams and related nuisances, and some of the ways of dealing with them.
By ESET Research Department, February 2009
A detailed overview of ESET's flagship security package by the team that brings you the ESET series of product-independent threat analyses.
By David Harley and Andrew Lee, July 2007
Understand and avoid the attentions of phishers and other Internet scammers.
By David Harley and Andrew Lee, March 2007
A detailed analysis of the differences between traditional threat-specific detection and proactive detection by generic detection and behavior analysis.
By David Harley and Andrew Lee, September 2006
This paper describes and de-mythologizes the rootkit problem, a serious but manageable threat.
By Pierre-Marc Bureau, David Harley, Andrew Lee, and Cristian Borghello, February 2009
The Storm botnet may have blown itself out, but its legacy remains. This paper places Storm in the context of botnets in general, examining its technical, social, and security implications.
By Frost & Sullivan Global, 2011
By Andrew J. Hanson, Brian E. Burke and Gerry Pintal
IDC # 216642
Beyond Signature-Based Antivirus: New Threat Vectors Drive Need for Proactive Antimalware Protection
By Brian E. Burke
Adapted from Worldwide Antivirus 2006-2010 Forecast Update and 2005 Vendor Analysis. IDC #204715
By Frost & Sullivan
*Copyright is held by Virus Bulletin Ltd, but is made available on this site for personal use free of charge by permission of Virus Bulletin.