Windows 8.1 Security—New and Improved

By Aryeh Goretsky, March 2014

The release of Windows 8.1 may have been more eagerly anticipated for the changes it makes to the Start Screen than for the security improvements it brings.


Why Last Year’s Security Strategy Can’t Protect You from Today’s Threats

By ESET Staff, Spring 2013

If you deployed your security solution even just last year, you may not be protected from some of today’s most common malware.


Six Months with Windows® 8

By Aryeh Goretsky, May 2013

A look at Windows 8 during the first six months of its release. Just how well is it holding up, security-wise? The challenges faced by developers in securing Modern Windows and how piracy in the Windows Store might affect BYOD rollouts in the enterprise.


Trends for 2012: Malware Goes Mobile

By ESET Latin America, January 2012

ESET Latin America's Malware Analysis Lab looks at the implications of changes in the threat landscape, focusing in particular on anticipated developments in mobile threats.


Ten Ways to Dodge CyberBullets: Reloaded

By David Harley, December 2011

An updated version of the paper "Ten Ways to Dodge CyberBullets", addressing the question "what are the top 10 things that people can do to protect themselves against malicious activity?"


Problematic, Unloved and Argumentative: What is a potentially unwanted application (PUA)?

By Aryeh Goretsky, November 2011

What is a potentially unwanted application (PUA)? This paper gives some examples of "potentially unwanted" and "potentially unsafe" applications, explaining how they differ from out-and-out malware.


Win32/Carberp: When You're in a Black Hole, Stop Digging

By Aleksandr Matrosov, Eugene Rodionov, Dmitry Volkov and David Harley, December 2011

This paper consolidates information published by ESET and Group-IB researchers on Russian malware that attacks Russian RBS (Remote Banking Systems) transactions: now updated to version 1.1 to include additional material.


Options for backing up your computer

By Aryeh Goretsky, August 2011

If you know you need to back up your data but you're not sure how to do it, here's a practical guide on how to get started.


Hodprot: Hot to Bot

By Eugene Rodionov, Aleksandr Matrosov, and Dmitry Volkov, August 2011

A comprehensive analysis of Win32/Hodprot, one of the families of malware most used in banking fraud in Russia and its neighbours.


The Evolution of TDL: Conquering x64 (revision 1.1)

By Eugene Rodionov and Aleksandr Matrosov, June 2011

A comprehensive analysis of the TDSS/Olmarik/Alureon family, which has learned some radical new tricks. Updated to include information on a new plugin making radical changes to Olmarik's botnet.


Hanging on the Telephone

By David Harley, Urban Schrott and Jan Zeleznak, February 2011

As if fake anti-virus products weren’t bad enough, nowadays we have unsolicited phone-calls from fake AV helpdesks. ESET researchers tell you pdf about support scams.


Stuxnet Under the Microscope

By Alexandr Matrosov, Eugene Rodionov, David Harley and Juraj Malcho, January 2011

Version 1.31 of a comprehensive analysis of the Stuxnet phenomenon, updated to add pointers to additional resources. This is probably the last update of the document, but further relevant resources will be added to a list here.


Trends for 2011 - Botnets and Dynamic Malware

By ESET Latin America, November 2010

Researchers from ESET's Laboratories in Latin America summarize the main trends anticipated for 2011 in malicious programs and antivirus security.


Twenty Years Before the Mouse

By Aryeh Goretsky, June 2010

Written in the form of a personal retrospective, this paper compares the earliest days of PC computer viruses with today’s threats, as well as provides a glimpse into the origins of the computer anti-virus industry.


A Tried and True Weapon: Social Engineering

By Cristian Borghello, translated by Chris Mandarano, added April 2010

A discussion of some of the ways in which attackers use psychological manipulation to trick their victims.


Choosing Your Password

By David Harley, added April 2010

Some ways of avoiding easily guessable passwords.


Ten Ways to Dodge CyberBullets

By David Harley, February 2010

Around New Year it seems that everyone wants a top 10: the top 10 most stupid remarks made by celebrities, the 10 worstdressed French poodles, the 10 most embarrassing political speeches and so on. We revisited some of the ideas that our Research team at ESET North America came up with at the end of 2008 for a "top 10 things that people can do to protect themselves against malicious activity."


Conficker by the numbers

By Sebastián Bortnik, February 2010

This is a translation for ESET LLC of a document previously available in Spanish by ESET Latin America Click here.


The Internet Book of the Dead

By David Harley, January 2010

This paper is a bit different from other papers you'll find on the ESET white papers page. Following is a mock interview between Dan Damon, of BBC radio and David Harley discussing the complications of a digital world when someone passes away.


2010: Cybercrime Coming of Age

January 2010

The Research teams in ESET Latin America and ESET North America put their heads together in December 2009 to discuss the likely shape of things to come in the next 12 months in security and cybercrime.


Staying Safe on the Internet

By David Harley, September 2009

On the Information Superhighway, the traffic signals are always at amber. Here are some suggestions for reducing the risk from collisions and carjacks. Part One of a series of short papers.


Keeping Secrets: Good Password Practice

By David Harley and Randy Abrams, August 2009

Everyone knows that passwords are important, but what is a good password and how do you keep it safe?


Social Security Numbers: Identification is Not Authentication

By David Harley, August 2009

Americans are often expected to share their SSNs inappropriately: what are the security implications, and how serious are they?


Playing Dirty

By Cristian Borghello, August 2009

Describes in detail how criminals make money out of stealing online gaming credentials and assets.


Cybersecurity Review: Background, threatscape, best-practices and resources

By Jeff Debrosse

Cybersecurity is about protecting information and its related resources. This paper examines the different threats we face from cybercrime (the threatscape), real-world statistics to explain the scope and reach of cybercrime, and consumer and business best-practices — to protect both critical and non-critical information.


Free but Fake: Rogue Anti-malware

By Cristian Borghello, March 2009

Understanding and avoiding fake anti-malware programs that offer "protection" from malware that doesn't really exist.


Common Hoaxes and Chain Letters

By David Harley, May 2008

An ongoing series of papers that describe some of the commonly-found lies and half-truths that continue to circulate on the Internet, and discuss some ways of identifying them.


Net of the Living Dead: Bots, Botnets and Zombies

By David Harley and Andrew Lee, February 2008

Describes the botnet phenomenon in detail: its origins and history, current trends, and what you need to do about it.


The Spam-ish Inquisition

By David Harley and Andrew Lee, November 2007

A detailed overview of spam, scams and related nuisances, and some of the ways of dealing with them.


ESET Smart Security 4

By ESET Research Department, February 2009

A detailed overview of ESET's flagship security package by the team that brings you the ESET series of product-independent threat analyses.


A Pretty Kettle of Phish

By David Harley and Andrew Lee, July 2007

Understand and avoid the attentions of phishers and other Internet scammers.


Heuristic Analysis - Detecting Unknown Viruses

By David Harley and Andrew Lee, March 2007

A detailed analysis of the differences between traditional threat-specific detection and proactive detection by generic detection and behavior analysis.


The root of all evil? - Rootkits revealed

By David Harley and Andrew Lee, September 2006

This paper describes and de-mythologizes the rootkit problem, a serious but manageable threat.


The Passing Storm

By Pierre-Marc Bureau, David Harley, Andrew Lee, and Cristian Borghello, February 2009

The Storm botnet may have blown itself out, but its legacy remains. This paper places Storm in the context of botnets in general, examining its technical, social, and security implications.


Customer Value Enhancement of Endpoint Security Products

By Frost & Sullivan

Global, 2011


Endpoint Security: Proactive Solutions for Networkwide Platforms

By Andrew J. Hanson, Brian E. Burke and Gerry Pintal

IDC # 216642


Beyond Signature-Based Antivirus: New Threat Vectors Drive Need for Proactive Antimalware Protection

By Brian E. Burke

adapted from Worldwide Antivirus 2006-2010 Forecast Update and 2005 Vendor Analysis. IDC #204715


Malware Detection Techniques

By Frost & Sullivan