The Latest in IT Security

Posts Tagged ‘russian colleagues’

Win32/Duqu analysis: the RPC edition

29
Oct
2011

My Russian colleagues Aleksandr Matrosov and Eugene Rodionov have found some time to do some more analysis on Win32/Duqu. (Don’t you guys sleep?) In the previous post (http://blog.eset.com/2011/10/25/win32duqu-it%e2%80%99s-a-date) they concentrated on analyzing the Duqu configuration file format and extracting the exact date on which the system was infected. This time they investigated Duqu’s RPC (Remote […]

Category General Written by ESET ThreatBlog 0 Comments

Read more ...

Cycbot: Ready to Ride

16
Jul
2011

My Russian colleagues Aleksandr Matrosov and Eugene Rodionov report that recently a cybercrime group called “Ready to Ride” has attracted their attention, by distributing malware of the Win32/Cycbot family. This group started in the fall last year, judging from the domain name registration date – readytoride.su was registered on 8th September 2010.Its primary activities were […]

Category General Written by ESET ThreatBlog 0 Comments

Read more ...

TDL file system

14
Jun
2011

@RedNose commented on the blog I put up recently about the tool my Russian colleagues have made available for dumping TDL’s hidden file system: I’m going to respond here in case anyone else is confused about this.“I ran the tool and it did not show anything. Does it mean that TDSS is not present?”No, that’s […]

Category General Written by ESET ThreatBlog 0 Comments

Read more ...

« Older Entries

Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments