Press Clippings May 2012
May 16, 2012 Leave a comment
Click on thumbnails to view full articles.
IrishDev 16.05.2012
.
ConsumerChoice 14.05.2012
Millions have not reviewed Facebook privacy settings: Here’s how
May 16, 2012 Leave a comment
Here are two staggering Facebook privacy statistics: Nearly 13 million US Facebook users have never set, or don’t know about, Facebook’s privacy tools, and only 37 percent have used Facebook’s privacy tools to customize how much information is shared with third parties. That’s according to a Consumer Reports survey released earlier this month. Given that there are now over 900 million Facebook users, more than the population of most countries, and given the broad sharing that is Facebook’s default privacy setting, those stats strongly suggest a lot of people have some online privacy catching up to do.
A few months ago we highlighted Facebook security settings and how to enable various protections. In this post, we delve more into granular control of your data privacy. By ratcheting down your privacy settings, you can have more control over who can get to your data, helping to keep your social networking experience positive, and potentially preventing problems before they occur.
Protect Yourself
When you log into your account, you can view or modify your privacy settings on a pulldown menu under “Home” on the top right of the page. Here’s what mine looks like:
When you get to the Privacy landing page, you might notice your default settings are set to “Public”, here we update them.
Notice this is targeted at your default sharing options, you can also change them for specific items on the site by using the inline audience selector, but here it’s a good idea to select “Custom” and specify what fits your needs, here’s what’s shown by default:
That’s a little too public for many, so I make the default visibility to “Only Me”, keeping in mind that you can use the inline audience selector to widen the audience of particular data you want to share, but if you don’t, the default will be to keep it more private.
Notice you can also explicitly list people or lists you DON’T want to share things with, a sort of data sharing blacklist, which you may find useful if you opt to share with others but want to restrict certain aspects more granularly. If you select this option you are also presented with a note saying:
That means if you tag someone in a photo, for example, they will be able to view the photo, even though you don’t explicitly opt to share it.
Now let’s look at ways other people can access your profile information. We start by selecting the “Edit Settings” link back on the Privacy Settings page:
The default settings show “Everyone”, shown below:
These default settings are a little too permissive for my tastes, so I ratchet them down like this:
This setting keeps my profile a little more private. Back at the Privacy home page, let’s take a look at “Profile and Tagging” to control how information gets tagged and shared:
Here we can ratchet down who can post to your wall, who can see posts tagged in your profile, and so on. Below is the default:
I would prefer to restrict more content to friends only, so I change it to reflect that preference:
Also, you might want to control who can tag you in their content by enabling “Review posts friends tag you in before they appear on your profile” if you choose to restrict that.
Next we restrict past post visibility, which is a good idea if you’ve had a lot of posts in the past, and you’d prefer more granular control over how that information is shared:
When you edit this section, you are presented with a screen warning you about restricting past posts, warning that since it’s a global change, you may also choose to just restrict specific posts, rather than across your whole profile. Continue past this warning by selecting “Limit Old Posts.” You will be asked to confirm this choice, warning that this change may not be easy to undo.
Next we take a look at “Blocked People and Apps”, a sort of blacklist for specific functionality:
Click on “Manage Blocking” link, which opens the following dialog box:
This functionality can come in handy if you have been getting unwelcome interactions from someone on your friend list. Also, note that once you add a user to your Restricted List, they aren’t notified of the change, which is handy for dealing with potentially pestering friends wanting to know why you’ve changed your settings.
Summary
These are some of the basic protections that will help control the data sprawl of your private information. Of course, Facebook updates its security and privacy settings on fairly regular intervals, so we will provide updates from time-to-time. In combination with our earlier security post, this privacy primer should go a long way toward keeping your social networking safer and prevent problems with your personal data spreading further than you planned or expected.
11 Tips for protecting your data when you travel
May 15, 2012 Leave a comment
Recently FBI issued a warning about a threat involving hotel Internet service overseas and it produced a lot of requests for advice on how to respond to the threat. So researchers at ESET came up with a list of data security tips for travelers. These tips will help you keep your data safe while traveling and should defeat this particular threat (when a pop-up appears as you are signing in to the hotel Internet and asks you to update perform a software which is actually a malware infection).
- Make sure your operating system and antivirus software are updated before you go on the road.
- Backup your data before you head out (and store the backup in a safe place).
- Consider leaving some data behind or move sensitive data from your laptop hard drive to an encrypted USB stick.
- Make sure you have password protection and inactivity timeout engaged on all devices including laptops, tablets, and smartphones.
- If possible, only use reputable hotel Internet service providers (ask the hotel who their provider is before you book).
- If the hotel Internet asks you to update software in order to connect, immediately disconnect and tell the front desk.
- If you use hotel Internet to connect to your company network use a VPN.
- Do not use WiFi connections that are not encrypted with WPA (avoid WEP encrypted connections which are easily hacked).
- Consider getting a 3G or 4G hotspot and using that instead of hotel Internet.
- Avoid online banking and shopping while on any hotel or public Internet connection.
- Disable pop-ups in your web browser.
WEP/WPA? How to know which encryption scheme an access point offers
If you are using a Windows 7 laptop you can see the encryption type for any available access point when you display the list of access points from the network icon in the Taskbar (typically lower right of the screen). You may have to hover over the point in the list to see the information.
If you are using a MacBook you can Option-Click the Airport icon for a list that will display the encryption type of your current connection and, on hover, other connections, as shown on the right.
Bonus tip #1: If you are on the road and suspect that your Windows laptop has become infected you can get a free online scan from ESET.
Bonus tip #2: Don’t assume your laptop is safe from malware when traveling just because it is a Mac. Consider installing a reputable antivirus product, for example, you could install a free 30-day trial of ESET Cybersecurity for Mac OS X before you head out on your travels.
King of Spam: Festi botnet analysis
May 14, 2012 Leave a comment
We have just completed fresh analysis of the malicious software known as Win32/Festi. While the “Festi” botnet created with this malware has been in business since the autumn of 2009 we can see that the software is frequently updated, as described in our analysis, and these updates mean Festi continues to be a potent threat (Festi is detected by ESET as Win32/Rootki.Festi). You can download our whitepaper with the complete analysis here (.pdf). What follows are some of the highlights.
According to statistics from M86 Security Labs, Win32/Festi is one of the three most active spam botnets in the world. Thanks to plugin modules that we describe in our analysis Win32/Festi is also capable of being used for distributed denial of service (DDoS) attacks. The malware’s kernel-mode driver implements backdoor functionality and is capable of:
- Updating configuration data from the C&C (command and control server);
- Downloading additional dedicated plugins.
As show in the diagram on the right, the Win32/Festi kernel-mode driver periodically contacts the C&C server and requests plugins and configuration information. The downloaded plugins perform the bot’s main tasks, such as sending spam.
In an interesting twist, these plugins are kernel-mode drivers which aren’t saved on any storage device in the system and are volatile in memory. Thus, when the infected computer is switched off or rebooted, which a victim might do if they sense something is wrong with their system, the plugins vanish from system memory. This makes forensic analysis of the malware significantly harder since the only file stored on the hard drive is the main kernel-mode driver, and this contains neither the payload nor information regarding which sites to attack or target with spam.
Each plugin is dedicated to performing certain kinds of work such as performing DDoS attacks against a specified network resource or sending spam. The plugins communicate with the main driver through a well-defined interface which we have documented in our white paper.
Another interesting aspect of Win32/Festi that we describe in our analysis is the malware’s ability to bypass personal firewalls and HIPS systems that may be installed on the infected machine. To communicate with C&C servers and send spam and perform DDoS attacks, Win32/Festi relies on a TCP/IP stack implemented in Microsoft Windows OS in kernel-mode. However, the bot uses a custom implementation of the ZwCreateFile system service to send IRP requests directly to the transport driver.
Other evasive techniques that Win32/Festi employs include detecting whether it is running inside a VMware virtual machine and checking for the presence of a kernel debugger. We describe these in our detailed Win32/Festi analysis (.pdf).
Eugene Rodionov, Malware Researcher
Aleksandr Matrosov, Security Intelligence Team Lead
Monthly Threat Report: April 2012
May 9, 2012 Leave a comment
1. HTML/ScrInject.B
Previous Ranking: 1
Percentage Detected: 6.75%
Generic detection of HTML web pages containing script obfuscated or iframe tags that that automatically redirect to the malware download.
2. HTML/Iframe.B
Previous Ranking: 3
Percentage Detected: 4.54%
Type of infiltration: Virus
HTML/Iframe.B is generic detection of malicious IFRAME tags embedded in HTML pages, which redirect the browser to a specific URL location with malicious software.
3. INF/Autorun
Previous Ranking: 2
Percentage Detected: 4.32%
This detection label is used to describe a variety of malware using the file autorun.inf as a way of compromising a PC. This file contains information on programs meant to run automatically when removable media (often USB flash drives and similar devices) are accessed by a Windows PC user. ESET security software heuristically identifies malware that installs or modifies autorun.inf files as INF/Autorun unless it is identified as a member of a specific malware family.
Removable devices are useful and very popular: of course, malware authors are well aware of this, as INF/Autorun’s frequent return to the number one spot clearly indicates. Here’s why it’s a problem.
The default Autorun setting in Windows will automatically run a program listed in the autorun.inf file when you access many kinds of removable media. There are many types of malware that copy themselves to removable storage devices: while this isn’t always the program’s primary distribution mechanism, malware authors are always ready to build in a little extra “value” by including an additional infection technique.
While using this mechanism can make it easy to spot for a scanner that uses this heuristic, it’s better, as Randy Abrams has suggested in our blog (http://blog.eset.com/?p=94 ; http://blog.eset.com/?p=828) to disable the Autorun function by default, rather than to rely on antivirus to detect it in every case. You may find Randy’s blog at http://www.eset.com/threat-center/blog/2009/08/25/now-you-can-fix-autorun useful, too.
4. JS/Iframe.AS
Previous Ranking: 6
Percentage Detected: 4.14%
JS/Iframe.AS is a trojan that redirects the browser to a specific URL location with malicious software. The program code of the malware is usually embedded in HTML pages.
5. Win32/Conficker
Previous Ranking: 4
Percentage Detected: 2.86%
The Win32/Conficker threat is a network worm originally propagated by exploiting a recent vulnerability in the Windows operating system. This vulnerability is present in the RPC sub-system and can be remotely exploited by an attacker without valid user credentials. Depending on the variant, it may also spread via unsecured shared folders and by removable media, making use of the Autorun facility enabled at present by default in Windows (though not in Windows 7).
Win32/Conficker loads a DLL through the svchost process. This threat contacts web servers with pre-computed domain names to download additional malicious components. Fuller descriptions of Conficker variants are available at http://www.eset.eu/buxus/generate_page.php?page_id=279&lng=en.
While ESET has effective detection for Conficker, it’s important for end users to ensure that their systems are updated with the Microsoft patch, which has been available since the third quarter of 2008, so as to avoid other threats using the same vulnerability. Information on the vulnerability itself is available at http://www.microsoft.com/technet/security/Bulletin/ms08-067.mspx. While later variants dropped the code for infecting via Autorun, it can’t hurt to disable it: this will reduce the impact of the many threats we detect as INF/Autorun. The Research team in San Diego has blogged extensively on Conficker issues: http://blog.eset.com/?cat=145
It’s important to note that it’s possible to avoid most Conficker infection risks generically, by practicing “safe hex”: keep up-to-date with system patches, disable Autorun, and don’t use unsecured shared folders. In view of all the publicity Conficker has received and its extensive use of a vulnerability that’s been remediable for so many months, we’d expect Conficker infections to be in decline by now if people were taking these commonsense precautions. While the current ranking looks like a drop in Conficker prevalence, this figure is affected by the changes in naming and statistical measurement mentioned earlier: there’s no indication of a significant drop in Conficker infections covering all variants.
6. Win32/Sirefef
Previous Ranking: 7
Percentage Detected: 1.95%
Win32/Sirefef.A is a trojan that redirects results of online search engines to web sites that contain adware.
7. JS/TrojanDownloader.Iframe.NKE
Previous Ranking: 7
Percentage Detected: 1.86%
It is a trojan that redirects the browser to a specific URL location with malicious software. The program code of the malware is usually embedded in HTML pages.
8. JS/Agent
Previous Ranking: 5
Percentage Detected: 1.55%
The trojan displays dialogs that ask the user to purchase a specific product/service. After purchasing the product/service, the malware removes itself from the computer. Trojan is probably a part of other malware.
9. Win32/Dorkbot
Previous Ranking: 9
Percentage Detected: 1.53%
Win32/Dorkbot.A is a worm that spreads via removable media. The worm contains a backdoor. It can be controlled remotely. The file is run-time compressed using UPX.
The worm collects login user names and passwords when the user browses certain web sites. Then, it attempts to send gathered information to a remote machine. This kind of worm can be controlled remotely.
10. JS/Redirector
Previous Ranking: 10
Percentage Detected: 1.41%
JS/Redirector is a trojan that redirects the browser to a specific URL location with malicious software. The program code of the malware is usually embedded in HTML pages.
Could your next new car be hacked (should you be scared)?
May 2, 2012 Leave a comment
The wave of new data technology making its way into the next generation of cars – ranging from vehicles which semi-autonomously drive themselves, to realtime data streaming onto head’s up displays – begs the question: will they be safe from cyber shenanigans, or will you have to deploy security software on your next (probably hybrid) car?
At Blackhat last year, I watched a demo of hacking a car using wireless, where they were able to unlock its doors and start it up. The team that did the demo disclosed the situation to the car manufacturer, with the hope they could put protections in place to stop those with less-than-noble intentions (and free time) to try the same. But what if the hacking team decided to go the “Dark Side” and started unlocking cars and driving them off to chop shops?
Traditionally, cars have had rudimentary computing systems, implemented to carry out fixed tasks like measuring fuel for injection, making your transmission shift more smoothly under gentle acceleration or to improve gas mileage – things like that.
But with some manufacturers hoping to roll out location-aware browser-based or embedded information systems, can scams be far behind? Browser-based exploits have a long and inglorious history on more traditional platforms. So with the computer power required to launch these new data-driven cars, ushering in a raft of accompanying full-featured embedded computers, can that be a more full-featured scam platform as well? As we’ve seen with recent Java-related exploits (with more independence from the underlying host OS), it’s easy to imagine a Java app working its way into the car systems and doing things you wouldn’t suspect in your car, like exfiltrate your data to some remote location (or far worse).
To be sure, manufacturers of cars tend to test their systems a little more fully than a hot Silicon Valley startup vying for VC capital, where the motto tends to be “launch fast, iterate fast.” But cars tend to stay around for 10 years or more, making a vulnerability in the software stack more tricky to manage, especially over time. Automotive recalls are famously expensive, and tend to have a cooling effect for the brand in general, but what happens when some corner-case (or mainstream) hack crops up on a several year old model, as in the case of the Blackhat demo? While there may be an update cycle that can be pushed over-the-air, updates and patch cycles gone awry could have much more scary side-effects than, say, your mousepad not scrolling like it used to.
Generally speaking, auto manufacturers seem to be planning more batches of read-only interfaces than read-write, where the car simply reports on systems and information, so there’s less chance of systems introducing problems, say, from users grabbing a keyboard, logging in as Administrator, and then installing things. That’s a good thing. But still there are myriad wireless technologies in the works to serve up information to occupants, and that tends to also have the ability to be susceptible to nefarious downloadable nastiness.
Will we see anti-malware software for your car? I think it’s too soon to tell. Hopefully good design will blunt or remove the need. On the other hand, it certainly opens up new horizons for those seeking to socially engineer you based on information that may be gathered from your car’s systems, obtained either ethically or otherwise, directly from the car, or down the line. If retail marketers knew you always drove past their store, they might target their messaging to be relevant to you, especially if they could data-mine from the streams reported by your car. And the thought of automotive-based ransomware is very scary indeed; whether or not it could disable your car or simply purport to, it’s still unnerving.
Hopefully, manufacturers will engage the security community early and throughout the process to help with analysis, recommendation, and testing, which will hopefully keep us all safer from car-based hacks. If that fails, you may find even more motivation to dust off that Corvette restoration project sitting in the back of your shed and breath new life into it. It’s old and boring technologically-speaking, but you know what you’re getting, and not more.
For more reading on this topic, check out:
- Article on vehicular vulnerabilities in Scientific American last year.
- A 2010 article from “The Truth About Cars” describing core automotive computer technology like OBD-II and ECU, and CAN.
- Interesting 2010 research paper referenced in the above article: Experimental Security Analysis of a Modern Automobile.
- Need help finding the ODB-II port on your car? It is the same technology the Progressive insurance company uses for its “Snapshot” rate reduction device.
Cameron Camp
Security Researcher
Privacy and Security in the Consumer Cloud: The not so fine print
April 30, 2012 1 Comment
The consumer cloud expanded again this week with the addition of Google Drive to more familiar brands like Dropbox, Microsoft SkyDrive, Apple iCloud, and Amazon Cloud Drive. Unfortunately, most of these cloud-based file storage services come with privacy and security caveats, often involving language such as “You give us the right to access, retain, use and disclose your account information and Your Files…” and “We do not guarantee that Your Files will not be subject to misappropriation, loss or damage and we will not be liable if they are…”
Why cloud?
Before I explain why it is now more important than ever to read the “Terms of Service” and “Privacy Policy” that apply to any online services you may want to use, let me say a few words about what the consumer cloud means in practical terms. It means Internet access to gigabytes of online storage space–at low or no cost–from a wide range of devices, desktop to smartphone.
Full access is provided to the account holder and partial access may be made available to third parties designated by the account holder, like friends and family, on some consumer cloud services (we will deal with service operator access in a moment).
The way that people use and access consumer cloud services varies considerably but here’s just one example: I have about 30 gigabytes of music on my Amazon Cloud Drive. This happened when I got a Kindle Fire for Christmas and, in my enthusiasm to explore it without first reading the manual, accidentally initiated a 5-day sync-a-thon between one of my home computers and the Amazon cloud.
I decided to let the massive file transfer run its course and as a result I am now enjoying almost instant access to a familiar collection of thousands of songs in my own cloud, from just about any Internet-enabled device. When I buy new songs from Amazon they auto-magically get added to my Cloud Drive which enables me to pull down a local copy to any device.
Are they private?
I am happy to tell people about my use of the cloud for music storage because all of my MP3s are legal copies, ripped from my own CDs or purchased from either iTunes or Amazon. But what if someone questions that assertion? Could Amazon or some other entity scan my cloud drive for illegal content? Yes. Consider this section of the Amazon Cloud Drive Terms of Use:
5.2 Our Right to Access Your Files. You give us the right to access, retain, use and disclose your account information and Your Files: to provide you with technical support and address technical issues; to investigate compliance with the terms of this Agreement, enforce the terms of this Agreement and protect the Service and its users from fraud or security threats; or as we determine is necessary to provide the Service or comply with applicable law.
In other words, there is a fairly broad range of circumstances under which Amazon might look at your stuff, whether it is MP3s, JPEGs, PDFs, spreadsheets, doc files, or anything else you might decide to put in your cloud (you will find roughly similar language in the terms of use for Google Drive, Dropbox, Microsoft SkyDrive, and Apple iCloud). How you feel about these terms may depend on what your files contain. For example, it would be convenient for me to store all of my digital photos in the cloud, but my feelings about that are quite different from my feelings about storing music files in the cloud.
I do not mean to single out Amazon. As Sean Ludwig at VentureBeat recently pointed out, there are many similar policies at Apple, Google, Dropbox, and Microsoft. He points to a longer article containing a useful comparison of the various consumer cloud providers–with the unexplained exception of Amazon–over at The Verge. As both articles point out, Google may have a bigger perception problem in the privacy arena than other consumer cloud providers because Google Drive is covered by the company’s omnibus privacy policy that highlights just how many different pieces of information Google stores about the people who use its services.
Are they serious?
An area of added concern that extends to several of the companies mentioned is the reservation of rights to use your cloud content to advance the interests of the cloud service provider. Here is Google:
When you upload or otherwise submit content to our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content. The rights you grant in this license are for the limited purpose of operating, promoting, and improving our Services, and to develop new ones.
Quite frankly, Google’s lawyers could have made that whole paragraph a lot less scary if they had put the meat of the last sentence first, thereby making it clear that there are limited circumstances under which Google can use the very broad rights you are granting to them by uploading your stuff. Unfortunately, I’m pretty sure the words still mean the following scenario is entirely possible and legal: that special song you wrote and recorded and uploaded to Google Drive shows up on TV as part of a Google ad campaign, illustrated by those photos you took of your girlfriend (and this could happen without warning and without payment). Of course, you might be happy for the exposure, but that probably depends on the content of the song, the nature of photos, and even the current state of your relationships.
Are they secure?
Clearly, there are many good reasons to read the terms of use and privacy policies of any cloud service you are considering using before you start to upload files. If you need further persuasion, consider what one provider says about the security of your cloud data:
5.3 Security. We do not guarantee that Your Files will not be subject to misappropriation, loss or damage and we will not be liable if they are. You’re responsible for maintaining appropriate security, protection and backup of Your Files.
That’s right, you are on your own when it comes to security. I do not get a warm and fuzzy feeling from this paragraph, which is part of the Amazon Cloud Drive terms of use. And I wonder how the Amazon Marketing department got away with this statement used to encourage people to pay for storage on Amazon Cloud Drive: Your files are securely stored online.
What they mean is that you have a backup of your local files in the cloud, not that there is anything inherently secure about their cloud. After all, as section 5.3 of the terms of use is going to tell you: When it comes to security, all bets are off.
All of which means I am not keen to put anything precious or hard to replace on that cloud drive unless I already have a strongly protected local backup. And bear in mind that the Amazon claim is arguably even more disingenuous if you buy files like books and music and video that are delivered to the cloud and never downloaded.
Indeed, cloud security disclaimers should give companies as well as consumers cause for concern. At an information security conference in San Diego last October the chief privacy counsel of a major insurance company made a strong case for saying that standard cloud services are not compatible with privacy regulations such as Gramm–Leach–Bliley. In other words, standard cloud contracts don’t come with enough privacy and security assurances to permit their use for storing sensitive personal information that is subject to legal penalties for non-compliance.
Finally, even if compliance doesn’t concern you, think about what stands between your data in the consumer cloud and anyone who might want to steal it, ransom it, or otherwise mess with it: a password. That’s right, we are in the second decade of the twenty-first century and the security of your cloud data depends on nothing more than your ability to create and protect an unguessable password. Until that changes, the bottom line is sad but simple: When you drive into the cloud you do so at your own risk.
Stephen Cobb
ESET Security Expert
ESET Tops Worldwide Growth List for Consumer Security
April 26, 2012 Leave a comment
ESET Tops Worldwide Growth List for Consumer Security in Leading Industry Analyst Firm’s Security Software Market Share Report
For the second straight year, Gartner has ranked ESET as the security software vendor with the largest worldwide growth in consumer security. According to Gartner’s “Market Share: Security Software, Worldwide, 2011” report, which was released in late March 2012, ESET grew by 30.10 percent.
According to the report, “The security software market continues to show resilience at a time of IT budget restrictions. The market grew 7.5 percent in 2011.”
“We are consolidating our position as one of top security software for consumers, and we believe that Gartner’s analysis is recognizing it. The team behind our products – talented researches and developers – has been focused on understanding the threats for end users for a long time and we are happy to see that effort is being rewarded by our customers around the globe,” said Ignacio Sbampato, ESET chief sales and marketing officer.
During 2011, ESET has worked closely with its exclusive distributors from all around the globe to develop new sales channels, making it possible for home and small office users to access products in an easier way. Those channels include Apple Stores in North America, Staples, Saturn and MediaMarkt in several European countries, plus the tens of thousands of specialized resellers that deal with ESET software.
ESET has long been recognized for offering solutions that provide superior protection. By utilizing unique ThreatSense technology, all ESET products deliver real-time protection from spyware, viruses and other threats while using very little memory and CPU resources. Since 2011, ESET products include a new version of its cloud-based reputation system, ESET LiveGrid, which significantly improves the user’s protection against unknown threats. Additionally, ESET saw extensive growth in the consumer security market in 2011 with its award-winning anti-malware solutions ESET NOD32 Antivirus, ESET Smart Security, ESET Cyber Security for Mac, as well as ESET Mobile Security (for Windows Mobile, Symbian and Android platforms).
ESET Leads in Security Software Satisfaction (even) in Japan
April 24, 2012 Leave a comment
Now, because we already know you absolutely love us in Ireland, we wanted to find out what they think of us in Japan.
And it comes as no surprise, really, that in Japan ESET has been announced the leader in consumer satisfaction by the ASCII General Research Institute (part of ASCII Media Works). ESET product lines were the top choice for Japanese consumer segment customers among paid products: leading in eleven out of twelve categories. ESET is the brand of choice especially for power users, who are often utilising the advanced settings of computers.
ESET has achieved the top 91.00 point score which is more than 16 higher than the closest competitor Symantec and more than nine points higher than AVG, the winner of the paid AV category. ESET security solutions were ranking as best among paid AV products in the category of Response Speed of Resident Software (90.4), Security Performance (87.5), Support (78.9) and came out as the second most popular paid software in cost-effectiveness (73.2).
“Japanese customers are well-known for their high demands on technological quality, service and technical support and we are proud to have received this honor for a second time. Thanks goes to our partner in Japan – Canon IT Solutions, our valued customers and of course the talented ESET team worldwide,” says ESET.
ESET Products Leading in Overall Satisfaction in Japan (ASCII General Research Institute)
| Rank | Producer | Product | Satisfaction Rating (after purchase) |
| 1 | ESET (Canon IT Solutions partner company in Japan) | ESET series | 91.0 points |
| 2 | Symantec | Norton series | 74.2 points |
| 3 | Kaspersky | Kaspersky series | 72.6 points |
| 4 | SourceNext | Virus/Super Security ZERO series | 68.8 points |
| 5 | Trend Micro | Virus Buster series | 68.6 points |
| 6 | McAfee | McAfee series | 67.3 points |
The ASCII General Research Institute survey took place end of February and respondents were part of ASCII General Research monitor group (including readers of magazines Shukan (Weekly) ASCII, ASCII Dot PC, Mac People and ASCII.jp). The respondents evaluated the individual features and overall impression of each product by ratings “very good” (100 points), “good”, “moderate”, “bad” and “very bad” (0 points).
DNS Changer (re)lived, new deadline: 9 July 2012!
April 23, 2012 Leave a comment
As written in our “Password management for non-obvious accounts” blog post on February 22, the FBI confiscated the DNS Servers used by the DNS Changer malware and replaced them with different servers so that infected users would not be left without internet right away. Initially these replacement DNS Servers were to be taken offline on March 7, 2012. That meant any users who had not yet cleaned their systems and restored their DNS configuration would find themselves unable to use the internet.
All internet users were urged to check and clean their systems before March 7. However, due to the large number of affected systems and the unprecendent amount of effort involved, a federal judge in New York has ordered that the replacement DNS Servers not be taken offline before 9 July 2012. This may seem like good news but in reality it means that too many systems are still affected and dismantling the replacement DNS Severs would cause havoc.
One way to check if your system is affected by this DNS Changer malware is to use a free DNS check that several websites offer. If you rely (or have relied) on these websites, please be aware that some websites may be tampered with or malicious and give you the wrong advice. To be sure you use legitimate websites that offer this feature, ESET has verified that this US-website and this European-website have the proper checks and give sound advice.
Another good way to check if your Windows system is affected by any variant of the DNS Changer malware or any type of other malware is to use the free ESET Online Scanner. ESET’s Online Scanner for Windows employs ThreatSense scanning technology and is updated several times a day with detection and automatic remediation of newly discovered threats.
If you are using a Mac, then you can scan your system and remove malware like DNS Changer with a free trial version of ESET Cybersecurity for Mac.
Please be aware that if your system is still affected by DNS Changer come 9 July you may not be able to use the internet any longer. When that happens, especially for less technical people, it may be problematic to clean your system manually. A quick online scan takes just a short time and can prevent you and your system suffering further complications that could be awkward to resolve.
Righard Zwienenberg
Senior Research Fellow
RSS Feed
ESET Ireland
ESET develops software solutions that deliver instant, comprehensive protection against evolving computer security threats. We pioneered and continue to lead the industry in proactive threat detection. ESET NOD32® Antivirus, our flagship product, consistently achieves the highest accolades in all types of comparative testing and is the foundational product that builds out the ESET product line to include ESET Smart Security
