Cyber Security

0 Comments
ESET researchers discover a new backdoor used by Turla to exfiltrate stolen documents to Dropbox ESET researchers found a previously undocumented backdoor and document stealer. Dubbed Crutch by its developers, we were able to attribute it to the infamous Turla APT group. According to our research, it was used from 2015 to, at least, early
0 Comments
Without ever setting foot in the lab, a threat actor could dupe DNA researchers into creating pathogens, according to a study describing “an end-to-end cyber-biological attack” Researchers have described a theoretical cyberattack that could be used to dupe unsuspecting scientists into producing dangerous biological substances, toxins and synthetic viruses. The paper, authored by researchers from Israel’s
0 Comments
The U.S. law enforcement agency shares a sampling of more than 90 spoofed FBI-related domains registered recently The Federal Bureau of Investigation (FBI) has issued a warning about domains designed to spoof the Bureau’s official website, fbi.gov. The alert lists more than 90 such fraudulent websites that have been registered recently. “The FBI observed unattributed cyber actors
0 Comments
This won’t be music to your ears – researchers spot an unsecured database replete with records used for an account hijacking spree Researchers have found an unsecured internet-facing database containing over 380 million individual records, including login credentials that were leveraged for breaking into 300,000 to 350,000 Spotify accounts. The exposed records included a variety
0 Comments
The information at risk of theft due to API flaws included people’s pictures, locations, dating preferences and Facebook data Security vulnerabilities in Bumble, one of today’s most popular dating apps, could have exposed the personal information of its entire, almost 100 million-strong user-base. The bugs – which affected Bumble’s application programming interface (API) and stemmed
0 Comments
ESET researchers uncover a novel Lazarus supply-chain attack leveraging WIZVERA VeraPort software ESET telemetry data recently led our researchers to discover attempts to deploy Lazarus malware via a supply-chain attack in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates
0 Comments
Backdoor authors show deep knowledge of the targeted POS software, decrypting database passwords from Windows registry values ESET researchers have discovered ModPipe, a modular backdoor that gives its operators access to sensitive information stored in devices running ORACLE MICROS Restaurant Enterprise Series (RES) 3700 POS – a management software suite used by hundreds of thousands of
0 Comments
Looking for vulnerabilities, securing systems or dismantling them, these are all viable career paths in the cybersecurity industry. Could one of them be right for you? The abundance of cyberthreats and shortage of skilled professionals, as well as competitive salaries and interesting job descriptions, are some of the reasons why a career in cybersecurity remains
0 Comments
Could a career in cybersecurity be right for you? – Google discloses a zero-day bug in Windows – Video game maker Capcom suffers a breach This week, we marked Antimalware Day and on this occasion we looked at the global cybersecurity workforce gap and some of the ways in which it could be plugged. Google
0 Comments
The developer of popular video game franchises took swift action to prevent the attack from spreading further across its systems Japanese video game developer Capcom has disclosed that it was the victim of a cyberattack that affected some of its systems. The publisher of a long list of popular franchises, including Street Fighter and Resident
0 Comments
There’s no shortage of opportunities for cybersecurity professionals and people looking to break into this field of endeavor. Could this also be the right career path for you? You’re most probably aware of the unbalanced equation between demand and supply in cybersecurity workforce, a fact all the more dire when you consider the myriad hazardous
0 Comments
The security hole isn’t expected to be plugged until the forthcoming Patch Tuesday bundle of security fixes Google’s Project Zero researchers have disclosed details about a zero-day vulnerability in Windows that they say is being exploited by attackers. The memory-corruption flaw resides in the Windows Kernel Cryptography Driver (cng.sys) and, according to Google, “constitutes a
0 Comments
Just in time for Halloween, we look at the haunting reality of data breaches and highlight five tales that spooked not only the cyber-world Halloween, the scariest day of the year, is upon us! However, traditional observations of the popular holiday may be hindered by the pandemic raging outside. Instead of children roaming the streets
0 Comments
A view of the Q3 2020 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts As the world braces for a pandemic-ridden winter, COVID-19 appears to be losing steam at least in the cybercrime arena. With coronavirus-related lures played out, crooks seem to have gone “back
0 Comments
In-game chats were flooded with messages from somebody who tried to coerce players into subscribing to a dubious YouTube channel InnerSloth, the developer of the popular whodunnit social deduction game Among Us, has had to fight off a cyberattack affecting its players during their online matches. The incident that started some time on Thursday took the