Cyber Security

0 Comments
Some useful advice for staying safe while hunting for bargains in this holiday season The holiday sales are here and shoppers will be out hunting for bargains, both online and offline. Retailers will create tempting email campaigns – some are already starting to hit my inbox – and cybercriminals will see the heightened online shopping
0 Comments
The unfortunate implications of a well-intentioned change to Google Play Developer policies – and the negative impact it has on ESET’s Android app customers When downloading an app from the Google Play store it’s likely that you are oblivious, unless you’re an app developer, to the Google Developer Policy that needs to be adhered to
0 Comments
A probe launched immediately after the discovery of the suspected incident has yet to establish the scale of the potential damage The United States’ National Aeronautics and Space Administration (NASA) has notified all of its employees that their personal data may have been exfiltrated in a suspected security incident discovered two months ago. “On Oct.
0 Comments
An interview with ESET researchers Tomáš Gardoň and Filip Kafka on their research of a malware toolkit used in espionage against the Malaysian government In a presentation at AVAR 2018, ESET’s Tomáš Gardoň and Filip Kafka uncovered their research of a previously undocumented espionage toolkit, used in targeted attacks against the Malaysian government in mid-2018.
0 Comments
ESET research shows that DanaBot operators have been expanding the malware’s scope and possibly cooperating with another criminal group DanaBot appears to have outgrown the banking Trojan category. According to our research, its operators have recently been experimenting with cunning email-address-harvesting and spam-sending features, capable of misusing webmail accounts of existing victims for further malware
0 Comments
ESET researchers discovered a set of previously undocumented Linux malware families based on OpenSSH. In the white paper, “The Dark Side of the ForSSHe”, they release analysis of 21 malware families to improve the prevention, detection and remediation of such threats SSH, short for Secure SHell, is a network protocol to connect computers and devices
0 Comments
A welcome return to the hacker conferences of yesteryear There used to just be hacker conferences, but now the societal impact of increasingly connected systems seems much higher, so specialty conferences are popping up. Seeking to bring policy-makers and influencers together, where could be a more appropriate location for CyberwarCon than Washington D.C.? Notably, it’s
0 Comments
Fitness-tracking apps use dodgy in-app payments to steal money from unaware iPhone and iPad users Multiple apps posing as fitness-tracking tools were caught misusing Apple’s Touch ID feature to steal money from iOS users. The dodgy payment mechanism used by the apps is activated while victims are scanning their fingerprint seemingly for fitness-tracking purposes. There
0 Comments
Defensive steps for Marriott Starwood guests worried their personal information may have been compromised by the massive data breach If you are into cybersecurity, or data privacy, or staying at hotels, you have probably heard that Marriott International – one of the world’s largest hotel chains – announced a huge data breach today involving the Starwood reservations
0 Comments
The hacking and extortion scheme took place over a 34-month period with the SamSam ransomware affecting over 200 organizations in the US and Canada The United States Department of Justice (DOJ) unsealed indictments against two alleged Iranian hackers accused of being the miscreants behind the infamous SamSam ransomware attacks. The six-count indictment named Faramarz Shahi
0 Comments
The country’s first fine under GDPR is lower than might have been expected, however, as the company was acknowledged for its post-incident cooperation and enhanced security measures A German social media platform called Knuddels.de has been fined with €20,000 following a breach that exposed the personal information of 330,000 users, including their passwords and e-mail
0 Comments
International law enforcement swoops on fake ad viewing outfit On Monday, October 22nd, a disruption action involving law enforcement bodies worldwide targeted “3ve”, a major online ad fraud operation. Today, on November 27, 2018, a 13-count indictment against eight defendants was unsealed. Out of these eight defendants, three are in custody and awaiting extradition. Ad fraud
0 Comments
Emotet starts another massive spam campaign just as Black Friday begins to pick up steam ESET has detected another large Emotet campaign, probably connected with the increased online shopping and email correspondence around Black Friday. Compared to the previous attacks, the operators have slightly modified their modus operandi. Emotet is still being distributed via spam
0 Comments
The breach exposed the personal data of 160,000 people and cost the telecom company £77 million Two young Brits have been jailed for their roles in the breach at the telecommunications company TalkTalk in 2015, The Guardian reports. The Old Bailey criminal court in London sentenced Matthew Hanley, 23, and Connor Allsopp, 21, both from Staffordshire,
0 Comments
ESET researchers identified 21 distinct websites that had been compromised including some particularly notable government and media sites ESET researchers have discovered a new watering hole campaign targeting several websites in Southeast Asia, and that is believed to have been active since September 2018. This campaign stands out because of its large scale, as we