ESET Research ESET researchers discuss the dynamics within and between various groups of scammers who use a Telegram bot called Telekopye to scam people on online marketplaces ESET Research 18 Dec 2023 • , 1 min. read In this episode of our podcast, ESET malware researchers talk about the dynamics within and between various Neanderthal
Month: December 2023
Dec 19, 2023NewsroomCryptojacking / Cyber Threat The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. “This
Database provider MongoDB has alerted customers to a data breach in which some account and contact information was compromised. An email from MongoDB CISO, Lena Smart, sent to customers late last week was republished on X (formerly Twitter) by the vx-underground account. “MongoDB is investigating a security incident involving unauthorized access to certain MongoDB corporate
Dec 18, 2023NewsroomSoftware Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks that could be exploited by malicious actors to gain initial access to, and move laterally within, organizations. In an alert published last week, the agency
The UK government has proposed new rules designed to regulate the datacenter sector, in a bid to improve baseline cybersecurity and resilience. It’s seeking industry feedback on a new consultation document, Protecting and enhancing the security and resilience of UK data infrastructure, which will be open until February 22 2024. Under the current proposals, datacenter providers
Video Your iPhone has just received a new feature called iMessage Contact Key Verification that is designed to help protect your messages from prying eyes 15 Dec 2023 Apple has shipped iOS 17.2 to all users and it includes a new feature that is intended to protect users from attackers who could be misusing the
Dec 17, 2023NewsroomCyber Attack / Data Security MongoDB on Saturday disclosed it’s actively investigating a security incident that has led to unauthorized access to “certain” corporate systems, resulting in the exposure of customer account metadata and contact information. The American database software company said it first detected anomalous activity on December 13, 2023, and that
Four US residents have been charged with a series of money laundering offenses connected to a major “pig butchering” fraud syndicate. Lu Zhang, 36, of Alhambra, California; Justin Walker, 31, of Cypress, California; Joseph Wong, 32, of Rosemead, California; and Hailong Zhu, 40, of Naperville, Illinois, are charged with conspiracy to commit money laundering, concealment
ESET researchers analyzed a growing series of OilRig downloaders that the group has used in several campaigns throughout 2022, to maintain access to target organizations of special interest – all located in Israel. These lightweight downloaders, which we named SampleCheck5000 (SC5k v1-v3), OilCheck, ODAgent, and OilBooster, are notable for using one of several legitimate cloud
Dec 16, 2023NewsroomCyber Security / Incident Response China’s Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data security events in the country using a color-coded system. The effort is designed to “improve the comprehensive response capacity for data security incidents, to ensure timely and effective control,
Tens of thousands of current and former employees of a leading US cybersecurity and nuclear research laboratory were impacted by a major data breach discovered in November, it has been revealed. The Idaho National Laboratory (INL) said in an updated notice published this week that it first became aware of the incident on November 20.
Cybercrime continues to grow rapidly; indeed, it is a highly lucrative global industry. Without accurately accounting for profits from cybercrime (1, 2), we are left looking at the staggering estimated cost of US$7.08 trillion in 2022 for reference. Measured in terms of GDP, the illegal proceeds would rank as the third-largest “economy” worldwide. Regardless, this
Dec 15, 2023NewsroomPrivacy / User Tracking Google on Thursday announced that it will start testing a new feature called “Tracking Protection” starting January 4, 2024, to 1% of Chrome users as part of its efforts to deprecate third-party cookies in the web browser. The setting is designed to limit “cross-site tracking by restricting website access
Microsoft has gone after a prolific Vietnam-based threat group it describes as “the number one seller and creator” of fake accounts. Storm-1152 has made millions from the creation of an estimated 750 million fraudulent Microsoft accounts that play a key role in the cybercrime ecosystem, the Redmond giant said. “With companies able to quickly identify
ESET Research has discovered a cluster of malicious Python projects being distributed in PyPI, the official Python package repository. The threat targets both Windows and Linux systems and usually delivers a custom backdoor. In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency,
Dec 14, 2023NewsroomVulnerability / Data Breach A previously unknown hacker outfit called GambleForce has been attributed to a series of SQL injection attacks against companies primarily in the Asia-Pacific (APAC) region since at least September 2023. “GambleForce uses a set of basic yet very effective techniques, including SQL injections and the exploitation of vulnerable website
Ukraine has claimed a major scalp in the ongoing cyber-war with Russia, saying it has effectively crippled the Kremlin’s tax system. The country’s Ministry of Defense said its Defence Intelligence unit (GUR) conducted a “special operation” leading to the compromise of central servers of Russia’s Federal Taxation service (FTS), and over 2300 regional servers. These
Mobile Security A security compromise so stealthy that it doesn’t even require your interaction? Yes, zero-click attacks require no action from you – but this doesn’t mean you’re left vulnerable. Márk Szabó 11 Dec 2023 • , 3 min. read In a world of instant communication and accelerated by the ever-spreading notion that if you
Dec 13, 2023NewsroomPatch Tuesday / Windows Security Microsoft released its final set of Patch Tuesday updates for 2023, closing out 33 flaws in its software, making it one of the lightest releases in recent years. Of the 33 shortcomings, four are rated Critical and 29 are rated Important in severity. The fixes are in addition
Apache has warned customers of a critical remote code execution (RCE) vulnerability in its popular Struts 2 framework. Apache Struts 2 is an open-source web application framework for developing Java EE web applications. The new vulnerability, CVE-2023-50164, has been given a maximum severity rating and affects Struts 2.0.0-2.3.37 (EOL), Struts 2.5.0-2.5.32, and Struts 6.0.0-6.3.0. “An
We Live Progress ChatGPT would probably say “Definitely not!”, but will we learn any lessons from the rush to regulate IoT in the past? Tony Anscombe 11 Dec 2023 • , 3 min. read The accelerated pace in the advancement of technology is challenging for any of us to keep up with, especially for public
Dec 12, 2023NewsroomZero Day / Vulnerability Apple on Monday released security patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari web browser to address multiple security flaws, in addition to backporting fixes for two recently disclosed zero-days to older devices. This includes updates for 12 security vulnerabilities in iOS and iPadOS spanning AVEVideoEncoder, ExtensionKit, Find
Organizations are still exposed to critical vulnerabilities in Log4j, two years after a maximum severity bug was found in the popular utility, according to Veracode. The application security vendor analyzed data from software scans over 90 days between August 15 and November 15 2023. These covered 38,278 unique applications running Log4j versions 1.1 to 3.0.0-alpha1 across
Critical Infrastructure Legacy protocols in the healthcare industry present dangers that can make hospitals extremely vulnerable to cyberattacks. Tony Anscombe 08 Dec 2023 • , 3 min. read The healthcare industry will, I am sure, remain a significant target for cybercriminals due to the huge potential it provides them to monetize their efforts through ransomware
Dec 11, 2023NewsroomData Security / Mobile Security Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded over 12 million times. “Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while
Europe’s cybersecurity agency has warned that geopolitics is fueling a current increase in denial-of-service (DoS) attacks. ENISA analyzed 310 publicly reported DoS attacks between January 2022 and August 2023, to compile its ENISA Threat Landscape for DoS Attacks report. It claimed that two-thirds (66%) were motivated by political reasons or activist agendas, with half (50%)
Video ESET Research reveals details about a growth in the number of deceptive loan apps on Android, their origins and modus operandi 08 Dec 2023 This week, ESET researchers have taken a look at a steep increase in deceptive loan apps for Android. According to ESET Research, there has been a large growth of these
Dec 09, 2023NewsroomCyber Threat / Hardware Security Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new feature
The UK’s privacy regulator has warned of falling public trust in AI and said any use of the technology which breaks data protection law would be met with strong enforcement action. Speaking at techUK’s Digital Ethics Summit 2023 on Wednesday, information commissioner, John Edwards, pointed to organizations using AI for “nefarious purposes” in order to
Magnetic stripe cards were all the rage 20 or so years ago, but their security was fragile, and the requirement for signatures often added to the hassle of transactions – not to mention, they lacked data encryption, making them vulnerable to skimming and cloning by criminals. Chip-based cards emerged as a successor, offering enhanced security