What your organization should consider when it comes to choosing a VPN solution and hardening it against attacks The NSA and CISA have released joint guidance to help organizations select their Virtual Private Network (VPN) solution and hardening it against compromise. Vulnerable VPN servers are attractive targets for threat actors, as they provide great opportunities
Cyber Security
The emergency release comes a mere three days after Google’s previous update that plugged another 19 security loopholes Google has released an emergency update for its Chrome web browser to fix a zero-day vulnerability that is known to be actively exploited in the wild by malicious actors. The security loophole affects the Windows, macOS, and
While Apple did issue a patch for the vulnerability, it seems that the fix can be easily circumvented Researchers have uncovered a flaw in Apple’s macOS Finder system that could allow remote threat actors to dupe unsuspecting users into running arbitrary commands on their devices. The security loophole affects all versions of the macOS Big
Analysis of Numando banking trojan, steps to mitigate attack surface, and more! – Week in security with Tony Anscombe In this edition of Week in security, Tony looks at these topics: ESET Research continues its series on Latin American banking trojans, this time dissecting Numando, which targets mainly Brazil and rarely Mexico and Spain. An
The (probably) penultimate post in our occasional series demystifying Latin American banking trojans. Before concluding our series, there is one more LATAM banking trojan that deserves a closer look – Numando. The threat actor behind this malware family has been active since at least 2018. Even though it is not nearly as lively as Mekotio
Discover the best ways to mitigate your organization’s attack surface, in order to maximize cybersecurity. In almost all coverage of modern breaches you’ll hear mention of the “cyberattack surface” or something similar. It’s central to understanding how attacks work and where organizations are most exposed. During the pandemic the attack surface has grown arguably further
The most recent Patch Tuesday includes a fix for the previously disclosed and actively exploited remote code execution flaw in MSHTML. The arrival of the second Tuesday of the month can only mean one thing in cybersecurity terms, Microsoft is rolling out patches for security vulnerabilities in Windows and its other offerings. This time round Microsoft’s
The Facebook-owned messaging service plans to roll out the feature to both iOS and Android users in the coming weeks. While users already had the option to back up their message history using cloud-based services, they will soon be able to store their backups end-to-end encrypted (E2EE), WhatsApp has announced. The introduction of the new feature
From cybercriminal evergreens like phishing to the verification badge scam we look at the most common tactics fraudsters use to trick their victims Instagram is one of the most popular social media platforms. Indeed, with over one billion monthly active users it is among the top four most popular social media networks in the world. That figure,
Elderly men and women were the main targets of the romance scams operated by the fraudsters. A United States Army Reservist has been sentenced to 46 months and ordered to and pay approximately US$1.8 million in restitution after he was found to be involved in a scheme to commit romance and business email compromise (BEC) scams against
The university suffered a ransomware attack, however there is no evidence so far of data being accessed or stolen. Howard University, a private research university based out of Washington D.C. admitted that it suffered a cyberattack on Friday. The university alerted both the Federal Bureau of Investigation and the D.C. city government about the incident
ESET researchers have investigated a targeted mobile espionage campaign against the Kurdish ethnic group, and that has been active since at least March 2020. ESET researchers have investigated a targeted mobile espionage campaign against the Kurdish ethnic group. This campaign has been active since at least March 2020, distributing (via dedicated Facebook profiles) two Android
Following the incident the company has updated its website and privacy policy to clarify its legal obligations to its userbase ProtonMail a Swiss-based secure email provider has been at the center of some controversy after it was forced to share the IP address of one of its clients, a climate activist, with law enforcement agencies
Les chercheurs d’ESET expliquent les détails d’une faille découverte dans VaxiCode Vérif, l’application mobile permettant la vérification des preuves vaccinales québécoise La sortie d’applications mobiles permettant le stockage et la vérification du passeport vaccinal par le gouvernement du Québec (VaxiCode et VaxiCode Vérif) a fait couler beaucoup d’encre la semaine dernière. C’est avec raison; l’application
Vaccination passports may facilitate the return to normalcy, but there are also concerns about what kinds of personal data they collect and how well they protect it. Here’s what you should know. Technology has been front and center throughout the COVID-19 pandemic, but not without presenting a few issues and challenges. Proof of vaccination and
Smartphones are kids’ trusty companions both in- and outside the classroom, and as they return to their desks, we’ve prepared some handy tips on how to keep their devices secure. While in some parts of the world kids have already returned to their classrooms, in virtual form or in person, in others they are just gearing
Dubbed Safety Mode, the feature will temporarily block authors of offensive tweets from being able to contact or follow users. Twitter has unveiled a new feature called Safety Mode aimed at curbing abusive behavior, by autoblocking any unwanted tweets and other forms of online harassment. Currently the feature is available to a handful of users.
The federal agency urges organizations to ditch the bad practice and instead use multi-factor authentication methods The Cybersecurity and Infrastructure Security Agency (CISA) has added the use of single-factor authentication to its brief list of bad practices that it considers to be exceptionally risky when it comes to cybersecurity. “Single-factor authentication is a common low-security
ESET’s cybersecurity expert Marc-Étienne Léveillé analyses in-depth the Quebec’s vaccine proof apps VaxiCode and VaxiCode Verif. The launch of the mobile applications allowing the storage and verification of the vaccination passport by the Quebec government (VaxiCode and VaxiCode Verif) has caused a lot of ink to flow last week. It is with good reason; the
It might be tempting to blame the record-high costs of data breaches on the COVID-19 pandemic alone. But dig deeper and a more nuanced picture emerges. Any narrative about cybersecurity in 2020 is naturally going to focus on the COVID-19 pandemic. This once-in-a-generation crisis and the digital transformation it accelerated both broadened corporate attack surfaces
The man was after sexually explicit photos and videos that he would then share online or store in his own collection A California man has fessed up to breaking into the Apple iCloud accounts of hundreds of individuals and downloading more than 620,000 images and 9,000 videos while on the prowl for nude photos of
Meet SparklingGoblin, a member of the Winnti family ESET researchers have recently discovered a new undocumented modular backdoor, SideWalk, being used by an APT group we’ve named SparklingGoblin; this backdoor was used during one of SparklingGoblin’s recent campaigns that targeted a computer retail company based in the USA. This backdoor shares multiple similarities with another
The caches of data that were publicly accessible included names, email addresses and social security numbers A total of 38 million records stored across hundreds of Microsoft Power Apps portals have been found sitting unprotected on the internet. The treasure trove of data included a variety of personally identifiable information (PII) ranging from names and
One man’s trash is another man’s treasure – here’s why you should think twice about what you toss in the recycling bin Are you a serial shredder or do you tend not to bother thinking about what personal data is thrown in the waste? Have you ever thought what a cybercriminal could do after simply
Japanese cryptocurrency exchange Liquid suspends cryptocurrency deposits and withdrawals and moves its assets into cold storage Japanese cryptocurrency exchange platform Liquid has fallen victim to enterprising hackers who compromised its warm wallets and made off with more than US$97 million in various cryptocurrency assets. “At roughly 7:50 AM SGT on August 19th, Liquid’s Operations and
Ransomware payments may have greater implications than you thought – and not just for the company that gave in to the attackers’ demands Firstly, the answer to the question is likely to be ‘yes’. The debate on ransomware payments continues, which, of course, is positive; with discussion and differing viewpoints put forward, an informed conclusion
Fraudsters impersonate vaccine manufacturers and authorities overseeing vaccine distribution efforts, INTERPOL warns INTERPOL has issued a global warning about organized crime groups targeting governments with bogus offers peddling COVID-19 vaccines. The warning was issued to all of INTERPOL’s 194 member countries after the international law enforcement agency registered roughly 60 cases from 40 countries. The scammers focused
The secret list was exposed online for three weeks, allowing anyone to access it without any kind of authentication A terrorist watchlist containing almost 2 million records sat exposed and unsecured on the internet for a period of three weeks between July 19th and August 9th. The watchlist is said to come from the Terrorist
The second in our series on IIS threats dissects a malicious IIS extension that employs nifty tricks in an attempt to secure long-term espionage on the compromised servers ESET researchers have discovered and analyzed a previously undocumented backdoor, implemented as an extension for Internet Information Services (IIS), Microsoft’s web server software. The backdoor, which we
A new paper explains how ransomware has become one of the top cyberthreats of the day and how your organization can avoid becoming the next victim The infosec community has long been warning that ransomware has the potential to grow into the number one cyberthreat for business. However, since ransom demands were low and malware