Here’s what you should know about some of the nastiest mobile malware – from malicious software that takes phones and data hostage to RATs that allow hackers to control devices remotely These days, the device in your pocket can do far more than call or send text messages. Your smartphone stores almost every aspect of
Cyber Security
The bitter truth about how fraudsters dupe online daters in this new twist on romance fraud The world is a confusing and lonely place sometimes. Police and security experts have been out in force for years warning lonely hearts not to fall for the romance fraudsters whose schemes cost victims more than US$950 million in
Organizations need to get better at mitigating threats from unknown vulnerabilities, especially as both state-backed operatives and financially-motivated cybercriminals are increasing their activity Zero-day vulnerabilities have always had something of a special reputation in the cybersecurity space. These software bugs are exploited for attacks before the flaw is known to the software vendor and so
Here’s what you should know about FlowingFrog, LookingFrog and JollyFrog – the three teams making up the TA410 espionage umbrella group In this edition of Week in security, Tony looks at the latest ESET research that: provided a detailed overview of TA410, a cyberespionage umbrella group that targets entities in the government and education sectors
ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET. ESET researchers have documented and analyzed TA410 activity going back to 2019. TA410 is a cyberespionage umbrella group loosely linked to
BEC fraud generated more losses for victims than any other type of cybercrime in 2021. It’s long past time that organizations got a handle on these scams. The old adage of people being the weakest link in security is especially true when it comes to email threats. Here, cybercriminals can arguable generate their biggest “bang-for-buck”
Camfecting doesn’t ‘just’ invade your privacy – it could seriously impact your mental health and wellbeing. Here’s how to keep an eye on your laptop camera. Our 24/7 digital lives mean we’re increasingly sitting in front of a screen, whether that’s a laptop, a smartphone or another device. That usually means we’re also sitting in
ESET researchers discover multiple vulnerabilities in various Lenovo laptop models that allow an attacker with admin privileges to expose the user to firmware-level malware ESET researchers have discovered and analyzed three vulnerabilities affecting various Lenovo consumer laptop models. The first two of these vulnerabilities – CVE-2021-3971, CVE-2021-3972 – affect UEFI firmware drivers originally meant to
Here’s what to know about vulnerabilities in more than 100 Lenovo consumer laptop models and what you can do right away to stay safe – all in under three minutes ESET researchers have released their findings about a trio of vulnerabilities that impact more than 100 Lenovo consumer laptop models with millions of users across the
Lessons from history and recent attacks on critical infrastructure throw into sharp relief the need to better safeguard our essential systems and services Just days ago, Ukraine’s power grid came under attack as the Sandworm group attempted to deploy a piece of malware called Industroyer2 against the operations of an energy supplier in the country.
Young people are not passive victims of technology or helpless addicts. They are technology creators and agents with diverse backgrounds and interests. When people hear that I study digital youth culture, I often get asked, “Is technology good or bad for kids?” My first struggle is to reframe the question. The question assumes technology is
If you look back at the long arc of history, it’s clear that one of the most crucial drivers of real progress in society is innovation If you look back at the long arc of history, it’s clear that one of the most crucial drivers of real progress in society is innovation: people coming up
ESET researchers provided technical analysis, statistical information, and known command and control server domain names and IP addresses ESET has collaborated with partners Microsoft’s Digital Crimes Unit, Lumen’s Black Lotus Labs, Palo Alto Networks Unit 42, and others in an attempt to disrupt known Zloader botnets. ESET contributed to the project by providing technical analysis,
This ICS-capable malware targets a Ukrainian energy company This is a developing story and the blogpost will be updated as new information becomes available. Executive summary The blogpost presents the analysis of a cyberattack against a Ukrainian energy provider. Key points: ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company
As cloud systems are increasingly the bedrock on which digital transformation is built, keeping a close eye on how they are secured is an essential cybersecurity best practice For weeks, cybersecurity experts and government agencies have been urging organizations to enhance their cyber-defenses due to the increased threat of cyberattacks amid Russia’s invasion of Ukraine.
ESET researchers analyzed three malicious applications targeting customers of eight Malaysian banks The popularity of online shopping has been growing during the past few years, a trend accelerated by the pandemic. To make this already convenient way of never having to leave the couch to buy new things even more convenient, people are increasingly using
If better privacy and anonymity sound like music to your ears, you may not need to look much further than Tor Browser. Here’s what it’s like to surf the dark web using the browser. When I speak to people about the dark web, many are still very wary of it and often think that it
How can businesses that lack the resources and technological expertise of large organizations hold the line against cybercriminals? Running and growing a business is hard work even in good times, but times of crisis bring a fresh crop of challenges. And as our reliance on technology for so many aspects of our lives increases, so
ESET researchers describe the structure of the virtual machine used in samples of Wslink and suggest a possible approach to see through its obfuscation techniques ESET researchers recently described Wslink, a unique and previously undocumented malicious loader that runs as a server and that features a virtual-machine-based obfuscator. There are no code, functionality or operational
Leading Slovak computer scientist Mária Bieliková shares her experience working as a woman driving technological innovation and reflects on how to inspire the next generation of talent in tech It’s no secret that women continue to be underrepresented in the ranks of technologists. Indeed, with the scales traditionally tipped towards men, we may not always realize
Soaring energy prices and increased geopolitical tensions amid the Russian invasion of Ukraine bring a sharp focus on European energy security It is generally understood that the world is deeply interconnected, especially when it comes to energy supplies and the global energy trade. Maintaining complex, but reliable business and nation-state relationships has been central to
ESET Research uncovers a sophisticated scheme that distributes trojanized Android and iOS apps posing as popular cryptocurrency wallets At the time of writing this blogpost, the price of bitcoin (US$38,114.80) has decreased about 44 percent from its all-time high about four months ago. For cryptocurrency investors, this might be a time either to panic and
Why has the conflict in Ukraine not caused the much anticipated global cyber-meltdown? New York City’s 8.4 million residents are in darkness after an audacious nation-state cyberattack took out the city’s power grid, causing untold chaos with stock markets around the world collapsing. In retaliation against the perpetrators, the US unleashes a series of cyberattacks
ESET researchers have discovered Hodur, a previously undocumented Korplug variant spread by Mustang Panda, that uses phishing lures referencing current events in Europe, including the invasion of Ukraine ESET researchers discovered a still-ongoing campaign using a previously undocumented Korplug variant, which they named Hodur due to its resemblance to the THOR variant previously documented by
As the war rages, the APT group with a long résumé of disruptive cyberattacks enters the spotlight again For cybersecurity pundits, it has become a doctrine that cyberdisruption, whether perpetrated directly or via proxy groups, can be expected to accompany military, political, and economic action as a way of softening up targets or of strategically
Cyberattacks against data centers may ultimately be everyone’s problem – how prepared are their operators for the heightened risk of cyber-assaults? As the war in Ukraine continues, so does the potential for further escalation in kinetic hostilities. At the same time, the odds that the conflict may lead to major cyberattacks against targets beyond Ukraine’s
The US military knows it needs to speed up technology adoption through optimization, something at the heart of Silicon Valley culture The U.S. military won’t soon be adopting open-plan work environments, flexible PTO, free ubiquitous food, and lean manufacturing processes, although Silicon Valley wants it to. At the recent Rocky Mountain Cyberspace Symposium, both were
An overview of some of the most popular open-source tools for threat intelligence and threat hunting As the term threat intelligence can be easily confounded with threat hunting, we will first endeavor to outline some of the differences between them. Threat intelligence refers to the aggregation and enrichment of data to create a recognizable profile
This is the third time in as many weeks that ESET researchers have spotted previously unknown data wiping malware taking aim at Ukrainian organizations ESET researchers have uncovered yet another destructive data wiper that was used in attacks against organizations in Ukraine. Dubbed CaddyWiper by ESET analysts, the malware was first detected at 11.38 a.m.
Ukraine has been under cyber-fire for years now – here’s what you should know about various disruptive cyberattacks that have hit the country since 2014 On February 24th, Russia invaded Ukraine. Just a few hours earlier, ESET discovered a destructive piece of malware that wrought havoc on the computer networks of a number of important