ESET Research, Threat Reports A view of the H2 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts Jiří Kropáč 19 Dec 2023 • , 2 min. read The second half of 2023 witnessed significant cybersecurity incidents. Cl0p, a notorious cybercriminal group known for carrying
Dec 21, 2023NewsroomDark Web / Cybercrime German law enforcement has announced the disruption of a dark web platform called Kingdom Market that specialized in the sales of narcotics and malware to “tens of thousands of users.” The exercise, which involved collaboration from authorities from the U.S., Switzerland, Moldova, and Ukraine, began on December 16, 2023,
An international policing operation has led to the arrest of 3500 suspects and the seizure of assets worth $300m in connection with various organized cybercrime schemes. Interpol’s HAECHI IV operation was the latest in a long-running series of crackdowns supported by the South Korean government and involving police from 34 countries across the globe. Running
Dec 20, 2023NewsroomFinancial Crime / Cyber Threat A six-month-long international police operation codenamed HAECHI-IV has resulted in the arrests of nearly 3,500 individuals and seizures worth $300 million across 34 countries. The exercise, which took place from July through December 2023, took aim at various types of financial crimes such as voice phishing, romance scams,
One of the largest mortgage providers in the US has revealed that an October breach has impacted 14.7 million customers. Mr Cooper (formerly Nationstar Mortgage) discovered suspicious activity on its network on October 31 and subsequently shut down its systems to contain the incident and safeguard data. “Through our investigation, we determined that there was
ESET Research ESET researchers discuss the dynamics within and between various groups of scammers who use a Telegram bot called Telekopye to scam people on online marketplaces ESET Research 18 Dec 2023 • , 1 min. read In this episode of our podcast, ESET malware researchers talk about the dynamics within and between various Neanderthal
Dec 19, 2023NewsroomCryptojacking / Cyber Threat The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. “This
Database provider MongoDB has alerted customers to a data breach in which some account and contact information was compromised. An email from MongoDB CISO, Lena Smart, sent to customers late last week was republished on X (formerly Twitter) by the vx-underground account. “MongoDB is investigating a security incident involving unauthorized access to certain MongoDB corporate
Dec 18, 2023NewsroomSoftware Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks that could be exploited by malicious actors to gain initial access to, and move laterally within, organizations. In an alert published last week, the agency
The UK government has proposed new rules designed to regulate the datacenter sector, in a bid to improve baseline cybersecurity and resilience. It’s seeking industry feedback on a new consultation document, Protecting and enhancing the security and resilience of UK data infrastructure, which will be open until February 22 2024. Under the current proposals, datacenter providers
Video Your iPhone has just received a new feature called iMessage Contact Key Verification that is designed to help protect your messages from prying eyes 15 Dec 2023 Apple has shipped iOS 17.2 to all users and it includes a new feature that is intended to protect users from attackers who could be misusing the
Dec 17, 2023NewsroomCyber Attack / Data Security MongoDB on Saturday disclosed it’s actively investigating a security incident that has led to unauthorized access to “certain” corporate systems, resulting in the exposure of customer account metadata and contact information. The American database software company said it first detected anomalous activity on December 13, 2023, and that
Four US residents have been charged with a series of money laundering offenses connected to a major “pig butchering” fraud syndicate. Lu Zhang, 36, of Alhambra, California; Justin Walker, 31, of Cypress, California; Joseph Wong, 32, of Rosemead, California; and Hailong Zhu, 40, of Naperville, Illinois, are charged with conspiracy to commit money laundering, concealment
ESET researchers analyzed a growing series of OilRig downloaders that the group has used in several campaigns throughout 2022, to maintain access to target organizations of special interest – all located in Israel. These lightweight downloaders, which we named SampleCheck5000 (SC5k v1-v3), OilCheck, ODAgent, and OilBooster, are notable for using one of several legitimate cloud
Dec 16, 2023NewsroomCyber Security / Incident Response China’s Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data security events in the country using a color-coded system. The effort is designed to “improve the comprehensive response capacity for data security incidents, to ensure timely and effective control,
Tens of thousands of current and former employees of a leading US cybersecurity and nuclear research laboratory were impacted by a major data breach discovered in November, it has been revealed. The Idaho National Laboratory (INL) said in an updated notice published this week that it first became aware of the incident on November 20.
Cybercrime continues to grow rapidly; indeed, it is a highly lucrative global industry. Without accurately accounting for profits from cybercrime (1, 2), we are left looking at the staggering estimated cost of US$7.08 trillion in 2022 for reference. Measured in terms of GDP, the illegal proceeds would rank as the third-largest “economy” worldwide. Regardless, this
Dec 15, 2023NewsroomPrivacy / User Tracking Google on Thursday announced that it will start testing a new feature called “Tracking Protection” starting January 4, 2024, to 1% of Chrome users as part of its efforts to deprecate third-party cookies in the web browser. The setting is designed to limit “cross-site tracking by restricting website access
Microsoft has gone after a prolific Vietnam-based threat group it describes as “the number one seller and creator” of fake accounts. Storm-1152 has made millions from the creation of an estimated 750 million fraudulent Microsoft accounts that play a key role in the cybercrime ecosystem, the Redmond giant said. “With companies able to quickly identify
ESET Research has discovered a cluster of malicious Python projects being distributed in PyPI, the official Python package repository. The threat targets both Windows and Linux systems and usually delivers a custom backdoor. In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency,
Dec 14, 2023NewsroomVulnerability / Data Breach A previously unknown hacker outfit called GambleForce has been attributed to a series of SQL injection attacks against companies primarily in the Asia-Pacific (APAC) region since at least September 2023. “GambleForce uses a set of basic yet very effective techniques, including SQL injections and the exploitation of vulnerable website
Ukraine has claimed a major scalp in the ongoing cyber-war with Russia, saying it has effectively crippled the Kremlin’s tax system. The country’s Ministry of Defense said its Defence Intelligence unit (GUR) conducted a “special operation” leading to the compromise of central servers of Russia’s Federal Taxation service (FTS), and over 2300 regional servers. These
Mobile Security A security compromise so stealthy that it doesn’t even require your interaction? Yes, zero-click attacks require no action from you – but this doesn’t mean you’re left vulnerable. Márk Szabó 11 Dec 2023 • , 3 min. read In a world of instant communication and accelerated by the ever-spreading notion that if you
Dec 13, 2023NewsroomPatch Tuesday / Windows Security Microsoft released its final set of Patch Tuesday updates for 2023, closing out 33 flaws in its software, making it one of the lightest releases in recent years. Of the 33 shortcomings, four are rated Critical and 29 are rated Important in severity. The fixes are in addition
Apache has warned customers of a critical remote code execution (RCE) vulnerability in its popular Struts 2 framework. Apache Struts 2 is an open-source web application framework for developing Java EE web applications. The new vulnerability, CVE-2023-50164, has been given a maximum severity rating and affects Struts 2.0.0-2.3.37 (EOL), Struts 2.5.0-2.5.32, and Struts 6.0.0-6.3.0. “An
We Live Progress ChatGPT would probably say “Definitely not!”, but will we learn any lessons from the rush to regulate IoT in the past? Tony Anscombe 11 Dec 2023 • , 3 min. read The accelerated pace in the advancement of technology is challenging for any of us to keep up with, especially for public
Dec 12, 2023NewsroomZero Day / Vulnerability Apple on Monday released security patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari web browser to address multiple security flaws, in addition to backporting fixes for two recently disclosed zero-days to older devices. This includes updates for 12 security vulnerabilities in iOS and iPadOS spanning AVEVideoEncoder, ExtensionKit, Find
Organizations are still exposed to critical vulnerabilities in Log4j, two years after a maximum severity bug was found in the popular utility, according to Veracode. The application security vendor analyzed data from software scans over 90 days between August 15 and November 15 2023. These covered 38,278 unique applications running Log4j versions 1.1 to 3.0.0-alpha1 across
Critical Infrastructure Legacy protocols in the healthcare industry present dangers that can make hospitals extremely vulnerable to cyberattacks. Tony Anscombe 08 Dec 2023 • , 3 min. read The healthcare industry will, I am sure, remain a significant target for cybercriminals due to the huge potential it provides them to monetize their efforts through ransomware
Dec 11, 2023NewsroomData Security / Mobile Security Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded over 12 million times. “Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while
- « Previous Page
- 1
- …
- 29
- 30
- 31
- 32
- 33
- …
- 118
- Next Page »