Blog

WHATS NEW WITH US

Stantinko: A massive adware campaign operating covertly since 2012

July 24th, 2017|0 Comments

Overview Since the beginning of 2017, ESET researchers have been conducting an investigation into a complex threat mainly targeting Russia and Ukraine. Standing out because of its prevalence and its sophistication, Stantinko turned out to […]

A major cyberattack could cost the global economy $53 billion

July 18th, 2017|0 Comments

Lloyd’s of London has reported that a serious cyberattack could cost the global economy as much as a devastating natural disaster. According to the Guardian, average losses from a crippling cyberattack are estimated to be around $53 billion. […]

Why Windows Phone users are now a serious security risk to their employers

July 13th, 2017|0 Comments

Windows Phone is dead. On July 11, Microsoft ended support for the Windows Phone 8.1, effectively killing off the Windows Phone brand. The Windows 10 Phone is still around, but the company hasn’t gone out of […]

Self-Service Food Kiosk Vendor Avanti Hacked

July 10th, 2017|0 Comments

Avanti Markets, a company whose self-service payment kiosks sit beside shelves of snacks and drinks in thousands of corporate breakrooms across America, has suffered of breach of its internal networks in which hackers were able to […]

Analysis of TeleBots’ cunning backdoor

July 5th, 2017|0 Comments

On the 27th of June 2017, a new cyberattack hit many computer systems in Ukraine, as well as in other countries. That attack was spearheaded by the malware ESET products detect as Diskcoder.C(aka ExPetr, PetrWrap, Petya, or NotPetya). This […]

Two-factor authentication: An underutilized security measure in businesses

July 3rd, 2017|0 Comments

Whenever a business considers the security measures it can implement, three options always crop up: antivirus on endpoints and servers to detect and eliminate as many threats as possible;  backups to ensure that any data lost in an incident […]

New WannaCryptor-like ransomware attack hits globally: all you need to know

June 28th, 2017|0 Comments

Update (June 27 – 23.34 CEST): Shutting down the computer and not booting again could prevent the disk encryption, though several files can be already encrypted after the MBR is replaced and further infection through […]

How to remove geolocation information from a photo in Google Photos

June 26th, 2017|0 Comments

It’s vacation season for many people. Time to shrug off the mantle of business and IT and take a dip in the ocean, climb a mountain, visit a museum, or whatever your penchant. While on […]

Got Robocalled? Don’t Get Mad; Get Busy.

June 26th, 2017|0 Comments

Several times a week my cell phone receives the telephonic equivalent of spam: A robocall. On each occasion the call seems to come from a local number, but when I answer there is that telltale pause […]

Girl Scouts USA to offer badges on cybersecurity

June 20th, 2017|0 Comments

The Girls Scouts USA (GSUSA) is set to offer badges on cybersecurity, amid growing concerns that women are still being deprived of opportunities to enter the industry. Citing the Computing Technology Industry Association, it said […]

Seven years after Stuxnet: Industrial systems security once again in the spotlight

June 16th, 2017|0 Comments

June seems to be historically rich in important events relating to the security of industrial systems. For example, June 17th, 2010, may be considered the day that Stuxnet was discovered, the malware behind the very […]

RARE XP PATCHES FIX THREE REMAINING LEAKED NSA EXPLOITS

June 15th, 2017|0 Comments

The unusual decision Microsoft made to release patches on Tuesday for unsupported versions of Windows was prompted by three NSA exploits that remained unaddressed from April’s ShadowBrokers leak. The worst of the bunch, an attack […]

Industroyer’ malware could be ‘biggest threat’ to major power grids around the world

June 12th, 2017|0 Comments

Last December, government officials in Ukraine launched a probe into a suspected cyberattack on the country’s power grid that caused a blackout in the northern part of the capital city of Kiev. It was the […]

Raspberry Pi owners: Update your Pi to protect against this Linux trojan

June 8th, 2017|0 Comments

A trojan has been discovered that infects the best-selling Raspberry Pi computer and turns it into a machine for mining cryptocurrency. The Linux.MulDrop.14 trojan targets Raspberry Pi boards running older versions of the default Raspbian […]

Botnets overshadowed by ransomware (in media)

June 7th, 2017|0 Comments

Recently, the much-reported WannaCryptor ransomware attack took the media by storm, receiving considerably more coverage than might have been expected for this type of malware, and overshadowing other internet threats at the same time. More dangerous than […]

OneLogin data breach may have compromised encrypted information

June 5th, 2017|0 Comments

OneLogin  has admitted that it cannot guarantee the security of encrypted data compromised by a cybercriminal on Wednesday (May 31st). The firm has confirmed that a review is currently underway to investigate the data breach, […]

$8 trillion ‘to be lost to cybercrime in next 5 years’

June 1st, 2017|0 Comments

Businesses are set lose $8 trillion to cybercrime over the course of the next five years, according to a new report. Juniper Research found that enterprises around the world are more at risk due to […]

ESET releases decryptor for AESNI ransomware variants, including XData

May 31st, 2017|0 Comments

Releasing master keys for older ransomware variants has become somewhat of a trend these days. Shortly after the release of the updated Crysis decryptor, master keys for some of the variants of the AES-NI family […]

Google Blacklists Sites Using Logins Over HTTP

May 30th, 2017|0 Comments

In what appears to be yet another effort to encourage site owners to adopt HTTPS, Google is marking newly registered sites that serve login pages or password input fields over HTTP as unsafe, Sucuri and […]

Report: Mobile ransomware attacks ‘soared’ in 2017, up 250% in Q1

May 23rd, 2017|0 Comments

Kaspersky Lab detected more than 479 million malicious attacks from online sources in Q1 2017 alone, according to a new report. Here’s how to stay safe. The global ransomware epidemic continues to make waves, as […]

Keys for Crysis released, as decryption efforts of WannaCryptor files continue

May 22nd, 2017|0 Comments

While the entire cybersecurity world is focusing on WannaCryptor ransomware and ways to help its victims, someone has released 200 master keys for the latest variants of another notorious ransomware family (detected by our systems […]

Ignoring software updates? You’re making one of five basic security mistakes

May 19th, 2017|0 Comments

Cybercrime has quickly become a major problem for businesses, governments and citizens all over the globe. While awareness of this multifaceted threat is increasing, we’re still making the same blunder when it comes to cybersecurity, […]

Shadow Brokers threaten to release even more NSA-sourced malware

May 17th, 2017|0 Comments

The hacking group claims it will launch in June a subscription-based monthly dump of compromised data Late last night, someone claiming to represent Shadow Brokers—the people responsible for releasing stolen NSA hacking tools—posted a new message […]

Apple users advised to update their software now, as new security patches released

May 16th, 2017|0 Comments

Welcome to the post-WannaCryptor world, where every computer user understands the importance of creating secure backups and applying security patches in a timely fashion. What’s that? You’re not so sure that folks have learnt the […]

Malicious registry keys: Reflective injection

May 15th, 2017|0 Comments

Over the years, we have witnessed how cybercriminals have developed and implemented sophisticated new techniques to outwit users. That being said, one thing has not changed and remains a constant challenge: ensuring perseverance and avoiding detection both […]

Microsoft Issues WanaCrypt Patch for Windows 8, XP

May 13th, 2017|0 Comments

Microsoft Corp. today took the unusual step of issuing security updates to address flaws in older, unsupported versions of Windows — including Windows XP and Windows 8. The move is a bid to slow the spread […]

Big changes in the infosec landscape: Time to take note and take action

May 9th, 2017|0 Comments

Recent events are changing the topography of the threat model and attack methodologies across the board and at record speeds – to say that the impact of the past few weeks in information security news […]

Why SMBs are at high risk for ransomware attacks, and how they can protect themselves

May 8th, 2017|0 Comments

Ransomware cost businesses more than $1B last year, and SMBs are particularly susceptible to attack. Here are some tips and best practices for keeping your company safe. Ransomware dominated the cyberthreat landscape in 2016, costing […]

Beware Google Docs phishing attack

May 4th, 2017|0 Comments

Recently, many people received a phishing email from a mailinator.com address that was attached to a malicious Google doc. It seemed to be targeting journalists, as well as yours truly. Once the link is clicked, […]

IBM admits it sent malware-infected USB sticks to customers

May 3rd, 2017|0 Comments

In a recent support alert issued by IBM, the company noted that some USB drives that shipped with its Storwize systems contained malicious code. IBM accidentally shipped USB drives infected with malware to some customers, […]

Identity theft is alive and well–and fraudsters keep getting richer

May 2nd, 2017|0 Comments

Last year, cyber criminals netted 16 billion dollars in the US alone. Find out why fraudsters are so successful and what you can do to stay safe. Identity fraud no longer makes tech-news headlines, and […]

Not Always Picture Perfect! 🙂

May 2nd, 2017|0 Comments

Sometimes it takes a nose swap to make the pre-picture perfect.…

NSA to end warrantless collection of emails and texts about foreign targets

May 1st, 2017|0 Comments

The National Security Agency will stop collecting Americans’ emails and texts to people from other countries, and/or those that mention someone who is currently under surveillance. The National Security Agency (NSA) will no longer collect […]

Fake Chrome extensions inject code into web pages

April 28th, 2017|0 Comments

Recently, here at our research lab, we have seen an increase in the number of JS/Chromex.Submelius threats detected. In countries like Colombia, Peru, Ecuador and Chile, the detection levels for this particular threat have been as high […]

DataField Catered Food from On The Border to Support Autism Awareness

April 26th, 2017|0 Comments

Just some of the delicious food brought into the office today! I should have definitely opened up the containers before taking the picture!

Scam calls: Can you hear me, mother?

April 26th, 2017|0 Comments

Sandy Powell was a Yorkshire-born comedian who was well known for the catchphrase ‘Can you hear me, mother?’, with which he used to introduce his radio shows. It may not sound particularly amusing nowadays, but […]

Online shoppers are losing trust in e-commerce, study finds

April 25th, 2017|0 Comments

According to a global survey from the Centre for International Governance Innovation, almost half of all respondents say they don’t trust online shopping. Users are losing trust in the internet, at least when it comes […]

Young cybercriminals ‘more motivated by peer respect than financial gain’

April 24th, 2017|0 Comments

An increasing number of young cybercriminals are motivated by a sense of notoriety and popularity with their peers rather than financial gain. That is the main finding from a new report published by the UK […]

5 mobile security precautions nobody should ignore

April 21st, 2017|0 Comments

Mobile security should be on your list of things to take seriously. Jack Wallen tells you why and gives you some tips on making it happen. I’ve heard all of the excuses, every one of […]

Facebook offers account recovery service that’s more secure than email

April 19th, 2017|0 Comments

Facebook’s new Delegated Account Recovery service, announced Tuesday at the company’s annual F8 developer’s conference in San Jose, CA, provides a new way to re-gain access to online accounts that may be safer than using […]

New training platform uses real-world situations to train cybersecurity experts faster

April 19th, 2017|0 Comments

ISACA’s Cybersecurity Nexus Training Platform and Assessment Tool offers on-demand, hands-on training and skills assessment in a live lab environment. Here’s how it can help your employees. Many enterprises report increasing difficulties finding skilled cybersecurity […]

Shoney’s Hit By Apparent Credit Card Breach

April 17th, 2017|0 Comments

It’s Friday, which means it’s time for another episode of “Which Restaurant Chain Got Hacked?” Multiple sources in the financial industry say they’ve traced a pattern of fraud on customer cards indicating that the latest […]

Smartphone sensors ‘can reveal PINs and passwords’

April 12th, 2017|0 Comments

A smartphone’s internal sensors may provide cybercriminals with enough information to be able to guess a user PINs and passwords, according to new research by Newcastle University in the UK. Experts found that PINs and […]

Alleged Spam King Pyotr Levashov Arrested

April 10th, 2017|0 Comments

Authorities in Spain have arrested a Russian computer programmer thought to be one of the world’s most notorious spam kingpins. Spanish police arrested Pyotr Levashov under an international warrant executed in the city of Barcelona, according to […]

Self-Proclaimed ‘Nuclear Bot’ Author Weighs U.S. Job Offer

April 7th, 2017|0 Comments

The author of a banking Trojan called Nuclear Bot — a teenager living in France — recently released the source code for his creation just months after the malware began showing up for sale in cybercrime forums. […]

IoT company bricks customer’s device after negative review

April 6th, 2017|0 Comments

In a shining example of what not to do when you own a company, Garadget, which sells internet-connected garage door openers, recently bricked a customer’s device after the customer left a negative review for its […]

Don’t pay for what is for free: Malicious Adobe Flash Player app found on Google Play

April 5th, 2017|0 Comments

Based on ESET’s notice, Google has removed another malicious app from its official Android app store. It had received 100,000–500,000 downloads since November 2016. Unlike typical downloaders, ransomware and similar nasty stuff, this app – […]

The right to privacy in the digital era

April 3rd, 2017|0 Comments

Discussions around personal data protection in the European Union have drawn attention to the right of citizens to secure their privacy, a right that has been a constant concern over the years. This is especially […]

Close to 1.4 billion data records compromised in 2016

March 29th, 2017|0 Comments

Over a billion data records were compromised globally in 2016, according to Gemalto’s latest Breach Level Index. The report revealed that close to 1.4 billion records were involved in some sort of data breach, representing […]

40% of industrial computers were hacked in 2016, here are 5 ways to protect your business

March 29th, 2017|0 Comments

Nearly 40% of industrial computers experienced cyberattacks in the second half of 2016, according to a new report from Kaspersky Lab, released Tuesday. And these attacks are on the rise: The percentage of targeted industrial […]

Apple underwhelmed by latest CIA exploits revealed by WikiLeaks

March 27th, 2017|0 Comments

Earlier this month WikiLeaks made the headlines releasing what claimed to be leaked secret CIA documents detailing methods by which it exploited vulnerabilities and used hacking tools to spy upon persons of interest. The “Vault […]

GDPR: A simple explainer

March 24th, 2017|0 Comments

The General Data Protection Regulation (GDPR) is the biggest change in data protection laws for 20 years, and when it comes into effect on May 25th, 2018, it intends to give European citizens back control […]

ABTA experiences data breach

March 21st, 2017|0 Comments

The Association of British Travel Agents (ABTA) has suffered a major data breach, affecting thousands of customers. As some news providers have observed, it took the UK’s largest holiday and travel association 16 days to […]

Why top ISPs don’t think your web history or app usage is ‘sensitive information’

March 20th, 2017|0 Comments

Internet service providers (ISPs) said that web browsing and app usage history should not be considered “sensitive information,” according to a recent filing with the Federal Communications Commission (FCC). The CTIA, an advocacy group representing […]

Hack Brief: High-Profile Twitter Accounts Overrun With Swastikas

March 17th, 2017|0 Comments

LAST NIGHT, A swath of Twitter accounts with large followings—including Duke University, BBC North America, Forbes, and Amnesty International—tweeted out the same message, in Turkish, that included a swastika and hashtags that translate to “Nazi […]

Adobe, Microsoft Push Critical Security Fixes

March 15th, 2017|0 Comments

Adobe and Microsoft each pushed out security updates for their products today. Adobe plugged at least seven security holes in its Flash Player software. Microsoft, which delayed last month’s Patch Tuesday until today, issued an unusually large […]

Home Depot agrees to $25 million settlement for data breach

March 15th, 2017|0 Comments

US retail giant Home Depot is set to pay a $25 million settlement in relation to a data breach suffered in 2014. The incident reportedly saw the credit and debit cards of 56 million people […]

FBI won’t release iPhone hacking tool

March 15th, 2017|0 Comments

The tool used by the FBI to unlock an iPhone used by San Bernardino shooter, Syed Farook, will remain under wraps for now. On Monday, a court filing from FBI records management division section chief […]

10 ways to ruin a cybercriminal’s day

March 6th, 2017|0 Comments

Technology has changed the way we live, our relationships with others, and even how we take care of ourselves. These days, everyone – from the most inexperienced to the most advanced user – takes measures […]