FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayWeLiveSecurity

Will Windows 10 leave enterprises vulnerable to zero-days?

One thing Microsoft has been very public about is Windows 10's new strategy of releasing patches to update the operating system at different times for consumer and enterprise versions.

CryptoFortress mimics TorrentLocker but is a different ransomware

ESET assess the differences between CryptoFortress and TorrentLocker: two very different strains of ransomware.

MSIL/Agent.PYO: Have botnet, will travel

ESET's researchers recently encountered a piece of malware targeting the filling of the forms belonging to the Consulate of Poland. To understand why it is first necessary to have a brief look at the application process for visas.

Windows exploitation in 2014

Today, we published our research about Windows exploitation in 2014. This report contains interesting information about vulnerabilities in Microsoft Windows and Office patched over the course of the year, drive-by download attacks and mitigation techniques.

Virlock: First Self-Reproducing Ransomware is also a Shape Shifter

Win32/VirLock is ransomware that locks victims’ screens but also acts as parasitic virus, infecting existing files on their computers. The virus is also polymorphic, which makes it an interesting piece of malware to analyze. This is the first time such combination of malware features has been observed.

Cybercrime Trends & Predictions for 2015

As regular readers will know, every year we publish our predictions on cybercrime attacks for the year ahead. Well, our South American research team has spent the last few weeks putting together our predictions for 2015.

TorrentLocker — Ransomware in a country near you

Today, we are publishing research on ransomware that emerged in 2014. We have posted blog articles about this threat before, to raise awareness when we realized the criminals were targeting the United Kingdom and Spain.

First exploitation of Internet Explorer 'Unicorn bug' in-the-wild

Microsoft released a patch last week for a critical vulnerability allowing remote code execution in Internet Explorer. This vulnerability is significant because it exploits an old bug present in Internet Explorer versions 3 through 11.

G20 2014 Summit Lure used to target Tibetan activists

APT actors trying to use big events as a lure to compromise their targets is nothing new. Tibetan NGOs being targeted by APT actors is also nothing new. Thus, surrounding the upcoming G20 2014 summit that is held in Brisbane, Australia, we were expecting to see G20 themed threats targeted at Tibetan NGOs. A Win32/Farfli (alias Gh0st RAT) sample ultimately confirmed our suspicions.

Korplug military targeted attacks: Afghanistan & Tajikistan

After taking a look at recent Korplug (PlugX) detections, we identified two larger scale campaigns employing this well-known Remote Access Trojan. This blog gives an overview of the first one

The Evolution of Webinject

Last month, we presented β€œThe Evolution of Webinject” in Seattle at the 24th Virus Bulletin conference. This blog post will go over its key findings and provide links to the various material that has been released in the last few weeks.

CVE-2014-4114: Details on August BlackEnergy PowerPoint Campaigns

In this post we provide additional information on how a specially crafted PowerPoint slideshow file (.PPSX) led to the execution of a BlackEnergy dropper.

Back in BlackEnergy *: 2014 Targeted Attacks in Ukraine and Poland

State organizations and private businesses from various sectors in Ukraine and Poland have been targeted with new versions of BlackEnergy, a malware that's evolved into a sophisticated threat with a modular architecture.

ESET Research Podcast: Finding the mythical BlackLotus bootkit

Here's a story of how an analysis of a supposed game cheat turned into the discovery of a powerful UEFI threat

Stop Cyberbullying Day: Prevention is everyone's responsibility

Strategies for stopping and responding to cyberbullying require a concerted, community-wide effort involving parents, educators and children themselves

Android GravityRAT goes after WhatsApp backups

ESET researchers analyzed an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can receive commands to delete files

7 tips for spotting a fake mobile app

Plus, 7 ways to tell that you downloaded a sketchy app and 7 tips for staying safe from mobile security threats in the future

Shedding light on AceCryptor and its operation

ESET researchers reveal details about a prevalent cryptor, operating as a cryptor-as-a-service used by tens of malware families

ESET Research Podcast: Finding the mythical BlackLotus bootkit

By: ESET Research

A story of how an analysis of a supposed game cheat turned into the discovery of a powerful UEFI threat

The post ESET Research Podcast: Finding the mythical BlackLotus bootkit appeared first on WeLiveSecurity

ESET Threat Report H1 2023

By: Roman KovÑč

A view of the H1 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

The post ESET Threat Report H1 2023 appeared first on WeLiveSecurity

What’s up with Emotet?

By: Jakub Kaloč

A brief summary of what happened with Emotet since its comeback in November 2021

The post What’s up with Emotet? appeared first on WeLiveSecurity

Android GravityRAT goes after WhatsApp backups

By: Lukas Stefanko

ESET researchers analyzed an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can receive commands to delete files

The post Android GravityRAT goes after WhatsApp backups appeared first on WeLiveSecurity

Asylum Ambuscade: crimeware or cyberespionage?

By: Matthieu Faou

A curious case of a threat actor at the border between crimeware and cyberespionage

The post Asylum Ambuscade: crimeware or cyberespionage? appeared first on WeLiveSecurity

Shedding light on AceCryptor and its operation

By: Jakub Kaloč

ESET researchers reveal details about a prevalent cryptor, operating as a cryptor-as-a-service used by tens of malware families

The post Shedding light on AceCryptor and its operation appeared first on WeLiveSecurity

❌