Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-11-16 15:34:40 |
Strategic web compromises in the Middle East with a pinch of Candiru (lien direct) |
ESET researchers have discovered strategic web compromise (aka watering hole) attacks against high‑profile websites in the Middle East
|
|
|
|
|
2021-11-15 18:10:44 |
FBI systems compromised to send out fake attack alerts (lien direct) |
Hackers break into the Bureau's email systems to send out at least 100,000 emails warning recipients of imminent cyberattacks
|
|
|
|
|
2021-11-11 10:45:24 |
When the alarms go off: 10 key steps to take after a data breach (lien direct) |
It's often said that data breaches are no longer a matter of 'if', but 'when' – here's what your organization should do, and avoid doing, in the case of a security breach
|
|
|
|
|
2021-11-10 17:24:39 |
Google scores big win as court blocks iPhone tracking lawsuit (lien direct) |
The tech giant wins an appeal against a claim that it unlawfully collected personal data of millions of iPhone users
|
|
|
|
|
2021-11-09 19:02:14 |
Robinhood data breach affects 7 million people (lien direct) |
An attacker gained access to some of Robinhood's customer support systems and stole the personal data of around a third of the app's userbase
|
Data Breach
|
|
|
|
2021-11-08 10:30:13 |
Passwordless authentication: Is your company ready to move beyond passwords? (lien direct) |
Are the days numbered for '123456'? As Microsoft further nudges the world away from passwords, here's what your organization should consider before going password-free.
|
|
|
|
|
2021-11-04 16:22:55 |
Google squashes Android zero‑day bug exploited in targeted attacks (lien direct) |
Beyond the vulnerability in the Android kernel, the monthly round of security patches plugs another 38 security loopholes
|
Vulnerability
|
|
|
|
2021-11-03 14:00:59 |
Win one for privacy – Swiss providers don\'t have to talk (lien direct) |
Security and privacy get a leg up in Proton's legal challenge against data retention and disclosure obligations
|
|
|
|
|
2021-11-03 10:30:54 |
What\'s it like to work as a malware researcher? 10 questions answered (lien direct) |
Three ESET malware researchers describe what their job involves and what it takes to embark on a successful career in this field
|
Malware
|
|
|
|
2021-11-02 16:01:51 |
Man charged with hacking major US sports leagues to illegally stream games (lien direct) |
On top of illegally streaming sports games for profit, the man is also believed to have attempted to extort MLB for $150,000
|
|
|
|
|
2021-10-28 09:30:54 |
5 tips for parents for a cybersecure Halloween (lien direct) |
What are some of the key dangers faced by children online and how can you help protect them from the ghosts, ghouls and goblins creeping on the internet?
|
|
|
|
|
2021-10-27 14:44:49 |
Dark HunTOR: 150 arrested, $31 million seized in major dark web bust (lien direct) |
The police sting spanned three continents and involved crackdowns in nine countries
|
|
|
|
|
2021-10-27 09:30:06 |
Wslink: Unique and undocumented malicious loader that runs as a server (lien direct) |
There are no code, functionality or operational similarities to suggest that this is a tool from a known threat actor
|
Tool
Threat
|
|
|
|
2021-10-26 09:30:48 |
Putting cybersecurity first: Why secure‑by‑design must be the norm (lien direct) |
Organizations that aim to pull ahead of the competition need to develop a strong security culture from top to bottom
|
|
|
|
|
2021-10-22 09:30:10 |
What\'s lurking in the shadows? How to manage the security risks of shadow IT (lien direct) |
Employee use of unsanctioned hardware and software is an increasingly acute problem in the remote and hybrid work era
|
|
|
|
|
2021-10-21 09:30:27 |
Cybersecurity careers: What to know and how to get started (lien direct) |
Want to help make technology safer for everyone? Love solving puzzles? Looking for a rewarding career? Break into cybersecurity! Insights from ESET researchers Aryeh Goretsky and Cameron Camp will put you on the right track.
|
|
|
|
|
2021-10-20 20:32:20 |
Brave browser replaces Google with its own search engine (lien direct) |
Brave Search will become the default search option for new users in the US, UK, Canada, Germany and France, with more countries to follow soon
|
|
|
|
|
2021-10-19 18:23:09 |
$5.2 billion worth of Bitcoin transactions possibly tied to ransomware (lien direct) |
Threat actors are increasingly using advanced tactics to obfuscate and launder their illicit gains, a report by the US Government finds
|
Ransomware
|
|
|
|
2021-10-19 09:30:54 |
A recipe for failure: Predictably poor passwords (lien direct) |
Security professionals advise to never use 'beef stew' as a password. It just isn't stroganoff.
|
|
|
|
|
2021-10-15 09:30:19 |
Virus Bulletin: Old malware never dies – it just gets more targeted (lien direct) |
Putting a precision payload on top of more generic malware makes perfect sense for malware operators
|
Malware
|
|
|
|
2021-10-14 09:30:14 |
Employee offboarding: Why companies must close a crucial gap in their security strategy (lien direct) |
There are various ways a departing employee could put your organization at risk of a data breach. How do you offboard employees the right way and ensure your data remains safe?
|
|
|
|
|
2021-10-13 09:30:48 |
Don\'t get phished! How to be the one that got away (lien direct) |
If it looks like a duck, swims like a duck, and quacks like a duck, then it's probably a duck. Now, how do you apply the duck test to defense against phishing?
|
|
|
|
|
2021-10-12 16:41:38 |
Microsoft thwarts record‑breaking DDoS attack (lien direct) |
The attack, which clocked in at 2.4 Tbps, targeted one of Azure customers based in Europe
|
|
|
|
|
2021-10-11 18:04:58 |
Ransomware cost US companies almost $21 billion in downtime in 2020 (lien direct) |
The victims lost an average of nine days to downtime and two-and-a-half months to investigations, an analysis of disclosed attacks shows
|
|
|
|
|
2021-10-07 09:30:16 |
FontOnLake: Previously unknown malware family targeting Linux (lien direct) |
ESET researchers discover a malware family with tools that show signs they're used in targeted attacks
|
Malware
|
|
|
|
2021-10-06 16:51:39 |
Google to turn on 2FA by default for 150 million users, 2 million YouTubers (lien direct) |
Two-factor authentication is a simple way to greatly enhance the security of your account
|
|
Uber
|
|
|
2021-10-06 09:30:56 |
To the moon and hack: Fake SafeMoon app drops malware to spy on you (lien direct) |
Cryptocurrencies rise and fall, but one thing stays the same – cybercriminals attempt to cash in on the craze
|
Malware
|
|
|
|
2021-10-05 09:30:30 |
UEFI threats moving to the ESP: Introducing ESPecter bootkit (lien direct) |
ESET research discovers a previously undocumented UEFI bootkit with roots going back all the way to at least 2012
|
|
|
|
|
2021-10-01 09:30:58 |
October is Cybersecurity Awareness Month! Why being cyber‑smart matters (lien direct) |
The campaign may last for a month, but we should remember that cybersecurity is a year-round affair
|
|
|
|
|
2021-09-30 16:33:53 |
Hackers could force locked iPhones to make contactless payments (lien direct) |
Flaws in Apple Pay and Visa could allow criminals to make arbitrary contactless payments – no authentication needed, research finds
|
|
|
|
|
2021-09-29 14:53:22 |
CISA and NSA release guidance for securing VPNs (lien direct) |
What your organization should consider when it comes to choosing a VPN solution and hardening it against attacks
|
|
|
|
|
2021-09-27 15:06:54 |
Google releases emergency fix to plug zero‑day hole in Chrome (lien direct) |
The emergency release comes a mere three days after Google's previous update that plugged another 19 security loopholes
|
|
|
|
|
2021-09-23 15:51:04 |
Bug in macOS Finder allows remote code execution (lien direct) |
While Apple did issue a patch for the vulnerability, it seems that the fix can be easily circumvented
|
|
|
★★★
|
|
2021-09-22 09:30:26 |
Plugging the holes: How to prevent corporate data leaks in the cloud (lien direct) |
Misconfigurations of cloud resources can lead to various security incidents and ultimately cost your organization dearly. Here's what you can do to prevent cloud configuration conundrums.
|
Guideline
|
|
|
|
2021-09-21 15:06:24 |
European police dismantle cybercrime ring with ties to Italian Mafia (lien direct) |
The group used phishing, BEC and other types of attacks to swindle victims out of millions
|
|
|
|
|
2021-09-17 09:30:27 |
Numando: Count once, code twice (lien direct) |
The (probably) penultimate post in our occasional series demystifying Latin American banking trojans.
|
|
|
|
|
2021-09-15 16:00:46 |
Microsoft Patch Tuesday fixes actively exploited zero‑day and 85 other flaws (lien direct) |
The most recent Patch Tuesday includes a fix for the previously disclosed and actively exploited remote code execution flaw in MSHTML.
|
|
|
|
|
2021-09-14 15:30:49 |
WhatsApp announces end‑to‑end encrypted backups (lien direct) |
The Facebook-owned messaging service plans to roll out the feature to both iOS and Android users in the coming weeks.
|
|
|
|
|
2021-09-14 09:30:58 |
What is a cyberattack surface and how can you reduce it? (lien direct) |
Discover the best ways to mitigate your organization's attack surface, in order to maximize cybersecurity.
|
|
|
|
|
2021-09-13 09:30:02 |
Beware of these 5 common scams you can encounter on Instagram (lien direct) |
From cybercriminal evergreens like phishing to the verification badge scam we look at the most common tactics fraudsters use to trick their victims
|
|
|
|
|
2021-09-10 17:00:14 |
Victims duped out of US$1.8 million by BEC and Romance scam ring (lien direct) |
Elderly men and women were the main targets of the romance scams operated by the fraudsters.
|
|
|
|
|
2021-09-09 20:00:24 |
Howard University suffers cyberattack, suspends online classes in aftermath (lien direct) |
The university suffered a ransomware attack, however there is no evidence so far of data being accessed or stolen.
|
Ransomware
|
|
|
|
2021-09-07 15:57:06 |
ProtonMail forced to log user\'s IP address after an order from Swiss authorities (lien direct) |
Following the incident the company has updated its website and privacy policy to clarify its legal obligations to its userbase
|
|
|
|
|
2021-09-07 12:30:04 |
BladeHawk group: Android espionage against Kurdish ethnic group (lien direct) |
ESET researchers have investigated a targeted mobile espionage campaign against the Kurdish ethnic group, and that has been active since at least March 2020.
|
|
|
|
|
2021-09-03 09:30:37 |
A parent\'s guide to smartphone security (lien direct) |
Smartphones are kids' trusty companions both in- and outside the classroom, and as they return to their desks, we've prepared some handy tips on how to keep their devices secure.
|
|
|
|
|
2021-09-02 16:00:09 |
Twitter introduces new feature to automatically block abusive behavior (lien direct) |
Dubbed Safety Mode, the feature will temporarily block authors of offensive tweets from being able to contact or follow users.
|
|
|
|
|
2021-08-31 19:21:07 |
Flaw in the Quebec vaccine passport: analysis (lien direct) |
ESET's cybersecurity expert Marc-Étienne Léveillé analyses in-depth the Quebec's vaccine proof apps VaxiCode and VaxiCode Verif.
|
|
|
|
|
2021-08-31 19:11:41 |
Faille dans la preuve vaccinale Québécoise : analyse (lien direct) |
Les chercheurs d'ESET expliquent les détails d'une faille découverte dans VaxiCode Vérif, l'application mobile permettant la vérification des preuves vaccinales québécoise
|
|
|
|
|
2021-08-31 18:00:10 |
Don\'t use single‑factor authentication, warns CISA (lien direct) |
The federal agency urges organizations to ditch the bad practice and instead use multi-factor authentication methods
|
|
|
|
|
2021-08-31 09:30:50 |
Vaccine passports: Is your personal data in safe hands? (lien direct) |
Vaccination passports may facilitate the return to normalcy, but there are also concerns about what kinds of personal data they collect and how well they protect it. Here's what you should know.
|
|
|
|