Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-11-18 10:30:39 |
\'My bank account was in a shambles\': The ordeal of an identity theft victim (lien direct) |
A victim of identity theft tells us how criminals used his identity to commit fraud and what it took to put his life back in order
|
|
|
|
|
2021-11-16 15:34:40 |
Strategic web compromises in the Middle East with a pinch of Candiru (lien direct) |
ESET researchers have discovered strategic web compromise (aka watering hole) attacks against high‑profile websites in the Middle East
|
|
|
|
|
2021-11-15 18:10:44 |
FBI systems compromised to send out fake attack alerts (lien direct) |
Hackers break into the Bureau's email systems to send out at least 100,000 emails warning recipients of imminent cyberattacks
|
|
|
|
|
2021-11-11 10:45:24 |
When the alarms go off: 10 key steps to take after a data breach (lien direct) |
It's often said that data breaches are no longer a matter of 'if', but 'when' – here's what your organization should do, and avoid doing, in the case of a security breach
|
|
|
|
|
2021-11-10 17:24:39 |
Google scores big win as court blocks iPhone tracking lawsuit (lien direct) |
The tech giant wins an appeal against a claim that it unlawfully collected personal data of millions of iPhone users
|
|
|
|
|
2021-11-09 19:02:14 |
Robinhood data breach affects 7 million people (lien direct) |
An attacker gained access to some of Robinhood's customer support systems and stole the personal data of around a third of the app's userbase
|
Data Breach
|
|
|
|
2021-11-08 10:30:13 |
Passwordless authentication: Is your company ready to move beyond passwords? (lien direct) |
Are the days numbered for '123456'? As Microsoft further nudges the world away from passwords, here's what your organization should consider before going password-free.
|
|
|
|
|
2021-11-04 16:22:55 |
Google squashes Android zero‑day bug exploited in targeted attacks (lien direct) |
Beyond the vulnerability in the Android kernel, the monthly round of security patches plugs another 38 security loopholes
|
Vulnerability
|
|
|
|
2021-11-03 14:00:59 |
Win one for privacy – Swiss providers don\'t have to talk (lien direct) |
Security and privacy get a leg up in Proton's legal challenge against data retention and disclosure obligations
|
|
|
|
|
2021-11-03 10:30:54 |
What\'s it like to work as a malware researcher? 10 questions answered (lien direct) |
Three ESET malware researchers describe what their job involves and what it takes to embark on a successful career in this field
|
Malware
|
|
|
|
2021-11-02 16:01:51 |
Man charged with hacking major US sports leagues to illegally stream games (lien direct) |
On top of illegally streaming sports games for profit, the man is also believed to have attempted to extort MLB for $150,000
|
|
|
|
|
2021-10-28 09:30:54 |
5 tips for parents for a cybersecure Halloween (lien direct) |
What are some of the key dangers faced by children online and how can you help protect them from the ghosts, ghouls and goblins creeping on the internet?
|
|
|
|
|
2021-10-27 14:44:49 |
Dark HunTOR: 150 arrested, $31 million seized in major dark web bust (lien direct) |
The police sting spanned three continents and involved crackdowns in nine countries
|
|
|
|
|
2021-10-27 09:30:06 |
Wslink: Unique and undocumented malicious loader that runs as a server (lien direct) |
There are no code, functionality or operational similarities to suggest that this is a tool from a known threat actor
|
Threat
Tool
|
|
|
|
2021-10-26 09:30:48 |
Putting cybersecurity first: Why secure‑by‑design must be the norm (lien direct) |
Organizations that aim to pull ahead of the competition need to develop a strong security culture from top to bottom
|
|
|
|
|
2021-10-22 09:30:10 |
What\'s lurking in the shadows? How to manage the security risks of shadow IT (lien direct) |
Employee use of unsanctioned hardware and software is an increasingly acute problem in the remote and hybrid work era
|
|
|
|
|
2021-10-21 09:30:27 |
Cybersecurity careers: What to know and how to get started (lien direct) |
Want to help make technology safer for everyone? Love solving puzzles? Looking for a rewarding career? Break into cybersecurity! Insights from ESET researchers Aryeh Goretsky and Cameron Camp will put you on the right track.
|
|
|
|
|
2021-10-20 20:32:20 |
Brave browser replaces Google with its own search engine (lien direct) |
Brave Search will become the default search option for new users in the US, UK, Canada, Germany and France, with more countries to follow soon
|
|
|
|
|
2021-10-19 18:23:09 |
$5.2 billion worth of Bitcoin transactions possibly tied to ransomware (lien direct) |
Threat actors are increasingly using advanced tactics to obfuscate and launder their illicit gains, a report by the US Government finds
|
Ransomware
|
|
|
|
2021-10-19 09:30:54 |
A recipe for failure: Predictably poor passwords (lien direct) |
Security professionals advise to never use 'beef stew' as a password. It just isn't stroganoff.
|
|
|
|
|
2021-10-15 09:30:19 |
Virus Bulletin: Old malware never dies – it just gets more targeted (lien direct) |
Putting a precision payload on top of more generic malware makes perfect sense for malware operators
|
Malware
|
|
|
|
2021-10-14 09:30:14 |
Employee offboarding: Why companies must close a crucial gap in their security strategy (lien direct) |
There are various ways a departing employee could put your organization at risk of a data breach. How do you offboard employees the right way and ensure your data remains safe?
|
|
|
|
|
2021-10-13 09:30:48 |
Don\'t get phished! How to be the one that got away (lien direct) |
If it looks like a duck, swims like a duck, and quacks like a duck, then it's probably a duck. Now, how do you apply the duck test to defense against phishing?
|
|
|
|
|
2021-10-12 16:41:38 |
Microsoft thwarts record‑breaking DDoS attack (lien direct) |
The attack, which clocked in at 2.4 Tbps, targeted one of Azure customers based in Europe
|
|
|
|
|
2021-10-11 18:04:58 |
Ransomware cost US companies almost $21 billion in downtime in 2020 (lien direct) |
The victims lost an average of nine days to downtime and two-and-a-half months to investigations, an analysis of disclosed attacks shows
|
|
|
|
|
2021-10-07 09:30:16 |
FontOnLake: Previously unknown malware family targeting Linux (lien direct) |
ESET researchers discover a malware family with tools that show signs they're used in targeted attacks
|
Malware
|
|
|
|
2021-10-06 16:51:39 |
Google to turn on 2FA by default for 150 million users, 2 million YouTubers (lien direct) |
Two-factor authentication is a simple way to greatly enhance the security of your account
|
|
Uber
|
|
|
2021-10-06 09:30:56 |
To the moon and hack: Fake SafeMoon app drops malware to spy on you (lien direct) |
Cryptocurrencies rise and fall, but one thing stays the same – cybercriminals attempt to cash in on the craze
|
Malware
|
|
|
|
2021-10-05 09:30:30 |
UEFI threats moving to the ESP: Introducing ESPecter bootkit (lien direct) |
ESET research discovers a previously undocumented UEFI bootkit with roots going back all the way to at least 2012
|
|
|
|
|
2021-10-01 09:30:58 |
October is Cybersecurity Awareness Month! Why being cyber‑smart matters (lien direct) |
The campaign may last for a month, but we should remember that cybersecurity is a year-round affair
|
|
|
|
|
2021-09-30 16:33:53 |
Hackers could force locked iPhones to make contactless payments (lien direct) |
Flaws in Apple Pay and Visa could allow criminals to make arbitrary contactless payments – no authentication needed, research finds
|
|
|
|
|
2021-09-29 14:53:22 |
CISA and NSA release guidance for securing VPNs (lien direct) |
What your organization should consider when it comes to choosing a VPN solution and hardening it against attacks
|
|
|
|
|
2021-09-27 15:06:54 |
Google releases emergency fix to plug zero‑day hole in Chrome (lien direct) |
The emergency release comes a mere three days after Google's previous update that plugged another 19 security loopholes
|
|
|
|
|
2021-09-23 15:51:04 |
Bug in macOS Finder allows remote code execution (lien direct) |
While Apple did issue a patch for the vulnerability, it seems that the fix can be easily circumvented
|
|
|
★★★
|
|
2021-09-22 09:30:26 |
Plugging the holes: How to prevent corporate data leaks in the cloud (lien direct) |
Misconfigurations of cloud resources can lead to various security incidents and ultimately cost your organization dearly. Here's what you can do to prevent cloud configuration conundrums.
|
Guideline
|
|
|
|
2021-09-21 15:06:24 |
European police dismantle cybercrime ring with ties to Italian Mafia (lien direct) |
The group used phishing, BEC and other types of attacks to swindle victims out of millions
|
|
|
|
|
2021-09-17 09:30:27 |
Numando: Count once, code twice (lien direct) |
The (probably) penultimate post in our occasional series demystifying Latin American banking trojans.
|
|
|
|
|
2021-09-15 16:00:46 |
Microsoft Patch Tuesday fixes actively exploited zero‑day and 85 other flaws (lien direct) |
The most recent Patch Tuesday includes a fix for the previously disclosed and actively exploited remote code execution flaw in MSHTML.
|
|
|
|
|
2021-09-14 15:30:49 |
WhatsApp announces end‑to‑end encrypted backups (lien direct) |
The Facebook-owned messaging service plans to roll out the feature to both iOS and Android users in the coming weeks.
|
|
|
|
|
2021-09-14 09:30:58 |
What is a cyberattack surface and how can you reduce it? (lien direct) |
Discover the best ways to mitigate your organization's attack surface, in order to maximize cybersecurity.
|
|
|
|
|
2021-09-13 09:30:02 |
Beware of these 5 common scams you can encounter on Instagram (lien direct) |
From cybercriminal evergreens like phishing to the verification badge scam we look at the most common tactics fraudsters use to trick their victims
|
|
|
|
|
2021-09-10 17:00:14 |
Victims duped out of US$1.8 million by BEC and Romance scam ring (lien direct) |
Elderly men and women were the main targets of the romance scams operated by the fraudsters.
|
|
|
|
|
2021-09-09 20:00:24 |
Howard University suffers cyberattack, suspends online classes in aftermath (lien direct) |
The university suffered a ransomware attack, however there is no evidence so far of data being accessed or stolen.
|
Ransomware
|
|
|
|
2021-09-07 15:57:06 |
ProtonMail forced to log user\'s IP address after an order from Swiss authorities (lien direct) |
Following the incident the company has updated its website and privacy policy to clarify its legal obligations to its userbase
|
|
|
|
|
2021-09-07 12:30:04 |
BladeHawk group: Android espionage against Kurdish ethnic group (lien direct) |
ESET researchers have investigated a targeted mobile espionage campaign against the Kurdish ethnic group, and that has been active since at least March 2020.
|
|
|
|
|
2021-09-03 09:30:37 |
A parent\'s guide to smartphone security (lien direct) |
Smartphones are kids' trusty companions both in- and outside the classroom, and as they return to their desks, we've prepared some handy tips on how to keep their devices secure.
|
|
|
|
|
2021-09-02 16:00:09 |
Twitter introduces new feature to automatically block abusive behavior (lien direct) |
Dubbed Safety Mode, the feature will temporarily block authors of offensive tweets from being able to contact or follow users.
|
|
|
|
|
2021-08-31 19:21:07 |
Flaw in the Quebec vaccine passport: analysis (lien direct) |
ESET's cybersecurity expert Marc-Étienne Léveillé analyses in-depth the Quebec's vaccine proof apps VaxiCode and VaxiCode Verif.
|
|
|
|
|
2021-08-31 19:11:41 |
Faille dans la preuve vaccinale Québécoise : analyse (lien direct) |
Les chercheurs d'ESET expliquent les détails d'une faille découverte dans VaxiCode Vérif, l'application mobile permettant la vérification des preuves vaccinales québécoise
|
|
|
|
|
2021-08-31 18:00:10 |
Don\'t use single‑factor authentication, warns CISA (lien direct) |
The federal agency urges organizations to ditch the bad practice and instead use multi-factor authentication methods
|
|
|
|