People know reusing passwords is risky – then do it anyway
And most people don’t change their password even after hearing about a breach, a survey finds
Archives - May 2020
Critical Android flaw lets attackers hijack almost any app, steal data
Left unpatched, the vulnerability could expose almost all Android users to the risk of having their personal data intercepted by attackers
Crooks threaten to leak customer data stolen from e‑commerce sites
A hack-and-extort campaign takes aim at poorly secured databases replete with customer information that can be exploited for further attacks
From Agent.BTZ to ComRAT v4: A ten‑year journey
Turla has updated its ComRAT backdoor and now uses the Gmail web interface for Command and Control
Two years later, has GDPR fulfilled its promise?
Has the landmark law helped build a culture of privacy in organizations and have consumers become more wary of sharing their personal data?
Insidious Android malware gives up all malicious features but one to gain stealth
ESET researchers detect a new way of misusing Accessibility Service, the Achilles’ heel of Android security
How encryption can help protect your sensitive data
Here’s how encryption can help keep your data safe from prying eyes – even if your device is stolen or your cloud account is hacked
Chrome 83 arrives with enhanced security and privacy controls
New features include DNS over HTTPS, a Safety Check section and simpler cookie management
No “Game over” for the Winnti Group
The notorious APT group continues to play the video game industry with yet another backdoor
These things may be cool, but are they safe?
In the rush to embrace IoT devices, we shouldn’t trade in our privacy and security for the added convenience
Bluetooth flaw exposes countless devices to BIAS attacks
As many as 30 different smartphones, laptops and other devices were tested – and all were found to be vulnerable
European supercomputers hacked to mine cryptocurrency
Several high-performance computers working on COVID-19 research have been forced offline following a string of attacks
Microsoft fixes vulnerability affecting all Windows versions since 1996
Another vulnerability in the same Windows component was abused by Stuxnet a decade ago
Mikroceen: Spying backdoor leveraged in high‑profile networks in Central Asia
ESET researchers dissect a backdoor deployed in attacks against multiple government agencies and major organizations operating in two critical infrastructure sectors in Asia
Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks
ESET researchers uncover several instances of malware that uses various attack vectors to target systems isolated by an air gap
Thunderbolt flaws open millions of PCs to physical hacking
A new attack method enables bad actors to access data on a locked computer via an evil maid attack within 5 minutes
WannaCryptor remains a global threat three years on
WannaCryptor is still alive and kicking, so much so that it sits atop the list of the most commonly detected ransomware families
Lukas Stefanko: How we fought off a DDoS attack from a mobile botnet
Hot on the heels of his research into an attack that attempted to take down ESET’s website, Lukas Stefanko sheds more light on threats posed by mobile botnets
Over 160 million user records put up for sale on the dark web
Eleven companies, ranging from online marketplaces to news websites, have had their user databases poached
Breaking news? App promises news feeds, brings DDoS attacks instead
After being targeted by an Android DDoS app, ESET seized the opportunity to analyze the attack and to help put an end to it