IIStealer: A server‑side threat to e‑commerce transactions
The first in our series on IIS threats looks at a malicious IIS extension that intercepts server transactions to steal credit card information
Uncategorized
Ghost blogging platform servers hacked to mine cryptocurrency
Ghost wasn’t the only victim of break-ins over the weekend that exploited critical holes in infrastructure automation software for which patches were available
Electric scooters vulnerable to remote hacks
A helmet may not be enough to keep you safe(r) while riding an e-scooter
Can regulations improve cybersecurity? In APAC, opinions vary
An ESET-commissioned survey among enterprises also shows that while respondents in most countries agree on the need to bolster cyber-defenses, some are reluctant to adopt cybersecurity solutions
Growing pains: Skills gap meets expanding threat surface
The need to defend a growing threat surface highlights the widening cybersecurity skills gap
Tricks that cybercriminals use to hide in your phone
Malware in the official Google store never stops appearing. For cybercriminals, sneaking their malicious applications into the marketplace of genuine apps is a huge victory.
Cryptojacking: The result of the “cryptocurrency rush”
Tools for mining cryptocurrencies also fall into this category, as in many cases the websites cannot warn users since they have been compromised themselves, hence even the administrators may not be aware that they are contributing to mining for the benefit of an attacker.
South Korea moves to ban anonymous cryptocurrency trading
As part of the policy, underage individuals and foreigners without local bank accounts will be barred from trading in virtual currencies. Banks will be required to share information about cryptocurrency exchanges with each other.
Cybersecurity skills gap: It’s big and it’s bad for security
The cybersecurity skills gap is a big problem for organizations struggling to protect rapidly expanding systems from a growing range of threats. We look at how big and what to do about it.
Este es el top 5 de amenazas para gamers, ¡cuídate de ellas!
Celebra el Día del Gamer jugando en forma segura y protégete de ransomware, keyloggers, falsos cracks y aplicaciones que tienen como blanco a los jugadores.
First Twitter‑controlled Android botnet discovered
Detected by ESET as Android/Twitoor, this malware is unique because of its resilience mechanism. Instead of being controlled by a traditional command-and-control server, it receives instructions via tweets.
Is the federal government doing enough to catch and prosecute computer criminals?
With ransomware running rampant we asked Americans if they thought the US federal government was doing enough to catch and prosecute computer criminals.
What the CISSP? 20 years as a Certified Information Systems Security Professional
Reflecting on 20 years of CISSP, the Certified Information Systems Security Professional qualification from (ISC)2, the International Information System Security Certification Consortium.
GDPR Day: countdown to a global privacy and security regimen?
This thing called GDPR will impact data security and privacy policy at many US firms when it takes effect two years from today. Start learning what the EU General Data Protection Regulation means to your business.
Viruses, bulletins, surveys, and gender: hashtag #VB2015
Virus Bulletin 2015 in Prague could be the biggest ever, a great place to discover the latest developments in malware protection and information security, and address issues like the infosec skills gap.
NICE news about the cybersecurity skills shortage (and a call for papers)
The cybersecurity skills gap is a security problem and in the US the National Initiative For Cybersecurity Education (NICE) is seeking to reduce that gap.
Hacking Team and other breaches as security lessons learned
Recent aggressive hacks on companies underline the need for good risk analysis, situational awareness, and incident response. Just ask AshleyMadison, Hacking Team, and Sony Pictures.
Cybersecurity and manufacturers: what the costly Chrysler Jeep hack reveals
As the cost of fixing security mistakes in Jeep Chrysler Dodge vehicles mounts, so does the need for manufacturers to weigh cybersecurity risks in the product development process, alongside features and benefits.
What I learned at Cyber Boot Camp (Instructor Edition)
Teaching computer security to highly motivated students at Cyber Boot Camp reveals a lack of basic computer science education in California Schools.
New Facebook scam promises “shocking video,” but contains only malware
When you see what this Facebook clickbait really links to, your jaw will drop.