Glupteba is no longer part of Windigo
Latest ESET research strongly suggests that Glupteba is no longer tied to the infamous Operation Windigo.
Latest Articles
Pirate websites expose users to more malware, study finds
The study found that the more time users spent on pirate sites the higher the likelihood that some type of malware would compromise their computers.
UK’s National Lottery urges millions of players to change their passwords
The lottery's operator has found that attackers probably used an automated method known as 'credential stuffing' to access up to 150 customer accounts.
Tricks that cybercriminals use to hide in your phone
Malware in the official Google store never stops appearing. For cybercriminals, sneaking their malicious applications into the marketplace of genuine apps is a huge victory.
Employers’ best bet for appealing to security pros? Value their opinions
The report also sheds light on how not to go about attracting new hires. Vague and inaccurate job descriptions along with job postings that include insufficient qualifications were found to top the list of turnoffs for many jobseekers
How diversity in cybersecurity contributes to your company
Diverse background can contribute to your organization's security. Here are some tips to get more diversity in security perspectives.
Mr. Robot S03E05: A Runtime Error, Credential Theft and New Easter Eggs
The latest episode of this series marks the halfway point in the third season and, in addition to some amazing camerawork there are several examples of actions related to IT security that crop up throughout the episode.
Dangerous malware stealing bitcoin hosted on Download.com for years
ESET researchers dicovered that Trojanized applications used to steal bitcoin were hosted inadvertently by the popular website download.cnet.com.
Cryptocurrency exchange announces bounty on hackers
The attack itself unfolded within the span of two minutes on March 7. Hackers made a flurry of automated transactions that involved the digital currencies Viacoin (VIA) and Bitcoin (BTC).
OceanLotus ships new backdoor using old tricks
To smuggle the backdoor onto a targeted machine, the group uses a two-stage attack whereby a dropper package first gains a foothold on the system and sets the stage for the backdoor itself. This process involves some trickery commonly associated with targeted operations of this kind.
New traces of Hacking Team in the wild
Since being founded in 2003, the Italian spyware vendor Hacking Team gained notoriety for selling surveillance tools to governments and their agencies across the world. The capabilities of its flagship product, the Remote Control System (RCS), include extracting files from a targeted device, intercepting emails and instant messaging, as well as remotely activating a device’s webcam and microphone.
One in five healthcare employees willing to sell patient data, study finds
The problem was particularly acute among provider organizations, as opposed to payer organizations (21% vs. 12%). Also, and perhaps counterintuitively, staff with more frequent cybersecurity training were more inclined to such practices.
New DDoS attack method breaks record again, adds extortion
DDoS mitigation service Arbor Networks has announced that an undisclosed US company has suffered an attack fueled by internet-facing Memcached servers that clocked in at 1.7 terabits per second (Tbps), beating the previous record of 1.35 Tbps.
Trends 2018: The ransomware revolution
Tracing the evolution and subsequent revolution of ransomware
Cryptojacking: The result of the “cryptocurrency rush”
Tools for mining cryptocurrencies also fall into this category, as in many cases the websites cannot warn users since they have been compromised themselves, hence even the administrators may not be aware that they are contributing to mining for the benefit of an attacker.
Global police test their cyber‑chops in simulated IoT attack
More than three dozen cybercrime and digital forensics experts from 23 countries have investigated a simulated attack on a bank that had been carried out through an IoT device.
GitHub knocked briefly offline by biggest DDoS attack ever
At its peak, inbound traffic reached a staggering 1.35 terabits per second (Tbps), outflanking the previously record-setting assault of 1 Tbps at French web hosting provider OVH in September 2016.
The rise of AI needs to be controlled, report warns
The experts urge policy-makers to work closely with technical researchers, computer scientists and the cybersecurity community to investigate, understand and prepare for possible malicious uses of AI.
How to start analyzing the security of your IoT devices
The big challenge with IoT devices is that they are all different: Each manufacturer has its own firmware, uses different protocols, and designs its own architecture. So, the first step before carrying out any analysis is to understand the architecture, find out what components are involved, and how they interact and communicate among themselves.
Mobile World Congress: Introducing 5G
If we look back at previous incarnations of mobile networks, 1G, 2G and so on, there have been major changes to the technology. The next generation, 5G, delivers greater speed and lower latency, but also has the advantage of being able to connect many more devices concurrently.