Week in security with Tony Anscombe
This week, ESET researchers put the spotlight on two threats – new Android ransomware that spreads to victims’ contacts via SMS messages, and a banking trojan that targets Latin America
Latest Articles
Smart TVs: Yet another way for attackers to break into your home?
A primer on why internet-enabled TVs make for attractive and potentially soft targets, and how cybercriminals can ruin more than your TV viewing experience
From Carnaval to Cinco de Mayo – The journey of Amavaldo
The first in an occasional series demystifying Latin American banking trojans
Android ransomware is back
ESET researchers discover a new Android ransomware family that attempts to spread to victims’ contacts and deploys some unusual tricks
Scam impersonates WhatsApp, offers ‘free internet’
The fraudulent campaign is hosted by a domain that is home to yet more bogus offers pretending to come from other well-known brands
Week in security with Tony Anscombe
A critical vulnerability that was thought to affect VLC media player was later downgraded to medium severity, and the player's maker slammed the bug disclosure process
South African power company battles ransomware attack
The power utility appears to be well on track to a swift recovery following an attack that ultimately left some people without electricity
Streaming service withstands 13‑day DDoS siege
The attack, unleashed by a 400,000-strong Mirai-style botnet, may be the largest of its kind on record
Data breaches can haunt firms for years
The compromised company may bear the financial brunt of the breach within the first year after the incident occurs, but the price tag is still far from final
VLC player has a critical flaw – and there’s no patch yet (updated)
On the flip side, there are currently no known cases of the vulnerability being exploited in the wild
Week in security with Tony Anscombe
ESET researchers release new findings about malware linked to the Ke3chang APT group, including details about Okrum, a previously unreported backdoor
With FaceApp in the spotlight, new scams emerge
ESET researchers discover fraudulent schemes piggybacking on the popularity of the face-modifying tool FaceApp, using a fake “Pro” version of the application as a lure
Okrum: Ke3chang group targets diplomatic missions
Tracking the malicious activities of the elusive Ke3chang APT group, ESET researchers have discovered new versions of malware families linked to the group, and a previously unreported backdoor
BlueKeep patching isn’t progressing fast enough
Keeping up with BlueKeep; or how many internet-facing systems, and in which countries and industries, remain ripe for exploitation?
How your Instagram account could have been hijacked
A researcher found that it was possible to subvert the platform’s password recovery mechanism and take control of user accounts
Week in security with Tony Anscombe
ESET researchers describe the ins and outs of a zero-day exploit that has been used for a highly targeted attack and reveal the name of the threat actor that deployed it
Cybercrime seen to be getting worse: The time to act is now
What mounting public concern about falling victim to cybercrime says about government and corporate efforts at cybercrime deterrence
Buhtrap group uses zero‑day in latest espionage campaigns
ESET research reveals notorious crime group also conducting espionage campaigns for the past five years
Windows zero‑day CVE‑2019‑1132 exploited in targeted attacks
ESET research discovers a zero-day exploit that takes advantage of a local privilege escalation vulnerability in Windows
UK’s data watchdog hands out two mega‑fines for breaches
The times they have a-changed since the ICO could only slap fines worth a fraction of the current amounts