Malwarebytes
- 25 février 2021Scammers, profiteers, and shady sites? It must be tax season
US tax season is upon us, a time of the year when a special kind of vermin comes crawling out of the woodwork: tax scammers! Not that their goals are any different from any other scammers. They want your hard-earned dollars in their pockets. Most of the tax-related attacks follow a few tried and true methods: A phishing email or scam call from someone purporting to be from the IRS, or an accountan … - 24 février 2021LazyScripter: From Empire to double RAT
Malwarebytes’ Threat Intelligence analysts are continually researching and monitoring active malware campaigns and actor groups as the prevalence and sophistication of targeted attacks rapidly evolves. In this paper, we introduce a new APT group we have named LazyScripter, presenting in-depth analysis of the tactics, techniques, procedures, and infrastructure employed by this actor group. Although … - 23 février 2021Clop targets execs, ransomware tactics get another new twist
Ransomware peddlers have come up with yet another devious twist on the recent trend for data exfiltration. After interviewing several victims of the Clop ransomware, ZDNet discovered that its operators appear to be systematically targeting the workstations of executives. After all, the top managers are more likely to have sensitive information on their machines. If this tactic works, and it might, … - 23 février 2021The mystery of the Silver Sparrow Mac malware
Cyber security company Red Canary published findings last week about a new piece of Mac malware called Silver Sparrow. This malware is notable in being one of the first to include native code for Apple’s new M1 chips, but what is unknown about this malware is actually more interesting than what is known! Installation We know that the malware was installed via Apple installer packages (.pkg f … - 22 février 2021A week in security (February 15 – February 21)
Last week on Malwarebytes Labs, the spotlight fell on the State of Malware 2021 report, wherein we have seen cyberthreats evolve. We also touched on ransomware, such as Egregor and a tactic known as Remote Desktop Protocol (RDP) brute forcing that has long been part of the ransomware operators’ toolkit; insider threats, such as what Yandex recently experienced with one of its own sysadmins; … - 20 février 2021Omegle investigation raises new concerns for kids’ safety
Social media site Omegle is under fire after an investigation found boys using the platform to expose themselves on camera, and adults exposing themselves to minors. Omegle users are paired with a random stranger who they can socialize with via text or video chat. An investigation by the British Broadcasting Corporation (BBC) found boys and adults exposing themselves on camera, after its founder, … - 19 février 2021North Korean hackers charged with $1.3 billion of cyberheists
The US Department of Justice recently unsealed indictments detailing North Korea’s involvement in several global cyberattack campaigns against institutions in the financial and entertainment sectors, and money laundering schemes in certain US states. The first unsealed indictment is for hacking activities done by three computer programmers from North Korea. Prosecutors name Jon Chang Hyok (전 … - 19 février 2021Cybersecurity in Cyberpunk 2077: the good, the bad, and the cringeworthy
What game caused some players to experience seizures, allows you to have unauthorized sex with Keanu Reeves, features a lead character who can’t keep the contents of his pants contained, was pulled from the PlayStation Store weeks after release, and still managed to shatter sales and streaming records? Of course we’re talking about Cyberpunk 2077, the latest game from Polish developer CD Pro … - 18 février 2021Romance scams: FTC reveals $304 million of heartache
In 2020, reported losses to the FTC for romance scams went up by 50% from 2019, totalling $304 million. And things weren’t exactly good before: Romance scams have cost people a fortune for 3 years running, according to the FTC. Their latest report suggests a steady rise in these kind of scams generally and ponders the impact of the pandemic. If nobody can go out, it stands to reason that dat … - 17 février 2021Clubhouse under scrutiny for sending data to Chinese servers
The audio-chat app Clubhouse is the latest rage in the social media landscape. What makes it so popular and, now it’s part of the social media landscape, can we trust it? The Clubhouse app Clubhouse was launched about a year ago and was initially only used by Silicon Valley’s rich and famous. It is different from other social media in that it focuses on the spoken word. Clubhouse members can …
ESET
- 24 février 2021Google’s Password Checkup tool rolling out to Android devices
People who use devices running Android 9 or newer will be alerted if their login credentials have been stolen The post Google’s Password Checkup tool rolling out to Android devices appeared first on WeLiveSecurity … - 23 février 2021Clubhouse chats streamed to third‑party website
The incident raises concerns about the privacy and security of conversations taking place on the platform The post Clubhouse chats streamed to third‑party website appeared first on WeLiveSecurity … - 22 février 2021Brave browser’s Tor mode exposed users’ dark web activity
A bug in the ad blocking component of Brave’s Tor feature caused the browser to leak users’ DNS queries The post Brave browser’s Tor mode exposed users’ dark web activity appeared first on WeLiveSecurity … - 19 février 2021Week in security with Tony Anscombe
Avoid COVID-19 vaccine fraud and hoaxes – Romance scams cause record-high losses – Exaramel in the spotlight after attacks in France The post Week in security with Tony Anscombe appeared first on WeLiveSecurity … - 19 février 2021TDoS attacks could cost lives, warns FBI
Both hacktivists and extortionists have used telephony denial-of-service attacks as a way to further their goals The post TDoS attacks could cost lives, warns FBI appeared first on WeLiveSecurity … - 18 février 2021Malware authors already taking aim at Apple M1 Macs
The first instance of malicious code native to Apple Silicon M1 Macs emerged a month after the release of devices equipped with the company’s in-house CPUs The post Malware authors already taking aim at Apple M1 Macs appeared first on WeLiveSecurity … - 17 février 2021Attacks targeting IT firms stir concern, controversy
The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool The post Attacks targeting IT firms stir concern, controversy appeared first on WeLiveSecurity … - 16 février 2021Romance scams in 2020: Breaking hearts, wallets – and records
As dating apps experience a boom amid COVID-19, losses to romance scams soar too The post Romance scams in 2020: Breaking hearts, wallets – and records appeared first on WeLiveSecurity … - 16 février 2021Beware of COVID‑19 vaccine scams and misinformation
The vaccination push provides a vital shot in the arm for the world’s battle against the pandemic, but it’s also a topic ripe for exploitation by fraudsters and purveyors of misinformation The post Beware of COVID‑19 vaccine scams and misinformation appeared first on WeLiveSecurity … - 15 février 2021Record‑high number of vulnerabilities reported in 2020
High-severity and critical bugs disclosed in 2020 outnumber the sum total of vulnerabilities reported in 2010 The post Record‑high number of vulnerabilities reported in 2020 appeared first on WeLiveSecurity …
ESET Support
- 11 février 2021ESET PROTECT 8.0.19 and ESET PROTECT Cloud have been released
On Februrary 11, 2021 ESET PROTECT version 8.0.19 and ESET PROTECT Cloud is available for on-premise or Cloud deployment. - 9 février 2021ESET MSP Administrator 2 and API hotfix release is coming
Hotfix release of EMA 2 and its API is scheduled for February 16, 2021. - 5 février 2021ESET Business Account new version is coming
Several improvements and bug fixes. - 17 décembre 2020Upgrade ESET PROTECT to version 8.0.17.1 to fix Web Console login failure
If you upgraded to ESET PROTECT 8.0 and are unable to log into the Web Console because your username or password contains special characters, upgrade to ESET PROTECT version 8.0.17.1 to resolve this issue. - 9 décembre 2020ESET Full Disk Encryption for macOS version 1.2.0.8 have been released
On December 8, 2020 ESET Full Disk Encryption (EFDE) for macOS version 1.2.0.8 has been released and is available in the management console repository. - 9 décembre 2020ESET Endpoint Security and ESET Endpoint Antivirus version 8.0.2028.0 have been released
Release Date: December 9, 2020 ESET Endpoint Antivirus and ESET Endpoint Security version 8.0.2028.0 have been released and are available for download. - 9 décembre 2020ESET PROTECT 8.0 and ESET PROTECT Cloud have been released
On December 9, 2020 ESET PROTECT version 8.0 is available for on-premise or Cloud installation. - 20 novembre 2020ESET Full Disk Encryption (EFDE) version 1.2.2.8 has been released
On November 18, 2020 ESET Full Disk Encryption (EFDE) version 1.2.2.8 has been released and is available in the management console repository. - 15 novembre 2020ESET Enterprise Inspector version 1.5.1485.0 has been released
Release Date: November 6, 2020 ESET Enterprise Inspector version 1.5.1485.0 has been released and is available to download. - 8 novembre 2020ESET Endpoint Security and ESET Endpoint Antivirus version 7.3.2044.0 have been released
Release Date: October 28, 2020 ESET Endpoint Antivirus and ESET Endpoint Security version 7.3.2044.0 have been released and are available for download.