Collaborate Disseminate
Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Bitdefender, Cequence Security, ConnectSecure, Cymulate, Cytracom, Datadog, Delinea, Edgescan, Enveedo, ESET, Index Engines, Island, iStorage, Lacew… Continue reading Infosec products of the month: June 2023
Here’s a look at the most interesting products from the past week, featuring releases from Cymulate, Edgescan, ESET, iStorage, and Netskope. iStorage launches datAshur PRO+C with Type-C USB interface iStorage’s new datAshur PRO+C is a user-friendly USB… Continue reading New infosec products of the week: June 23, 2023
ESET expanded its unified cybersecurity platform, ESET PROTECT, with a new subscription tier for businesses requiring all-in-one prevention, detection and response. Available immediately, ESET PROTECT Elite delivers enterprises, small and midsize busin… Continue reading ESET PROTECT Elite protects users against ransomware and zero-day threats
ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with malicious functionality most likely added in August 2022. During its existenc… Continue reading Legitimate Android app transforms into data-snooping malware
Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture. In the meantime, we now also know that: The source of the 3CX breach was a compromised installer for X… Continue reading 3CX breach linked to previous supply chain compromise
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks. Continue reading 3CX Breach Was a Double Supply Chain Compromise
Looking at configuration data, 56% of decommissioned routers disposed of and sold on the secondary market contained sensitive corporate data, according to ESET. Of the networks that had complete configuration data available: 22% contained customer data… Continue reading Researchers discover sensitive corporate data on decommissioned routers
ESET researchers have uncovered a compromise of an East Asian data loss prevention (DLP) company. The attackers utilized at least three malware families during the intrusion, compromising both the internal update servers and third-party tools utilized … Continue reading Data loss prevention company hacked by Tick cyberespionage group
Atera announced a new strategic partnership and integration with ESET, enabling Atera’s community of IT professionals to deploy anti-malware solutions to protect their customers. “As cyberattacks increase in sophistication and frequency, it… Continue reading Atera and ESET join forces to arm customers against zero-day threats
ESET researchers have analyzed MQsTTang, a custom backdoor that they attribute to the China-aligned Mustang Panda APT group. This backdoor is part of an ongoing campaign that ESET can trace back to early January 2023. Execution graph showing the subpro… Continue reading China-aligned APT is exploring new technology stacks for malicious tools