Cyberattacks on Ukrainian websites come into clearer focus as Russia tensions escalate

Cybersecurity researchers shed additional light over the weekend on the cyberattacks that disabled Ukrainian government websites, as Kyiv pointed to Russia as the culprit. Microsoft and ESET both shared details on the nature of the malware that took the Ukrainian sites down. Microsoft “assesses that the malware, which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom,” the company wrote in a blog post Saturday. However, Microsoft said it couldn’t yet attribute who was behind the malware, labeled WhisperGate. The Department of Homeland Security’s Cybersecurity and Infrastructure Agency recommended that network defenders review the Microsoft blog post, suggesting the possibility that the attacks could spread to include other targets. ESET on Sunday elaborated further, saying that the malware the attackers contained code “commonly used by commodity e-crime malware.” “It […]

The post Cyberattacks on Ukrainian websites come into clearer focus as Russia tensions escalate appeared first on CyberScoop.

Continue reading Cyberattacks on Ukrainian websites come into clearer focus as Russia tensions escalate

Delivering vulnerable signed kernel drivers remains popular among attackers

ESET researchers took an in-depth look into the abuse of vulnerable kernel drivers. Vulnerabilities in signed drivers are mostly utilized by game cheat developers to circumvent anti-cheat mechanisms, but they have also been observed being used by sever… Continue reading Delivering vulnerable signed kernel drivers remains popular among attackers

How to protect air-gapped networks from malicious frameworks

ESET researchers present their analysis of all malicious frameworks used to attack air-gapped networks known to date. An air-gapped network is one that is physically isolated from any other network in order to increase its security. This technique can … Continue reading How to protect air-gapped networks from malicious frameworks

Large ransom demands and password-guessing attacks escalate

ESET released a report that summarizes key statistics from its detection systems and highlights notable examples of its cybersecurity research. The latest issue of the report highlights several concerning trends that were recorded by ESET telemetry, in… Continue reading Large ransom demands and password-guessing attacks escalate

Espionage group targeted hotels, governments, seized on Microsoft Exchange vulnerability

ESET said it discovered the group, which has been active since 2019.

The post Espionage group targeted hotels, governments, seized on Microsoft Exchange vulnerability appeared first on CyberScoop.

Continue reading Espionage group targeted hotels, governments, seized on Microsoft Exchange vulnerability

A spyware app designed to monitor Kurdish targets attracted more than 1,400 downloads

More than 1,400 people have downloaded a spyware app that, while appearing to deliver news, enables hackers to collect sensitive data about the Kurds, an ethnic community living throughout Iran, Iraq and northern Syria. The espionage campaign involves duping Android smartphone owners into downloading a program that spies use to record phone calls, extract files, take screenshots and gather other information from unwitting victims, according to details published Tuesday by the security vendor ESET. The endeavor marks the latest attempt to undercut the Kurds, an indigenous people embedded in conflicts of the Middle East over the past generation. Kurdish fighters have been active in the fight against the Islamic State group dating back to 2014, aligning with U.S forces while also struggling against the Turkish government. Suspected Iranian hackers also used mobile spyware to monitor Kurdish targets, the security firm Check Point reported in February. The effort that ESET discovered […]

The post A spyware app designed to monitor Kurdish targets attracted more than 1,400 downloads appeared first on CyberScoop.

Continue reading A spyware app designed to monitor Kurdish targets attracted more than 1,400 downloads

Product showcase: ESET Cybersecurity Awareness Training

Engaging training scenarios, plus robust phishing simulation and reporting capabilities ESET is a market-leading cybersecurity provider, offering a comprehensive security platform for organizations throughout the world. To counter the complex attacks u… Continue reading Product showcase: ESET Cybersecurity Awareness Training

Mobile stalkerware is on the rise

Mobile stalkerware, which is software silently installed by stalkers onto victims’ mobile devices without their knowledge, is on the rise, an ESET research finds. In 2019, ESET telemetry recorded almost five times more Android stalkerware detections th… Continue reading Mobile stalkerware is on the rise

Stalkers using surveillance software on partners are exposing their own data, research finds

Stalkerware applications, which domestic abusers rely on to monitor their romantic partners’ devices without their consent, often fail to secure the personal information collected during their use, according to ESET research published Monday. Stalkerware, which is frequently advertised as benign parental controls or employee monitoring software, can surveil targets’ geolocation, texts, phone calls, cameras and more, all without obtaining targets’ consent. ESET examined 86 stalkerware applications, only to identify 158 serious security and privacy issues, according to findings presented at the virtual RSA Conference this week. The most common security issue affecting the applications was the insecure transmission of stalkers’ and targets’ personally identifiable information from devices to app servers. This vulnerability could allow outsiders to intercept text messages, call logs, contact lists, keystrokes, browsing histories, recorded phone calls, pictures and screenshots, according to ESET. Other issues included applications storing sensitive information on external media, and exposing  data like Facebook […]

The post Stalkers using surveillance software on partners are exposing their own data, research finds appeared first on CyberScoop.

Continue reading Stalkers using surveillance software on partners are exposing their own data, research finds

Defending against Windows RDP attacks

In 2020, attacks against Windows Remote Desktop Protocol (RDP) grew by 768%, according to ESET. But this shouldn’t come as a surprise, given the massive increase in people working remotely during the pandemic. With enterprises resorting to making RDP s… Continue reading Defending against Windows RDP attacks