Category: welivesecurity

Read the original article: Digging up InvisiMole’s hidden arsenal ESET researchers reveal the modus operandi of the elusive InvisiMole group, including newly discovered ties with the Gamaredon group The post Digging up InvisiMole’s hidden arsenal appeared first on WeLiveSecurity  …

Read more →

Read the original article: Survey shows rise in scam robocalls amid COVID‑19 fears The unsolicited phone calls tout everything from miracle cures to financial relief – here’s how you can stay safe The post Survey shows rise in scam robocalls…

Read more →

Read the original article: Operation In(ter)ception: Aerospace and military companies in the crosshairs of cyberspies ESET researchers uncover targeted attacks against high-profile aerospace and military companies The post Operation In(ter)ception: Aerospace and military companies in the crosshairs of cyberspies appeared…

Read more →

Read the original article: Ripple20 bugs expose hundreds of millions of devices to attacks Devices used in the energy, transportation and communications sectors are also affected by the flaws in the TCP/IP software library The post Ripple20 bugs expose hundreds…

Read more →

Read the original article: Survey shows rise in robocalls amid COVID‑19 fears The unsolicited phone calls tout everything from miracle cures to financial relief – here’s how you can stay safe The post Survey shows rise in robocalls amid COVID‑19…

Read more →

Read the original article: Warning issued over hackable security cameras The owners of the vulnerable indoor cameras are advised to unplug the devices immediately The post Warning issued over hackable security cameras appeared first on WeLiveSecurity   Advertise on IT…

Read more →

Read the original article: FBI warns about fraudsters targeting banking app users Watch out for attacks attempting to take advantage of the lockdown-induced surge in mobile banking use The post FBI warns about fraudsters targeting banking app users appeared first…

Read more →

Read the original article: Week in security with Tony Anscombe ESET research into Gamaredon’s tricks – A flawed online voting platform – Massive hack-for-hire campaigns The post Week in security with Tony Anscombe appeared first on WeLiveSecurity   Advertise on…

Read more →

Read the original article: Gamaredon group grows its game Active APT group adds cunning remote template injectors for Word and Excel documents; unique Outlook mass-mailing macro The post Gamaredon group grows its game appeared first on WeLiveSecurity   Advertise on…

Read more →

Read the original article: Microsoft ships hefty patch load this month The latest Patch Tuesday knocks out a record-high number of vulnerabilities, including new bugs in the SMB protocol The post Microsoft ships hefty patch load this month appeared first…

Read more →

Read the original article: Vast hack‑for‑hire scheme targeted thousands of people, organizations An obscure Indian company operated a scheme targeting banks, non-profits, politicians and journalists all over the world, a report says The post Vast hack‑for‑hire scheme targeted thousands of…

Read more →

Read the original article: Alarm sounded over security risks in online voting system Bad actors could tamper with ballots cast via OmniBallot without being detected by voters, election officials or the tool’s developer, a study finds The post Alarm sounded…

Read more →

Read the original article: Apple hopes to bolster password security with open source project The tech giant wants developers of password managers to collaborate for better user experience and security The post Apple hopes to bolster password security with open…

Read more →

Read the original article: Mozilla fixes five high‑risk Firefox flaws, bug in DoH feature The browser maker rolls out updates on back-to-back days, including a patch to avoid unintentionally overloading DNS providers The post Mozilla fixes five high‑risk Firefox flaws,…

Read more →

Read the original article: How secure is your phone’s lock screen? From the humble passcode to biometric authentication, there are quite a few options to lock your Android phone. But which of them are more secure than the others? The…

Read more →

Read the original article: Week in security with Tony Anscombe A deep-clean of your Facebook history – Google’s Advanced Protection-Nest integration – Talking to your kids before they join social media The post Week in security with Tony Anscombe appeared…

Read more →

Read the original article: Mozilla fixes high‑risk Firefox flaws, bug in DoH feature The browser maker rolls out updates on back-to-back days, including a patch to avoid unintentionally overloading DNS providers The post Mozilla fixes high‑risk Firefox flaws, bug in…

Read more →

Read the original article: Facebook now lets you delete old posts in bulk Dealing with skeletons lurking in your Facebook closet has never been easier The post Facebook now lets you delete old posts in bulk appeared first on WeLiveSecurity…

Read more →

Read the original article: Google adds Nest devices to Advanced Protection Program You can now shore up your smart home security by leveraging Google’s top security offering The post Google adds Nest devices to Advanced Protection Program appeared first on…

Read more →

Read the original article: 3 things to discuss with your kids before they join social media What are some of the key things your children should know about before they make their first foray into social media? The post 3…

Read more →

Read the original article: Bug in ‘Sign in with Apple’ could have allowed account hijacking The tech giant rewards the bug bounty hunter who found the severe flaw in its login mechanism with US$100,000 The post Bug in ‘Sign in…

Read more →

Read the original article: Week in security with Tony Anscombe New ESET research into Turla’s malicious toolkit – GDPR turns two – Critical flaw in Android devices The post Week in security with Tony Anscombe appeared first on WeLiveSecurity  …

Read more →

Read the original article: People know reusing passwords is risky – then do it anyway And most people don’t change their password even after hearing about a breach, a survey finds The post People know reusing passwords is risky –…

Read more →

Read the original article: Critical Android flaw lets attackers hijack almost any app, steal data Left unpatched, the vulnerability could expose almost all Android users to the risk of having their personal data intercepted by attackers The post Critical Android…

Read more →

Read the original article: From Agent.BTZ to ComRAT v4: A ten‑year journey Turla has updated its ComRAT backdoor and now uses the Gmail web interface for Command and Control The post From Agent.BTZ to ComRAT v4: A ten‑year journey appeared first on…

Read more →

Read the original article: Crooks threaten to leak customer data stolen from e‑commerce sites A hack-and-extort campaign takes aim at poorly secured databases replete with customer information that can be exploited for further attacks The post Crooks threaten to leak…

Read more →

Read the original article: Two years later, has GDPR fulfilled its promise? Has the landmark law helped build a culture of privacy in organizations and have consumers become more wary of sharing their personal data? The post Two years later,…

Read more →

Read the original article: How encryption can help protect your sensitive data Here’s how encryption can help keep your data safe from prying eyes – even if your device is stolen or your cloud account is hacked The post How…

Read more →

Read the original article: Insidious Android malware gives up all malicious features but one to gain stealth ESET researchers detect a new way of misusing Accessibility Service, the Achilles’ heel of Android security The post Insidious Android malware gives up…

Read more →

Read the original article: Week in security with Tony Anscombe ESET research into Winnti Group’s new backdoor – A dangerous Android app under the microscope – The BIAS Bluetooth bug The post Week in security with Tony Anscombe appeared first…

Read more →

Read the original article: No “Game over” for the Winnti Group The notorious APT group continues to play the video game industry with yet another backdoor The post No “Game over” for the Winnti Group appeared first on WeLiveSecurity  …

Read more →

Read the original article: Chrome 83 arrives with enhanced security and privacy controls New features include DNS over HTTPS, a Safety Check section and simpler cookie management The post Chrome 83 arrives with enhanced security and privacy controls appeared first…

Read more →

Read the original article: These things may be cool, but are they safe? In the rush to embrace IoT devices, we shouldn’t trade in our privacy and security for the added convenience The post These things may be cool, but…

Read more →

Read the original article: Bluetooth flaw exposes countless devices to BIAS attacks As many as 30 smartphones, laptops and other devices were tested – and all were found to be vulnerable The post Bluetooth flaw exposes countless devices to BIAS…

Read more →

Read the original article: Microsoft fixes vulnerability affecting all Windows versions since 1996 Another vulnerability in the same Windows component was abused by Stuxnet a decade ago The post Microsoft fixes vulnerability affecting all Windows versions since 1996 appeared first…

Read more →

Read the original article: Week in security with Tony Anscombe ESET research into malware taking aim at air-gapped networks – Dissecting a backdoor hitting high-profile targets in Asia – WannaCryptor three years later The post Week in security with Tony…

Read more →

Read the original article: Mikroceen: Spying backdoor leveraged in high‑profile networks in Central Asia ESET researchers dissect a backdoor deployed in attacks against multiple government agencies and major organizations operating in two critical infrastructure sectors in Asia The post Mikroceen:…

Read more →

Read the original article: Thunderbolt flaws open millions of PCs to physical hacking A new attack method enables bad actors to access data on a locked computer via an evil maid attack within 5 minutes The post Thunderbolt flaws open…

Read more →

Read the original article: Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks ESET researchers uncover several instances of malware that uses various attack vectors to target systems isolated by an air gap The post Ramsay: A cyber‑espionage toolkit tailored for…

Read more →

Read the original article: Lukas Stefanko: How we fought off a DDoS attack from a mobile botnet Hot on the heels of his research into an attack that attempted to take down ESET’s website, Lukas Stefanko sheds more light on…

Read more →

Read the original article: WannaCryptor remains a global threat three years on WannaCryptor is still alive and kicking, so much so that it sits atop the list of the most commonly detected ransomware families The post WannaCryptor remains a global…

Read more →

Read the original article: Breaking news? App promises news feeds, brings DDoS attacks instead After being targeted by an Android DDoS app, ESET seized the opportunity to analyze the attack and to help put an end to it The post…

Read more →

Read the original article: Over 160 million user records put up for sale on the dark web Eleven companies, ranging from online marketplaces to news websites, have had their user databases poached The post Over 160 million user records put…

Read more →

Read the original article: Scams to watch out for not just this Mother’s Day As you rush to buy something for your mom, con artists will be trying to make a dent in your wallet. Here are some common types of…

Read more →

Read the original article: Week in security with Tony Anscombe COVID-19 and digital transformation – How personal data ends up in spam feeds – Common password mistakes and what to do instead The post Week in security with Tony Anscombe…

Read more →

Read the original article: 5 common password mistakes you should avoid Password recycling or using easy-to-guess passwords are just two common mistakes you may be making when protecting your digital accounts The post 5 common password mistakes you should avoid…

Read more →

Read the original article: Digital transformation could be accelerated by COVID‑19 The pandemic has highlighted the need for businesses to act with alacrity and prepare for the long haul – and to do so with cybersecurity in mind The post…

Read more →

Read the original article: Almost a million WordPress websites targeted in massive campaign An unknown threat actor is exploiting vulnerabilities in plugins for which patches have been available for months, or even years The post Almost a million WordPress websites…

Read more →

Read the original article: Professional data leakage: How did that security vendor get my personal data? …and why are they selling it to other security vendors and product testers? The post Professional data leakage: How did that security vendor get…

Read more →

Read the original article: Ghost blogging platform servers hacked to mine cryptocurrency Ghost wasn’t the only victim of break-ins over the weekend that exploited critical holes in infrastructure automation software for which patches were available The post Ghost blogging platform…

Read more →

Read the original article: It’s no time to let your guard down as coronavirus fraud remains a threat Scammers rehash old campaigns, create credit card-stealing websites and repurpose information channels to milk the COVID-19 crisis for all it’s worth The…

Read more →

Read the original article: Week in security with Tony Anscombe ESET’s new Threat Report is out – Another deep dive into Latin American banking trojans – More coronavirus-themed scams The post Week in security with Tony Anscombe appeared first on…

Read more →

Read the original article: Sextortion scammers still shilling with stolen passwords The email includes the potential victim’s password as evidence of a hack, but there is more than meets the eye The post Sextortion scammers still shilling with stolen passwords…

Read more →

Read the original article: ESET Threat Report A view of the Q1 2020 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts The post ESET Threat Report appeared first on WeLiveSecurity…

Read more →

Read the original article: Grandoreiro: How engorged can an EXE get? Another in our occasional series demystifying Latin American banking trojans The post Grandoreiro: How engorged can an EXE get? appeared first on WeLiveSecurity   Advertise on IT Security News.…

Read more →

Read the original article: Microsoft Teams flaw could let attackers hijack accounts Microsoft plugs a security hole that could have enabled attackers to weaponize a GIF in order to hijack Teams accounts and steal data The post Microsoft Teams flaw…

Read more →

Read the original article: Week in security with Tony Anscombe ESET research into vulnerabilities in smart home hubs – Discovering and disrupting a botnet in Latin America – Digital assistants in the work-from-home era The post Week in security with…

Read more →

Read the original article: Following ESET’s discovery, a Monero mining botnet is disrupted ESET researchers discover, and play a key role in the disruption of, a 35,000-strong botnet spreading in Latin America via infected USB drives The post Following ESET’s discovery,…

Read more →

Read the original article: iOS Mail app flaws may have left iPhone users vulnerable for years A pair of vulnerabilities in the default email app on iOS devices is believed to have been exploited against high-profile targets The post iOS…

Read more →

Read the original article: Serious flaws found in multiple smart home hubs: Is your device among them? In worst-case scenarios, some vulnerabilities could even allow attackers to take control over the central units and all peripheral devices connected to them The…

Read more →

Read the original article: Buying a secondhand device? Here’s what to keep in mind If you’re trying to be responsible towards the planet, also be responsible to yourself and take these steps so that the device doesn’t end up costing…

Read more →

Read the original article: How gamification can boost your cybersecurity training Security is not a game, but learning about it could be – here’s why adding the fun factor can help employees become more cyber-aware The post How gamification can…

Read more →

Read the original article: Hey there! Are you using WhatsApp? Your account may be hackable Can someone take control of your WhatsApp account by just knowing your phone number? We ran a small test to find out. The post Hey…

Read more →

Read the original article: Work from home: Should your digital assistant be on or off? Being at your beck and call is central to the “personality” of your digital friend, but there are situations when the device could use some…

Read more →

Read the original article: Week in security with Tony Anscombe Sextortion-meets-coronavirus scams – The financial loss from coronavirus-themed fraud in America – Is the time ripe for one global set of data privacy rules? The post Week in security with…

Read more →

Read the original article: Scams, lies, and coronavirus Scams demanding bitcoin on pain of infecting you with the coronavirus gain their fair share of shine among schemes with a thin veneer of plausibility The post Scams, lies, and coronavirus appeared…

Read more →

Read the original article: Half a million Zoom accounts for sale on the dark web Even accounts belonging to banks and educational institutions were found on lists plastered across various hacker forums The post Half a million Zoom accounts for…

Read more →

Read the original article: Apple releases mobility data to help combat COVID‑19 The tool, which comes after a similar effort by Google, looks at how people’s traveling behavior has changed since the start of the pandemic The post Apple releases…

Read more →

Read the original article: Is “global privacy” an oxymoron? While in France, a citizen of Brazil who resides in California books a bungee jump in New Zealand. Is it a leap of faith into the unknown, for both the operator…

Read more →

Read the original article: Americans report US$13 million in losses from coronavirus scams The median loss to fraudulent schemes that exploit the global health crisis is almost US$600 The post Americans report US$13 million in losses from coronavirus scams appeared…

Read more →

The median loss to fraudulent schemes that exploit the global health crisis is almost US$600 The post Americans report US$13 million in losses from coronavirus scams appeared first on WeLiveSecurity   Advertise on IT Security News. Read the complete article:…

Read more →

While in France, a citizen of Brazil who resides in California books a bungee jump in New Zealand. Is it a leap of faith into the unknown, for both the operator and the thrill-seeker? The post Is “global privacy” an…

Read more →

What to know about passwords in Zoom – What to do if your phone goes missing – Email provider hacked The post Week in security with Tony Anscombe appeared first on WeLiveSecurity   Advertise on IT Security News. Read the…

Read more →

Here’s how you can greatly improve your Zoom privacy and security in a few simple steps The post Zoom security: Getting the settings right appeared first on WeLiveSecurity   Advertise on IT Security News. Read the complete article: Zoom security:…

Read more →

With Zoom – and Zoom-bombing – being all the rage, here’s why the app’s default password settings may be leaving the backdoor wide open The post Ever needed a Zoom password? Probably not. But why not? appeared first on WeLiveSecurity…

Read more →

ESET Chief Security Evangelist Tony Anscombe shares advice on how to keep your virtual meet-ups private and safe while you’re holed up at home during the pandemic The post Top tips for videoconferencing security appeared first on WeLiveSecurity   Advertise…

Read more →

The users’ personal data are now up for grabs on the dark web for anywhere between US$3,500 and US$22,000 worth of Bitcoin The post 600,000 people affected in email provider breach appeared first on WeLiveSecurity   Advertise on IT Security…

Read more →

Losing your smartphone can be expensive, but the cost of the device may not be the final price you’ll be paying The post What to do you if your phone is lost or stolen appeared first on WeLiveSecurity   Advertise…

Read more →

Staying safe from coronavirus-themed scams – Securing remote desktop connections – The security risks of videoconferencing The post Week in security with Tony Anscombe appeared first on WeLiveSecurity   Advertise on IT Security News. Read the complete article: Week in…

Read more →

The company goes straight from basking in the glow of its near-overnight success to launching an all‑out effort to fix its privacy and security issues The post Zoom’s privacy and security woes in the spotlight appeared first on WeLiveSecurity  …

Read more →

As work from home is the new norm in the coronavirus era, you’re probably thinking of enabling remote desktop connections for your off-site staff. Here’s how to do it securely. The post Work from home: Securing RDP and remote access…

Read more →

Bad actors accessed a range of personally identifiable information, including names, dates of birth and a lot more The post Marriott hacked again, 5.2 million guests affected appeared first on WeLiveSecurity   Advertise on IT Security News. Read the complete article:…

Read more →

The scam machine shows no signs of slowing down, as fraudsters dispense bogus health advice, peddle fake testing kits and issue malware-laced purchase orders The post Coronavirus con artists continue to spread infections of their own appeared first on WeLiveSecurity…

Read more →

With World Backup Day upon us, we walk you through the ways to back up your iPhone or Android phone so that your personal data remains safe The post Have you backed up your smartphone lately? appeared first on WeLiveSecurity…

Read more →

With COVID-19 concerns canceling face-to-face meetings, be aware of the security risks of videoconferencing and how to easily overcome them The post Work from home: Videoconferencing with security in mind appeared first on WeLiveSecurity   Advertise on IT Security News.…

Read more →

What COVID-19 may mean for privacy rights – Managing supply-chain risks – Two Windows zero-days remain unpatched The post Week in security with Tony Anscombe appeared first on WeLiveSecurity   Advertise on IT Security News. Read the complete article: Week…

Read more →

If we can’t secure the supply chain, eventually everything else will break The post What happens when the global supply chain breaks? appeared first on WeLiveSecurity   Advertise on IT Security News. Read the complete article: What happens when the…

Read more →

Getting cybersecurity right in the work-from-home world can feel daunting. ESET Chief Security Evangelist Tony Anscombe shares 6 best practices that will steer you in the right direction. The post 6 tips for safe and secure remote working appeared first…

Read more →

If left unpatched, a firmware flaw in some enterprise-class solid-state drives could make data on them unrecoverable as early as this fall. The post HPE issues fix to stop some SSDs from self‑destructing appeared first on WeLiveSecurity   Advertise on…

Read more →

As the world turns to technology to track and contain the COVID-19 pandemic, could this sound the death knell for digital privacy? The post Public health vs. personal privacy: Choose only one? appeared first on WeLiveSecurity   Advertise on IT…

Read more →

Updates for the critical-rated vulnerabilities, which are being actively exploited in the wild, are still weeks away The post Microsoft warns of two Windows zero‑day flaws appeared first on WeLiveSecurity   Advertise on IT Security News. Read the complete article:…

Read more →

A prolific ransomware gang vows to dial back its campaigns and spare healthcare organizations altogether during the COVID-19 crisis. It’s no cause for celebration. The post The good, the bad and the plain ugly appeared first on WeLiveSecurity   Advertise…

Read more →

How to transition to a remote workforce in a safe manner – How to protect yourself from COVID-19 scams – Stantinko’s miner caught using new obfuscation techniques The post Week in security with Tony Anscombe appeared first on WeLiveSecurity  …

Read more →

How can employees stay motivated and productive while teleworking during the COVID-19 crisis? The post Keep calm and carry on working (remotely) appeared first on WeLiveSecurity   Advertise on IT Security News. Read the complete article: Keep calm and carry…

Read more →

Losing access to your account can be stressful, but there are steps you can take to get it back – and to avoid getting hacked again The post What to do if your Twitter account has been hacked appeared first…

Read more →

Not all they’re cracked up to be? Several password vaults have been found to contain vulnerabilities, both new and previously disclosed but never patched, a study says The post Security flaws found in popular password managers appeared first on WeLiveSecurity…

Read more →

Remote work can be much safer with the right cyber‑hygiene practices in place – multi‑factor authentication is one of them The post Work from home: Improve your security with MFA appeared first on WeLiveSecurity   Advertise on IT Security News. Read…

Read more →

ESET researchers bring to light unique obfuscation techniques discovered in the course of analyzing a new cryptomining module distributed by the Stantinko group’s botnet The post Stantinko’s new cryptominer features unique obfuscation techniques appeared first on WeLiveSecurity   Advertise on…

Read more →

As the COVID-19 pandemic has many organizations switching employees to remote work, a virtual private network is essential for countering the increased security risks The post Work from home: How to set up a VPN appeared first on WeLiveSecurity  …

Read more →

The warning highlights one of the potential risks associated with revealing too much private information online The post FBI warns of human traffickers luring victims on dating apps appeared first on WeLiveSecurity   Advertise on IT Security News. Read the…

Read more →