Year: 2021

At least one vulnerability is being exploited by multiple cyberespionage groups to attacks targets mainly in the US, per ESET telemetry Microsoft has rushed out emergency updates to address four zero-day flaws affecting Microsoft Exchange Server versions 2013, 2016, and 2019. Threat actors have been observed exploiting the vulnerabilities in the wild to access on-premises…

For over a decade, ESET and the San Diego Police Foundation have been working together to help keep children safe from online threats As one of the United States’ most famous presidents, John F. Kennedy, once said, “Children are the world’s most valuable resource and its best hope for the future.” This is one of…

Are you a bull or a bear? If you can’t access your data and money, do your sentiments about the market still matter? I was recently asked about how software vulnerabilities in stock trading apps and platforms might put users’ finances and personal data at risk. Given the dependence of today’s societies and economies on…

As dating apps experience a boom amid COVID-19, losses to romance scams soar too More and more people have been flocking to online dating platforms in search of romance and companionship in the wake of lockdowns and social distancing mandates, but the new reality is also creating conditions that contribute to record-high losses from romance…

The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool France’s national cybersecurity agency ANSSI has disclosed details about an intrusion campaign targeting IT services firms that run the Centreon IT resource monitoring tool. The attacks, which have hit mainly…

The first instance of malicious code native to Apple Silicon M1 Macs emerged a month after the release of devices equipped with the company’s in-house CPUs In November, Apple debuted to great acclaim a series of Mac computers sporting its new Apple Silicon M1 chips. The release of the new hardware also grabbed the attention…

Both hacktivists and extortionists have used telephony denial-of-service attacks as a way to further their goals The United States’ Federal Bureau of Investigation (FBI) has issued a stark warning about consequences that telephony denial-of-service (TDoS) attacks on call centers could have on people’s lives. If launched against critical call centers, TDoS attacks could ultimately prevent callers from…

A bug in the ad blocking component of Brave’s Tor feature caused the browser to leak users’ DNS queries Brave, one of the top-rated browsers for privacy, has fixed a bug in its Private Windows with Tor feature that leaked the .onion URLs for websites visited by the browser’s users, according to a report by an anonymous…

The incident raises concerns about the privacy and security of conversations taking place on the platform Clubhouse, the social media platform du jour, has experienced a data incident as an unidentified user found a way to stream audio feeds from the app’s chat rooms to a third-party website. Speaking to Bloomberg, Clubhouse spokeswoman Reema Bahnasy confirmed…

People who use devices running Android 9 or newer will be alerted if their login credentials have been stolen Google is extending its Password Checkup feature to Android in a bid to help people make their online accounts more secure. Originally introduced as an extension for the Google Chrome web browser two years ago, the tool was…