Year: 2021

Vendors should fix the root cause of a vulnerability, rather than block just one path to triggering it, says Google Google’s Project Zero team revealed that a quarter of zero-day exploits detected in 2020 could have been prevented had the vendors issued proper patches for the underlying security flaws. In its Year in Review bloggpost,…

ESET researchers publish a white paper about unique multiplatform malware they’ve named Kobalos ESET researchers have analyzed malware that has been targeting high performance computing (HPC) clusters, among other high-profile targets. We reverse engineered this small, yet complex, malware that is portable to many operating systems including Linux, BSD, Solaris, and possibly AIX and Windows.…

“Download This application and Win Mobile Phone”, reads the message attempting to trick users into downloading a fake Huawei app Android users should watch out for new wormable malware that spreads through WhatsApp and lures the prospective victims into downloading an app from a website masquerading as Google Play. ESET malware researcher Lukas Stefanko looked…

The company emits emergency updates to fix bugs affecting devices ranging from iPhones to Apple Watches Apple has rolled out an update for its iOS and iPadOS operating systems to patch three zero-day security flaws that are being actively exploited in the wild. The trio of flaws affects various versions of iPhones and iPads and…

As schools and students continue to contend with the very real cyber-risks of virtual classrooms, we share some advice for protecting children’s data and privacy The COVID-19 pandemic is still here, with pupils and students still soldiering on mostly remotely and focusing on their education from the confines of their houses. While another semester studying…

The law enforcement action is one of the most significant operations against cybercriminal enterprises ever Europol has announced the disruption of the Emotet botnet, one of the longest-lived and most pervasive malware threats, following a large-scale operation that also included a number of national law enforcement agencies across Europe and North America. Authorities in the…

ESET researchers uncover a supply-chain attack used in a cyberespionage operation targeting online‑gaming communities in Asia During 2020, ESET research reported various supply-chain attacks, such as the case of WIZVERA VeraPort, used by government and banking websites in South Korea, Operation StealthyTrident compromising the Able Desktop chat software used by several Mongolian government agencies, and…

Here’s how to spot scams where criminals use deceptive text messages to hook and reel in their marks Have you ever received a text message from a delivery company that you are familiar with and never for a moment questioned it? Why would you? We now order so much online and all those delivery notifications…

Another in our occasional series demystifying Latin American banking trojans Vadokrist is a Latin American banking trojan that ESET has been tracking since 2018 and that is active almost exclusively in Brazil. In this installment of our series, we examine its main features and some connections to other Latin American banking trojan families. Vadokrist shares…

New mesh Wi-Fi routers may be the answer to your wireless signal woes, but how about your privacy and security? Wi-Fi is hard, especially powering the swarms of smart devices in the average home. To combat dead spots, metal surfaces which block or reflect signals, and distant garages too far to connect, manufacturers at CES…