Top News

Drowning in spam? A study presented at Black Hat USA 2021 examines if sharing your personal information with major companies contributes to the deluge of nuisance emails, texts and phone calls. Every day my inbox seems to receive more and more spam. Understanding what generates it and how to avoid it is essential in the…

ESET researchers publish a white paper putting IIS web server threats under the microscope ESET researchers have discovered a set of previously undocumented malware families, implemented as malicious extensions for Internet Information Services (IIS) web server software. Targeting both government mailboxes and e-commerce transactions, as well as aiding in malware distribution, this diverse class of…

The first in our series on IIS threats looks at a malicious IIS extension that intercepts server transactions to steal credit card information ESET researchers have discovered and analyzed a previously undocumented trojan that steals payment information from e-commerce websites’ customers. The trojan, which we named IIStealer, is detected by ESET security solutions as Win64/BadIIS.…

With vacations in full swing, cybercriminals will be looking to scam vacationers looking for that perfect accommodation. Summer vacation planning is in full swing, and most of us are looking to travel again while adhering to the preventive measures that countries have in place regarding the COVID-19 pandemic. And traveling, of course, means looking for…

There are 30 vulnerabilities listed in total; organizations would do well to patch their systems if they haven’t done so yet The leading cybersecurity and law enforcement agencies from the United States, the United Kingdom, and Australia have issued a joint cybersecurity advisory focusing on the top 30 vulnerabilities that were commonly abused by threat actors over…

How is Black Hat USA 2021 different from the past editions of the conference and what are the themes may steal the show this year? Black Hat this year is, well, sparse. I get it… With masks at every turn and some attending virtually, it’s hard to have a conference, especially with the uncertainty of…

How can companies and employees who start to adapt to hybrid working practices protect themselves against cloud security threats? When government lockdowns forced workers to stay home en masse for much of 2020, one technology was there to pick up the pieces. Without the three main cloud computing models, software-, platform- and infrastructure-as-a-service (SaaS, PaaS…

Most people are fans of the convenience Amazon brings to online shopping, and that’s precisely what cybercriminals are betting on. Amazon is the largest online marketplace in the world boasting over US$386 billion in revenue in 2020 with 200 million subscribers to its Amazon Prime service just in the United States. And that’s just a…

A story of how easily hackers could hit a hole-in-one with the computer network of a premier golf club in the UK. Golf clubs and cybercrime couldn’t really sound further apart, but when it comes to cybersecurity, businesses of all sizes are targets and their owners must never assume anything is completely watertight. Golf is, however, more associated with business, so when I was recently asked to investigate and test the cybersecurity of an…

Cybercriminals may target the popular event with ransomware, phishing, or DDoS attacks in a bid to increase their notoriety or make money The United States’ Federal Bureau of Investigation (FBI) has issued a warning about threat actors potentially attempting to disrupt the upcoming Tokyo 2020 Summer Olympics. It went on to warn that cybercriminals could utilize various…