Yelp Sucks

ESET Research uncovers an active malicious campaign that uses new versions of old malware, Bandook, to spy on its victims In 2021 we detected an ongoing campaign targeting corporate networks in Spanish-speaking countries, with 90% of the detections in Venezuela. When comparing the malware used in this campaign with what was previously documented, we found…

A global operation takes down the infrastructure of DoubleVPN and seizes data about its customers Law enforcement agencies from Europe, the United States and Canada have teamed up to take down the web domains and seized the infrastructure of DoubleVPN, a virtual private network (VPN) service that was used by cybercriminals to conduct their activities…

You can now secure your account with a physical security key as your sole 2FA method, without any additional 2FA option If you’re on Twitter, you can now use a hardware security key as your sole two-factor authentication (2FA) method. While previously the microblogging service allowed users to use a security key as one of…

As news breaks about the supply-chain ransomware attack against Kaseya’s IT management software, here’s what we know so far Just when we were getting over the SolarWinds supply-chain attack, we see Kaseya IT management software, commonly used in Managed Service Provider (MSP) environments, hit by another in a series of supply-chain hacks. As with the…

Information scraped from LinkedIn user profiles includes full names, gender, email addresses and phone numbers For the second time this year, data scraped from the accounts of hundreds of millions of LinkedIn users has been posted for sale on a hacking forum. This haul seems to be even bigger than the one that involved data…

Are you on Facebook? So are scammers. Here are some of the most common con jobs on Facebook you should watch out for and how you can tell if you’re being scammed. While various social media platforms have popped up over the years, Facebook remains one of the most popular of them all. Case in…

Brave’s search engine takes on Google, promising to let users surf the web without leaving a trace Brave, the company known for its eponymous web browser, has announced the launch of its own search engine dubbed Brave Search. The product, which is currently in beta and is built on an entirely independent search index, promises…

Cyberattacks targeting the gaming industry skyrocket, with web attacks more than tripling year-on-year in 2020 During the COVID-19 pandemic, the gaming industry has seen greater growth in cyberattacks than any other industry, according to content delivery network (CDN) provider Akamai. Web application attacks against gaming companies rose by 340 percent between 2019 and 2020 and…

What was it like to work for, and be friends with, the larger-than-life technology entrepreneur back when he helped shape the computer security industry? Editor’s note: The views expressed in this article are solely those of the author and do not necessarily reflect the views of WeLiveSecurity and ESET. This is probably not the first…

The fraudsters ran their campaigns from the cloud and used phishing attacks and email forwarding rules to steal financial information Microsoft has shut down a sprawling Business Email Compromise (BEC) operation that had its infrastructure hosted in several web services. Using these cloud-based assets, the threat actors infiltrated hundreds of mailboxes across multiple organizations and…