ESET research on Operation Windigo received an award at Virus Bulletin 2014. Our research on bootkits was also well received, and is now available publicly.
Archives - September 2014
Apple Mac OS X users concerned about the Bash vulnerability dubbed Shellshock got some relief late yesterday as Apple published fixes for various versions of OS X. But if you use Mavericks you will need to install 10.9.5 before the Bash fix will work.
The creator of an app that secretly allows you to monitor another person’s smartphone usage without their knowledge has been arrested in Los Angeles, according to Slashgear.
With Apple, Google and other tech companies responding to users’ demands for privacy with further smartphone encryption options, not everyone is happy. FBI Director James Comey is “very concerned” about increased mobile OS encryption, according to TechSpot.
An update on support scams: but are the scammers looking for fresh fields and posturings new?
Newly weds George Clooney and Amal Alamuddin supplied guests with "burner phones" to prevent photographs from falling into the hands of hackers and the tabloid press.
This week, a serious software vulnerability, which rapidly became known as the ‘Bash Bug’ or ‘Shellshock’ dominated the headlines, as two other faked news stories showed that hoaxes can fool the world very easily these days.
The "Bash Bug" or "Shellshock" vulnerability means a wide range of devices, servers and computers, including Mac OS X, will need to be patched to prevent abuse by malicious persons. Here's advice about what to do and links to more in-depth resources.
The media have associated a number of destructive hoaxes with 4chan: people need some historical perspective on how the site actually works.
Medical information is now worth up to 10 times the price of credit card details on online black markets, due to weak healthcare security and a thriving black market in data to be used for medical fraud.
Auction site eBay has remained defiant about ‘active’ listings ,containing computer code, despite multiple reports indicating that these are being used for phishing attacks.
The hit shoot ‘em up Destiny has been targeted by a cybercriminal gang thought to be behind recent attacks on game companies including Sony and Blizzard, creators of World of Warcraft.
In what appears to be a misogynist attack directed at Harry Potter actress Emma Watson, a site has appeared supposedly offering a countdown until images of her are released online.
Facial recognition is booming, with the market expected to grow from $1.92 billion to $6.5 billion in 2018 - and invading markets such as dating, with Match.com integrating a service which finds users dates based on their exes.
Home Depot says it was hacked to the tune of 56 million payment cards. What is behind the current wave of cybercrime? This recorded presentation offers answers and some defensive strategies for organizations at risk.
State organizations and private businesses from various sectors in Ukraine and Poland have been targeted with new versions of BlackEnergy, a malware that's evolved into a sophisticated threat with a modular architecture.
Home Depot staff repeatedly ignored the concerns of employees about the security of its systems, prior to the Home Depot data breach, now thought to be the largest in history.
Thousands of Facebook addicts are feverishly sharing a "news report" claiming that from November 1st you'll be paying $2.99 every month to access the site.
Updated information on ESET presentations at Virus Bulletin 2014.
Home Depot has issued a statement today that provides more details about their recent breach, as well as indicating that the malware used by the attackers has now been removed from their systems. This breach appears to be even larger than Target’s, as it exposed payment information for 56 million customers in their US and Canada locations.