ESET Ireland

Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign

July 11, 2018

D-Link and Changing Information Technologies code-signing certificates stolen and abused by highly skilled cyberespionage group focused on East Asia, particularly Taiwan. ESET researchers have discovered a new malware campaign misusing stolen digital certificates. We spotted this malware campaign when our systems marked several files as suspicious. Interestingly, the flagged files were digitally signed using a valid … More Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign

Attackers could use heat traces left on keyboard to steal passwords

July 10, 2018

The attack, called “Thermanator”, could use your body heat against you in order to steal your credentials or any other short string of text that you have typed on a computer keyboard. A team of academics from the University of California, Irvine (UCI), have presented a type of attack that could enable a malefactor to … More Attackers could use heat traces left on keyboard to steal passwords

Going on vacation? Five things to do before you leave

July 5, 2018

You’ve set up an out-of-office auto-responder and packed your stuff, but have you done all of your “homework” before you rush out the front door for that well-deserved time off? You’re probably taking the vacation to unwind, but it is certainly not the time to put cybersecurity on the back burner. On the contrary, being … More Going on vacation? Five things to do before you leave

Britain’s tax authority reports takedown of record 20,000 fake sites

July 4, 2018

Not unlike the Irish Revenue scams, that we’ve covered extensively, UK’s Her Majesty’s Revenue & Customs (HMRC) is “consistently the most abused government brand”, according to the National Cyber Security Centre (NCSC). The United Kingdom’s tax collection authority, Her Majesty’s Revenue & Customs (HMRC), initiated the removal of as many as 20,750 websites masquerading as the … More Britain’s tax authority reports takedown of record 20,000 fake sites

The principle of least privilege: A strategy of limiting access to what is essential

July 3, 2018

The principle of least privilege is a security strategy applicable to different areas, which is based on the idea of only granting those permissions that are necessary for the performance of a certain activity. In a recent conversation with our marketing analyst at ESET Mexico, Juan Carlos Fernández, we discussed a story about a scam carried … More The principle of least privilege: A strategy of limiting access to what is essential