Authorities remove web shells from compromised Exchange servers

Law enforcement steps in to thwart attacks leveraging the recently-disclosed Microsoft Exchange Server vulnerabilities. The United States’ Federal Bureau of Investigation (FBI) has carried out a court-approved operation to “copy and remove” malicious web shells from hundreds of systems across the US that were compromised through the mass exploitation of zero-day flaws in Microsoft Exchange … More Authorities remove web shells from compromised Exchange servers

DNSpooq bugs expose millions of devices to DNS cache poisoning

Security flaws in a widely used DNS software package could allow attackers to send users to malicious websites or to remotely hijack their devices. Millions of devices could be vulnerable to Domain Name System (DNS) cache poisoning and remote code execution attacks due to seven security flaws in dnsmasq, DNS forwarding and caching software commonly found in smartphones, … More DNSpooq bugs expose millions of devices to DNS cache poisoning

Aerospace and military companies in the crosshairs of cyberspies

ESET researchers uncover targeted attacks against high-profile aerospace and military companies. At the end of last year, we discovered targeted attacks against aerospace and military companies in Europe and the Middle East, active from September to December 2019. A collaborative investigation with two of the affected European companies allowed us to gain insight into the … More Aerospace and military companies in the crosshairs of cyberspies

ESET researchers detect a new trick used by malware to slip into the official Android app store

ESET researchers discovered an extremely stealthy – yet surprisingly simple – technique that allowed Android malware to stay under the radar. Analyzing the DEFENSOR ID app that was – at the time – available on the official Android app store, ESET researchers learned the app misused Accessibility Services but required no other suspicious permission nor … More ESET researchers detect a new trick used by malware to slip into the official Android app store

Old extortion spam email in Irish mailboxes, with a new Coronavirus twist

At ESET Ireland we’ve come across a novel twist on the usual “send money or bad things will happen” extortion spam email, hitting Irish mailboxes. The extortion letter starts in the usual manner, showing a victim’s password, likely gathered from one of the major security breaches over the years, which the victim could recognise as … More Old extortion spam email in Irish mailboxes, with a new Coronavirus twist