Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign

D-Link and Changing Information Technologies code-signing certificates stolen and abused by highly skilled cyberespionage group focused on East Asia, particularly Taiwan. ESET researchers have discovered a new malware campaign misusing stolen digital certificates. We spotted this malware campaign when our systems marked several files as suspicious. Interestingly, the flagged files were digitally signed using a valid … More Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign

Microsoft Edge bug could be exploited to spill your emails to malicious sites

Since a patch for the flaw has already been released, users are well advised to make sure that they’re running the browser’s most recent version. A Google developer has discovered a high-severity loophole that affected the Microsoft Edge web browser and, less so, Mozilla Firefox, and that could provide an attacker with access to the … More Microsoft Edge bug could be exploited to spill your emails to malicious sites

Turla’s watering hole campaign: an updated Firefox Extension abusing Instagram

Some of the tactics used in APT attacks die hard. A good example is provided by Turla’s watering hole campaigns. This group, which has been targeting governments, government officials and diplomats for years, is still using watering hole techniques to redirect potentially interesting victims to their C&C infrastructure. In fact, they have been using them … More Turla’s watering hole campaign: an updated Firefox Extension abusing Instagram