Critical bug found in popular mail server software

If exploited, the security hole in Exim could allow attackers to run arbitrary commands on vulnerable mail servers. Exim, the popular mail transfer agent (MTA) software, contains a critical-rated vulnerability that can, in some scenarios, enable remote attackers to run commands of their choice on unpatched mail servers, researchers from Qualys have found. Tracked under CVE-2019-10149, the remote … More Critical bug found in popular mail server software

Turla LightNeuron: An email too far

ESET research uncovers Microsoft Exchange malware remotely controlled via steganographic PDF and JPG email attachments. Due to security improvements in operating systems, rootkit usage has been in constant decline for several years. As such, malware developers – especially those working in espionage groups – have been busy developing new stealthy userland malware. Recently, ESET researchers … More Turla LightNeuron: An email too far

The 5 IT security actions to take now based on 2018 Trends

Implementing the five actions described in this article can help reduce your organization’s cyber risk and bolster its security defenses Securing the information systems that keep your organization running is an ongoing endeavor that needs to evolve over time in response to trends in the threat landscape. As our IT systems grow in scale and … More The 5 IT security actions to take now based on 2018 Trends

Botnets overshadowed by ransomware (in media)

Regardless of how intensively the topic of ransomware is currently trending, it is not the most dangerous form of malware. Recently, the much-reported WannaCry ransomware took media by storm, however, it received considerably more coverage than it did harm, and it overshadowed other internet threats. More dangerous than ransomware is a malware capable of taking … More Botnets overshadowed by ransomware (in media)

DNS attacks: How they try to direct you to fake pages

DNS servers are essential to the normal functioning of the internet as we know and love it, but they tend to go unnoticed by most users. At least, that is, until some sort of attack or incident occurs that stops them from working normally, which results in the services we use every day starting to fail (something … More DNS attacks: How they try to direct you to fake pages

Mumblehard takedown ends army of Linux servers from spamming

One year after the release of the technical analysis of the Mumblehard Linux botnet, we are pleased to report that it is no longer active. ESET, in cooperation with the Cyber Police of Ukraine and CyS Centrum LLC, have taken down the Mumblehard botnet, stopping all its spamming activities since February 29th, 2016. ESET is … More Mumblehard takedown ends army of Linux servers from spamming

News from the Dorkside: Dorkbot botnet disrupted

ESET has collaborated with Microsoft, CERT.PL and various law enforcement bodies around the world to disrupt known Dorkbot botnets by sinkholing their C&C servers. ESET shared technical analysis, statistical information about the malware used, and known command and control servers’ domains and IPs. We also were able to leverage our historical knowledge of this threat … More News from the Dorkside: Dorkbot botnet disrupted