Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor

Notorious cyberespionage group debases MSSQL. For a while, ESET researchers have been tracking the activities of the Winnti Group, active since at least 2012 and responsible for high-profile supply-chain attacks against the video game and software industry. Recently, we discovered a previously undocumented backdoor targeting Microsoft SQL (MSSQL) that allows attackers to maintain a very discreet … More Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor

Critical bug found in popular mail server software

If exploited, the security hole in Exim could allow attackers to run arbitrary commands on vulnerable mail servers. Exim, the popular mail transfer agent (MTA) software, contains a critical-rated vulnerability that can, in some scenarios, enable remote attackers to run commands of their choice on unpatched mail servers, researchers from Qualys have found. Tracked under CVE-2019-10149, the remote … More Critical bug found in popular mail server software

Turla LightNeuron: An email too far

ESET research uncovers Microsoft Exchange malware remotely controlled via steganographic PDF and JPG email attachments. Due to security improvements in operating systems, rootkit usage has been in constant decline for several years. As such, malware developers – especially those working in espionage groups – have been busy developing new stealthy userland malware. Recently, ESET researchers … More Turla LightNeuron: An email too far

The 5 IT security actions to take now based on 2018 Trends

Implementing the five actions described in this article can help reduce your organization’s cyber risk and bolster its security defenses Securing the information systems that keep your organization running is an ongoing endeavor that needs to evolve over time in response to trends in the threat landscape. As our IT systems grow in scale and … More The 5 IT security actions to take now based on 2018 Trends

Botnets overshadowed by ransomware (in media)

Regardless of how intensively the topic of ransomware is currently trending, it is not the most dangerous form of malware. Recently, the much-reported WannaCry ransomware took media by storm, however, it received considerably more coverage than it did harm, and it overshadowed other internet threats. More dangerous than ransomware is a malware capable of taking … More Botnets overshadowed by ransomware (in media)