Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor

Notorious cyberespionage group debases MSSQL. For a while, ESET researchers have been tracking the activities of the Winnti Group, active since at least 2012 and responsible for high-profile supply-chain attacks against the video game and software industry. Recently, we discovered a previously undocumented backdoor targeting Microsoft SQL (MSSQL) that allows attackers to maintain a very discreet … More Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor

LoudMiner: Cross-platform mining in cracked VST software

The story of a Linux miner bundled with pirated copies of VST (Virtual Studio Technology) software for Windows and macOS. Introduction LoudMiner is an unusual case of a persistent cryptocurrency miner, distributed for macOS and Windows since August 2018. It uses virtualization software – QEMU on macOS and VirtualBox on Windows – to mine cryptocurrency … More LoudMiner: Cross-platform mining in cracked VST software

Why cybercriminals are eyeing smart buildings

A recent talk by ESET’s Global Security Evangelist Tony Anscombe looks at the key security challenges facing intelligent buildings. As part of the Segurinfo Argentina 2019 conference in Buenos Aires, ESET’s Global Security Evangelist Tony Anscombe gave a talk on smart buildings, in which he explained the security risks associated with intelligent buildings. Let’s cut … More Why cybercriminals are eyeing smart buildings

Facebook exposed millions of user passwords to employees

The social network says that the passwords were never exposed externally and that it found no abuse of the glitch. Facebook has fixed a bug that caused that the passwords of many of its users were stored in plain text and were visible for the social network’s employees. “As part of a routine security review … More Facebook exposed millions of user passwords to employees

You should pick your Android security app wisely, test shows

It’s prudent to get a security solution for your device, but a test by AV-Comparatives shows why you need to choose judiciously. A recent test of anti-malware apps available in Google Play showed that most are not, in fact, worthy of the name and, indeed, the space they take up on the Android device. Independent testing outfit … More You should pick your Android security app wisely, test shows