What are exploit kits? Unwary internet users may not realize that in the course of normal browsing they can be exposed to malicious exploit kits that lurk on some websites. Exploit kits consist of malicious code to exploit one or more potential vulnerabilities in common web browsing and document viewing software. More sophisticated exploit kits … More Exploit kits: What are they and what is an exploit blocker?
As software becomes more important than ever, how can engaging the security industry make the road ahead less winding? Here at CES, the car manufacturers race to launch the latest gadgets in their new models before the competition. And that’s hard to do without breaking down the software silos. That would mean using widely developed, open-source … More Connected cars: How to improve their connection to cybersecurity
As we’re entering 2020, we’re also plotting out our New Year’s resolutions. Instead of suggesting what you should do next year, however, let’s have a look at some cybersecurity mistakes you should avoid for a more secure 2020. Denying you are a target You’ve probably already brushed off this possibility with contempt, thinking the chances … More ESET’s 20 cybersecurity tips for 2020
Notorious cyberespionage group debases MSSQL. For a while, ESET researchers have been tracking the activities of the Winnti Group, active since at least 2012 and responsible for high-profile supply-chain attacks against the video game and software industry. Recently, we discovered a previously undocumented backdoor targeting Microsoft SQL (MSSQL) that allows attackers to maintain a very discreet … More Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor
The story of a Linux miner bundled with pirated copies of VST (Virtual Studio Technology) software for Windows and macOS. Introduction LoudMiner is an unusual case of a persistent cryptocurrency miner, distributed for macOS and Windows since August 2018. It uses virtualization software – QEMU on macOS and VirtualBox on Windows – to mine cryptocurrency … More LoudMiner: Cross-platform mining in cracked VST software
A recent talk by ESET’s Global Security Evangelist Tony Anscombe looks at the key security challenges facing intelligent buildings. As part of the Segurinfo Argentina 2019 conference in Buenos Aires, ESET’s Global Security Evangelist Tony Anscombe gave a talk on smart buildings, in which he explained the security risks associated with intelligent buildings. Let’s cut … More Why cybercriminals are eyeing smart buildings
The social network says that the passwords were never exposed externally and that it found no abuse of the glitch. Facebook has fixed a bug that caused that the passwords of many of its users were stored in plain text and were visible for the social network’s employees. “As part of a routine security review … More Facebook exposed millions of user passwords to employees