Information

Separating the bee from the panda: CeranaKeeper making a beeline for Thailand

ESET researchers observed several campaigns targeting governmental institutions in Thailand, starting in 2023. These attacks leveraged revamped versions of components previously attributed by other researchers to the China-aligned advanced persistent threat (APT) group Mustang Panda, and later, a new set of tools that abuse service providers such as Pastebin, Dropbox, OneDrive, and GitHub to execute commands on compromised computers and exfiltrate sensitive documents. Based on our findings, we decided to track this activity cluster as…

Read More

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child sexual exploitation and rape. Image: Shutterstock. Researchers at security firm Permiso Security say attacks against generative artificial intelligence (AI) infrastructure…

Read More

Cybersecurity Awareness Month needs a radical overhaul – it needs legislation

Digital Security Despite their benefits, awareness campaigns alone are not enough to encourage widespread adoption of cybersecurity best practices Tony Anscombe 01 Oct 2024  •  , 3 min. read As we enter October, governments, non-profit organizations, cybersecurity vendors and many companies with corporate social responsibility teams are all likely gearing up to push out some useful tips on staying safe online. Without even looking at the official theme of this year’s edition of the campaign,…

Read More

Why system resilience should mainly be the job of the OS, not just third-party applications

Business Security Building efficient recovery options will drive ecosystem resilience Tony Anscombe 01 Oct 2024  •  , 4 min. read Last week, a US congressional hearing regarding the CrowdStrike incident in July saw one of the company’s executives answer questions from policy makers. One point that caught my interest during the ensuing debate was the suggestion that future incidents of this magnitude could be avoided by some form of automated system recovery. Without getting into…

Read More

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, a new indictment charges. KrebsOnSecurity has learned that many of the man’s alleged targets were members of UGNazi, a hacker group behind multiple high-profile breaches and cyberattacks back in 2012. A photo released by…

Read More

Gamaredon’s operations under the microscope – Week in security with Tony Anscombe

Video ESET research examines the group’s malicious wares as used to spy on targets in Ukraine in the past two years 27 Sep 2024 This week, ESET researchers published an extensive analysis of the tools and techniques of Gamaredon, a Russia-aligned threat actor that is currently the most active APT group in Ukraine. Their research examines the group’s malicious wares as used to conduct its cyberespionage activities in 2022 and 2023 and answers questions such…

Read More

Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023

ESET Research ESET Research has conducted a comprehensive technical analysis of Gamaredon’s toolset used to conduct its cyberespionage activities focused in Ukraine Zoltán Rusnák 26 Sep 2024  •  , 5 min. read The war in Ukraine, which started in February 2014 and intensified with Russia’s invasion of the country on February 24th, 2022, exemplifies a multifaceted war, rife with disinformation campaigns and cyberwarfare. Throughout these years, ESET Research has revealed several high-profile cyberattacks conducted by…

Read More

Time to engage: How parents can help keep their children safe on Snapchat

Kids Online Here’s what parents should know about Snapchat and why you should take some time to ensure your children can stay safe when using the app Phil Muncaster 24 Sep 2024  •  , 5 min. read Snapchat may only be the 10th most popular social media platform in the world, but it estimates monthly active users at over 750 million. The platform is all the rage particularly among children and teens, and its features…

Read More

Don’t panic and other tips for staying safe from scareware

Digital Security Keep your cool, arm yourself with the right knowledge, and other tips for staying unshaken by fraudsters’ scare tactics Phil Muncaster 25 Sep 2024  •  , 5 min. read We live in fast-paced and often worrying times, and fraudsters are primed to take advantage. Fear can be a powerful weapon and scammers know how to instill it in people and coerce them into taking specific and hasty actions. In cyberspace, one common way…

Read More

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted and sanctioned a top Russian cybercriminal known as Taleon, whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks. A 2016 screen shot of the Joker’s Stash…

Read More