Continuous Monitoring and Protection
Listen as ESET’s Director of Threat Research Jean-Ian Boutin unravels the tactics, techniques and procedures of MoustachedBouncer, an APT group taking aim at foreign embassies in Belarus
Read MoreThe US Department of Energy on Wednesday announced a competition that can help smaller electric utilities obtain funding and technical assistance for improving their cybersecurity posture. The competition, named the Advanced Cybersecurity Technology (ACT) 1 Prize Competition, is part of the Biden administration’s Rural and Municipal Utility Cybersecurity (RMUC) Program, which has set aside $250 million over a five-year period for enhancing cybersecurity at cooperative, municipal and small investor-owned electric utilities. For the ACT 1…
Read MoreA cyberespionage group possibly linked to China has targeted government-related organizations and technology companies in various parts of the world. Trend Micro, which tracks it as Earth Estries, says the group has been around since at least 2020. While the cybersecurity firm has not directly attributed Earth Estries to any particular country, it did point out that there are some overlaps in tactics, techniques and procedures (TTPs) with an APT named FamousSparrow. FamousSparrow, which in…
Read MoreThe campaign started with a trojanized version of unsupported financial software
Read Moreby Paul Ducklin US food delivery compeny PurFoods, which trades as Mom’s Meals, has just admitted to a cyberintrusion that took place from 2023-01-16 to 2023-02-22. The company stated officially that: [The] cyberattack […] included the encryption of certain files in our network. Because the investigation identified the presence of tools that could be used for data exfiltration (the unauthorized transfer of data), we can’t rule out the possibility that data was taken from one…
Read MoreThe U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved seizing control over the botnet’s online infrastructure, and quietly removing the Qakbot malware from tens of thousands of infected Microsoft Windows computers. Dutch authorities inside a data center with servers tied to the botnet. Image: Dutch National Police. In an international operation announced…
Read MoreA newly identified Android trojan targeting users in Southeast Asia is allowing attackers to control devices remotely and perform bank fraud, Trend Micro reports. Dubbed MMRat and active since June, the malware can capture user input and take screenshots, and uses a customized command-and-control (C&C) protocol based on Protobuf, which improves its performance when transferring large amounts of data. The malware has been distributed via websites masquerading as official application stores, and which were tailored…
Read MoreProminent anti-malware vendors SentinelOne and BlackBerry have been separately named in public acquisition chatter, underscoring a clear signal of impending consolidation in cybersecurity. According to published reports, private equity firm Veritas Capital is in early talks to acquire BlackBerry, the venerable tech firm that acquired Cylance and reinvented itself as a cybersecurity vendor. Neither Veritas or BlackBerry has commented on the reports, which say Veritas is interested in acquiring all of the Canadian company, while…
Read MoreESET researchers uncover a Telegram bot that enables even less tech-savvy scammers to defraud people out of their money
Read MoreSecurity consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. Cryptocurrency lender BlockFi and the now-collapsed crypto trading platform FTX each disclosed data breaches this week thanks to a recent SIM-swapping attack…
Read More