CyberSecurity Updates

Misconfigured remote access services continue to give bad actors an easy access path to company networks – here’s how you can minimize your exposure to attacks misusing Remote Desktop Protocol As the COVID-19 pandemic spread around the globe, many of us, myself included, turned to working full-time from home. Many of ESET’s employees were already accustomed to working remotely part of the time, and it was largely a matter of scaling up existing resources to…

Read More

It pays to do some research before taking a leap into the world of internet-connected toys The Internet of Things (IoT) is changing the way we live and work. From smart pacemakers to fitness trackers, voice assistants to smart doorbells, the technology is making us healthier, safer, more productive and entertained. At the same time, it has also provided opportunities for manufacturers to market flashy new toys for our children. The global market for smart…

Read More

Worok takes aim at various high-profile organizations that operate in multiple sectors and are located primarily in Asia ESET researchers have revealed their findings about a previously unknown cyberespionage group that they named Worok. This APT group takes aim at various high-profile organizations that operate in multiple sectors and are located primarily in Asia, but also in the Middle East and Africa. Worok uses both its own toolkit and existing tools to compromise its targets…

Read More

Has your Wi-Fi speed slowed down to a crawl? Here are some of the possible reasons along with a few quick fixes to speed things up. Wireless internet connectivity is a wonder of the modern age. There are few more ubiquitous technology protocols than Wi-Fi, the means via which radio signals sent from our router connect with the devices we use around the smart home. Previously, such internet-enabled devices mostly included one or two laptops,…

Read More

ESET researchers have uncovered another tool in the already extensive arsenal of the SparklingGoblin APT group: a Linux variant of the SideWalk backdoor ESET researchers have discovered a Linux variant of the SideWalk backdoor, one of the multiple custom implants used by the SparklingGoblin APT group. This variant was deployed against a Hong Kong university in February 2021, the same university that had already been targeted by SparklingGoblin during the student protests in May 2020.…

Read More

ESET Research first spotted this variant of the SideWalk backdoor in the network of a Hong Kong university in February 2021 ESET researchers have published their findings about a Linux variant of the SideWalk backdoor, which is one of a number of custom implants used by the SparklingGoblin APT group. This piece of malware was first detected by ESET in February 2021 in the network of a Hong Kong university. The same university had previously…

Read More

by Paul Ducklin Google pushed out a bunch of security fixes for the Chrome and Chromium browser code earlier this week… …only to receive a vulnerability report from researchers at cybersecurity company Avast on the very same day. Google’s response was to push out another update as soon as it could: a one-bug fix dealing with CVE-2022-3723, described with Google’s customary we-can-neither-confirm-nor-deny legalism saying: Google is aware of reports that an exploit for CVE-2022-3723 exists…

Read More

Cross-site tracking cookies have a bleak future but can still cause privacy woes to unwary users For many years, privacy advocates have been sounding the alarm on the use of cookies to track, profile, and serve personalized ads to web users. The discussion has been especially acute over cookies used for cross-site tracking, in which a website leaks or offers visitor data to third-party services included in the site. In response, some of the major…

Read More

The news seems awash this week with reports of both Microsoft and Apple scrambling to patch security flaws in their products The news seems awash this week with tech companies scrambling to patch security vulnerabilities in their software. This month’s Patch Tuesday saw Microsoft plug 64 security holes, including a zero-day that is being actively exploited in the wild. Apple also joined the party, issuing security updates for both iOS and macOS and also plugging…

Read More