Tag Archives: ESET

10Fold- Security Never Sleeps- 170

‘Crash Override’ malware heightens fears for US electric grid

Ukrainian cyberattack concerns U.S. security experts”

Tech security firms ESET and Dragos revelaed the malware behind last years Ukrainian attack, “Crash Override,” earlier this week. They claim that this particular software is only the second to be tailored to industrial control facilities and intended for massive disruption. The only precedent for an attack of this magnitude is the Stuxnet virus, which had thrown Iran’s nuclear program into disarray several years ago.

Malware Incidents at US SMBs Spiked 165% in Q1

“Various SMB’s suffer massive attack volume”

The first quarter of this year saw a huge increase in malware attack attempts according to  a new malwarebytes report. In the U.S. alone attacks on SMB’s have surged by 165% over the pervious years count.

Hospital Email Security in Critical Condition as DMARC Adoption Lags

“Patient data at risk”

A new report from Global Cyber Alliance has provided some chilling details about security issues with healthcare providers. Many of these institutions have been sluggish in adopting the DMARC protocol, leaving email accounts dangerously vulnerable.

Fileless malware: An undetectable threat

“New threats emerging”

While much of the security field tends to focus on ransomware and potential solutions, IT pro’s are missing some of the newer, stealthier threats. Fileless malware is one of these, with an increasing prevalence and frequency.

10Fold- Security Never Sleeps- 169

xLED Malware Steals Data Using Router LEDs

“One of the strangest witnessed yet”

While malware does come in many interesting forms, the xLED malicious software plaguing the web now steals data by infecting a router switch and flashing the LED lights these devices have.

You’ll never guess where Russian spies are hiding their control servers

“Social media sites used to conceal malicious software”

Antivirus provider Eset released a report Tuesday that has identified where a Russian cybercriminal group hides their espionage software once it has attacked a network of interest. The backdoor Trojan has even recently used comments on Britney Spears Instagram account to locate the control server that sends guidelines regarding stolen data to and from infected devices.

OneLogin hack exposed sensitive US customer data and ability to decrypt data

“ID management firm confirms it has been breached”

OneLogin, a firm that manages single sign-on duties for many apps and websites, has confirmed that it has been hacked and sensitive customer data was likely obtained. The company was withholding of many details, but assured customers the compromised access has been blocked and the proper law enforcement officials had been notified of the incident.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 157

Hackers Are Using NSA’s DoublePulsar Backdoor in Attacks

“‘Equation Group’ threat actor exposed”

 Alleged NSA hacking tool has been used on public users over the past week. ‘DoublePulsar,’ a backdoor program constructed by ‘Shadow Brokers’ hacking group on Friday, contains a password protected archive of even further exploit kits to be used by cybercriminals. Microsoft has commented on the release of this program, announcing that up to date systems are unlikely to be exposed to any risk.

Webroot deletes Windows files and causes serious problems for users

“Manual fix released to address issue”

Webroot consumers had an unfortunate surprise Monday morning when their product began flagging Windows files as harmful. Over 14 pages concerning the issue appeared as comments on the Webroot community forum, prompting a manual fix to be developed by Webroot that has yet to remedy the situation for many affected.

Hipchat resets user passwords 

“Security issues prompt concerns”

HipChat has automatically reset its users passwords after a possible breach may have exposed names, email addresses, and hashed password information. Particular cases may have gained access to message content, although this happened in less than 0.05% of cases.

Hackers uncork experimental Linux-targeting malware

“Four different protocols used”

Cybercriminals are now using a new malware program that attacks Linux systems, dubbed Linux/Shishiga. It uses SSH, Telnet, HTTP, and BitTorrent according to online security researcheres at ESET.

Hard Target: Fileless Malware

“The future of online threat is fileless”

Fileless malware attacks are on the rise. Malware that is either fileless or in-memory pose threats to businesses that are both difficult to recognize and destroy.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 153

WikiLeaks posts CIA documents on ways to install malware

“Details CIA procedures to install malicious programs”

WikiLeaks took to the internet again on Friday to publish a new array of classified documents from the CIA. The new leak has outlined the Grasshopper framework, a malware installation system that provides weaponized code onto a computer without the security systems blocking it.

Sathurbot Malware Spreads via Torrent Files, Attacks WordPress Sites

“Attempts at remote takeover of sites”

ESET security researchers have revelaed a new malware strain dubbed ‘Sathurbot,’ which uses malicious torrent files ro spread to new vitims. It proceeds to carry out coordinated WordPress attacks, with the intention of the eventual commandeering of the site. The common outcome is a host for malware download centers or SEO spam filters.

McAfee: Trend indicates 2017 will be bumper year for new malware

“Current trends bolster expectations”

McAfee labs has shown that new malware is being pumped out at incredible rates, and if the past two years are any indication this won’t end any time soon. Malware innovation to a net hit last year, with a nine-month lull in identified new strains, but this dip seems to have tapered off with new creators releasing several new strains over the last few months.