Cyber Security

Cybersecurity researchers on Thursday revealed security issues in the Android app developed by Chinese drone-maker Da Jiang Innovations (DJI) that comes with an auto-update mechanism that bypasses Google Play Store and could be used to install malicious applications and transmit sensitive personal information to DJI's servers. The twin reports, courtesy of cybersecurity firms Synacktiv and GRIMM, found that DJI's Go 4 Android app not only asks...

Read More

ESET research uncovers a malicious operation that both spies on victims and leaks their data We discovered a new operation within a long-running cyber-espionage campaign in the Middle East. Targeting Android users via the malicious Welcome Chat app, the operation appears to have links to the malware named BadPatch, which MITRE links to the Gaza Hackers threat actor group known also as Molerats. Our analysis shows that...

Read More

If your company allows employees to bring their own computing devices to the workplace – whether they are smartphones, tablets, or laptops – you need a BYOD security policy. Initially, employees used only company-issued devices in the workplace. Today, smartphones and tablets have proliferated in the consumer market to the point that nearly every employee comes to work with their own internet-connected device. This means...

Read More

A zero-day vulnerability has been discovered in Zoom video conferencing software for Windows that could allow an attacker to execute arbitrary code on a victim's computer running Microsoft Windows 7 or older. By the way, if someone is still using Windows 7, they deserve to get hacked, including many organisations without extended support, because it's only a matter of time before they'll be a victim of...

Read More

A study paints a dim picture of router security, as none of the 127 devices tested was free of severe vulnerabilities. A recent study of more than 100 consumer-grade routers from seven, mostly large vendors has found that nearly all tested routers are affected by scores of unpatched and often severe security flaws that leave the devices – and their users – at risk of cyberattacks. “[T]here...

Read More

European police infiltrate EncroChat, go on to crack down on crime kingpins and seize guns, drugs, cars and millions in cash. Law enforcement agencies in Europe recently cracked an instant messaging system used by organised crime before the ensuing police operation ultimately led to the arrests of more than 800 suspected criminals, mostly in the United Kingdom. The service, dubbed EncroChat, was used by 60,000 people...

Read More

Cybersecurity researchers today issued a security advisory warning enterprises and governments across the globe to immediately patch a highly-critical remote code execution vulnerability affecting F5's BIG-IP networking devices running application security servers. The vulnerability, assigned CVE-2020-5902 and rated as critical with a CVSS score of 10 out of 10, could let remote attackers take complete control of the targeted systems, eventually gaining surveillance over the application...

Read More

The industry's latest buzzword is largely a repackaging exercise that bundles a collection of capabilities together and offers them as a cloud-delivered service. A new buzzword invading the marketing materials of cybersecurity vendors is Standing for Secure Access Service Edge (SASE). The term, coined by Gartner, refers to a technology trend in support of cloud-based applications and remote working, in which networking and security functionality converge...

Read More

Poorly secured remote access attracts mostly ransomware gangs, but can provide access to coin miners and backdoors too. The COVID-19 pandemic has radically changed the nature of everyday work, forcing employees to do large parts of their jobs via remote access. Cybercriminals – especially ransomware operators – are aware of the shift and attempt to exploit the new opportunities and increase their illicit earnings. ESET telemetry...

Read More

The advent of the Covid-19 pandemic and the impact on our society has resulted in many dramatic changes to how people are traveling, interacting with each other, and collaborating at work. There are several trends taking place as a consequence of the outbreak, which has only continued to heighten the need for the tightest possible cybersecurity. Tools for Collaboration There has been a massive spike in the adoption...

Read More