News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Threat Report H2-2023: Botnets, Ransomware, DDoS 
Threat Report H2-2023: Botnets, Ransomware, DDoS

The second half of 2023 was characterized by classic threats such as DDoS attacks and ransomware, but also by the sudden disappearance of the busy botnet Mozi. In addition, the API keys of ChatGPT users are at risk. The ESET Threat Report H2 2023. In the new ESET Threat Report H2 2023, the European IT security manufacturer presents these and other threats as well as trends in the global threat landscape from June to November 2023. The aim of the report is to raise awareness of the biggest cyber threats and provide information about current risks. For more information, see ESET Threat Report H2…

Read more

EDR: Automatically detect and process anomalies
EDR: Automatically detect and process anomalies

The new extension of the ESET security solution for EDR significantly minimizes the response time when detecting and processing cyber incidents. This relieves the burden on those responsible for IT. The IT security manufacturer ESET has released its security solution for Endpoint Detection and Response (EDR) with an expanded range of functions as well as improved automated detection and processing of anomalies. ESET Inspect also includes the new “Incident Creator”, which significantly reduces the response time and time required for administrators to record and resolve incidents. In this way, ESET is responding to the desire of many companies to use the advantages of EDR solutions even with limited IT resources...

Read more

OilRig: Hacker group attacks Israeli organizations
Eset_News

The hacking group OilRig, with suspected ties to Iran, has been targeting Israeli manufacturing companies, local government organizations and the healthcare industry for over a year. Researchers at IT security manufacturer ESET have uncovered a campaign by the APT group “OilRig” (also known as APT34, Lyceum, Crambus or Siamesekitten), which has been attacking local government organizations, manufacturing companies and also the healthcare sector in Israel since 2022. OilRig uses legitimate cloud service providers for data exfiltration The criminals, who are believed to be from Iran, are trying to penetrate the networks of Israeli organizations and find and exfiltrate sensitive data. To achieve this, OilRig is using a variety of new...

Read more

More security for cloud-based work environments
More security for cloud-based work environments

Cloud-based work platforms, such as Google Workspace and Microsoft 365, are particularly vulnerable to threats from cybercriminals. IT security specialist ESET has improved its cloud office solution and now offers more protection. The IT security manufacturer ESET has released a new version of ESET Cloud Office Security (ECOS). The enhanced security solution offers advanced security features for Microsoft 365 and now also includes comprehensive, multi-layered protection for Google Workspace. ESET Cloud Office Security comprehensively protects Exchange Online, OneDrive, Microsoft Teams and SharePoint Online as well as Google Drive and Gmail from threats from the Internet. All users who already…

Read more

Telekopye: Looking for young hackers
B2B Cyber ​​Security ShortNews

The hacker group Telekopye has placed advertisements on underground forums to recruit new members. With their toolkit, even beginners can easily create phishing websites. Recently, researchers at IT security manufacturer ESET recently discovered a toolkit called Telekopye that allows even less tech-savvy people to commit online fraud. But that's just the tip of the iceberg, as further analysis showed. “Cybercrime is a business of the highest professionalism. Even if the perpetrators are often called 'gangs' or 'hacker groups': Behind them are illegal but highly professional companies with the most modern structures...

Read more

One less: IoT botnet Mozi shut down
B2B Cyber ​​Security ShortNews

At the end of September 2023, “Mozi” suddenly came to an end. Until the end of September 2023, the IoT botnet attacked vulnerabilities in hundreds of thousands of IoT devices every year. Chinese law enforcement may be responsible for the shutdown. The Internet of Things botnet Mozi exploited vulnerabilities in hundreds of thousands of IoT devices such as Internet routers or digital video recorders every year until the end of September 2023 - including in Germany. Mozi could use it to launch DDoS (Distributed Denial of Service) attacks, exfiltrate data or execute arbitrary commands. ESET researchers were able to prove that a so-called “kill switch” heralded the end of Mozi...

Read more

EU and Ukraine in the attackers' sights
B2B Cyber ​​Security ShortNews

The APT Activity Report shows that the EU, Israel and Ukraine are particularly affected by attacks by state-backed hacker groups. Cybercriminals pursue different goals with their actions: Russian hackers primarily want to support the war against Ukraine. Chinese groups particularly spy on government organizations and companies in the EU to obtain sensitive information. “Organizations around the world are facing increasingly frequent and sophisticated attacks,” said Jan-Ian Boutin, Director of ESET Threat Research, summarizing the report. “The ongoing cyber attacks on Ukraine and cyber espionage from China show that...

Read more

Hacker group exploits zero-day vulnerability
B2B Cyber ​​Security ShortNews

Government agencies and a think tank in Europe were attacked by the APT group Winter Vivern. Here, the hackers use so-called cross-site scripting attacks to exploit a zero day vulnerability in the Roundcube webmail servers used in order to then read (confidential) emails. Roundcube is an open source webmail software used by many government departments and organizations such as universities and research institutes. ESET recommends that users update to the latest available version of the software as soon as possible. ESET discovered the vulnerability on October 12, 2023 and immediately reported it to the Roundcube team, who reported the vulnerability two…

Read more

SMEs: Reliably detect and fix security gaps
SMEs: Reliably detect and fix security gaps

One of the most dangerous and most commonly used attack vectors by cybercriminals are unpatched vulnerabilities. The innovative vulnerability and patch management from the IT security manufacturer ESET helps SMEs to identify and fix them. This solution supports organizations in reliably detecting and eliminating security gaps in their systems. If the software has identified vulnerabilities in operating systems or common applications, administrators can have the required patches installed automatically or act manually. The guidelines supplied simplify the work of those responsible and can be individually adapted. Numerous filter options allow vulnerabilities to be prioritized according to their severity. ESET Vulnerability & Patch…

Read more

Invisibility cloak for malware services finally worthless 
B2B Cyber ​​Security ShortNews

Professional malware is successful when it uses clever obfuscation to evade detection by security solutions. However, the experts at security manufacturer ESET have now demystified the best-known cloak for malicious code – AceCryptor. This Cryptor-as-a-Service has been actively used by threat actors worldwide since 2016 to protect dozens of malware families. In 2021 and 2022 alone, ESET telemetry made more than 240.000 detections of this malware. That equates to more than 10.000 detections per month. AceCryptor is likely to be sold on the dark web or underground forums and is hugely popular with cybercriminals….

Read more