News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Report: Cyber ​​threats as a result of the Ukraine war
Report: Cyber ​​threats as a result of the Ukraine war

As the current ESET Threat Report T3 2022 shows, there are increasing cyber threats everywhere as a result of the Ukraine war. The cyber war has fully unfolded with new ransomware, wipers, DDoS or brute force attacks on accounts. IT security manufacturer ESET has published its T3 2022 threat report, which summarizes the most important statistics of ESET detection systems and highlights notable examples from cybersecurity research. The latest edition of the so-called "ESET Threat Report" (September to December 2022) highlights the impact of the ongoing war in Ukraine and its consequences for the world, including cyberspace. The invasion...

Read more

Red Alert for Windows 11: Bootkit bypasses UEFI Secure Boot

According to ESET, even the new Windows 11 with its UEFI Secure Boot security system is not safe from the "BlackLotus" boot kit. The bootkit is already active in the wild and is also actively offered in hacker forums.​​​​​​​ Red alert for Windows users: ESET researchers have identified a bootkit that contains key security features of UEFI Secure Boot - a security system of Windows - able to avoid. Even a completely up-to-date Windows 11 system with activated Secure Boot does not pose a problem for the malware. Due to the functionality of the boot kit and its individual characteristics, the experts…

Read more

APT report: Chinese threat actors are making Europe unsafe
APT report: Chinese threat actors are making Europe unsafe

The European IT security manufacturer ESET has published its current "APT Activity Report T3 2022". Focus: Chinese hacker groups are active in Europe and Russian hacker groups continue to target Ukraine. Investigative findings on selected Advanced Persistent Threat (APT) groups are regularly summarized in these reports. In the latest issue, which covers the period from September to December 2022, ESET experts present their latest insights into various global hacking campaigns. Groups allied with China have shifted their activities to European countries. Ukraine continues to be targeted by Russian hackers like Sandworm, Callisto or…

Read more

Microsoft Office: dangerous Excel XLL add-ins  
Microsoft Office: dangerous Excel XLL add-ins

Now that Microsoft has again deactivated foreign VBA macros in Office by default and does not run them, there is one less attack vector. Again and again there were dangerous Excel add-ins with the XLL file extension that executed malware after a click. Now Microsoft is shutting down that threat as well—but not until March 2023. According to The Register, Microsoft will begin blocking Excel XLL add-ins from the web in March to take down an increasingly popular attack vector for cybercriminals. In a brief note on the Microsoft 365 roadmap, the manufacturer explained that this move was in response to "the increasing...

Read more

3 million insecure Windows computers in Germany
Eset_News

Support for Windows 10 ended on January 2023, 8.1, as did extended paid support for Windows 7. From this point on, no more security updates will be released. Microsoft also does not offer an Esu (Extended Security Update) program for Windows 8.1. The result: almost 3 million insecure Windows computers. In German private households, around one million computers are still running Windows 8.1 and almost twice as many are running Windows 7 (1,7 million). All in all, almost three million computers with an insecure operating system are still regularly online. It is high time for users to make the switch...

Read more

Hacker groups: Russia, North Korea, Iran and China fully active
Hacker groups: Russia, North Korea, Iran and China fully active

With its new APT - Advanced Persistent Threat - Activity Report, ESET provides a regular overview of the activities of hacker groups and examines their actions in detail. Groups from Russia, North Korea, Iran and China are highly active. Russia-linked hackers like Sandworm, Gamaredon, Turla, or InvisiMole continue to have Ukraine as their primary target. Aerospace and defense companies are popular with actors connected to North Korea. Iranian groups focus their activities on Israel. A German food company was also the target of an APT group linked to China. Overall, ESET researchers could not see a decrease...

Read more

Hackers raid diamond wholesalers and steal nothing
Eset_News

For some hackers, the destruction of digital data is more important than theft or blackmail. APT group Agrius has carried out a series of cyberattacks using the Fantasy wiper malware, according to ESET experts. For diamond wholesalers, theft, fraud and ransom demands are part of their daily business threats. However, the fact that cybercriminals are only out to destroy digital information and do not want to make any financial profit surprised the affected gem dealers in Israel as well as the security experts from ESET. They were able to prove that the APT group Agrius had carried out a series of cyber attacks with the "Fantasy" malware, which also…

Read more

Managed detection and response services made in EU
Managed detection and response services made in EU

The IT security manufacturer ESET is consistently expanding its range of IT security services. With Managed Detection and Response (MDR) as a Service, ESET offers companies an even more comprehensive service portfolio. With the help of ESET MDR, corporate customers effectively have direct access to ESET's IT security experts, who effectively support the respective IT department in the rapid detection, analysis, investigation and initiation of measures in the event of cyber threats. The offer is aimed in particular at organizations that have an internal IT department but do not have the necessary resources of their own in the areas of IT security and detection and response. Managed Detection and…

Read more

Hacker group Polonium uses cloud services for attacks
Eset_News

The hacker group POLONIUM (APT) has attacked targets in Israel with previously unknown backdoors and cyber espionage tools. The group mostly uses cloud services for the attacks. The ESET researchers have dubbed the malware "Creepy". The group is said to be working with Iran. According to the analysis by the researchers of the European IT security manufacturer, the hackers have attacked more than a dozen organizations since at least September 2021. The group's most recent action took place in September 2022. Target industries of this group include engineering, information technology, legal, communications, branding and marketing, media, insurance and social services. Hacker group probably with Iran connections according to...

Read more

Iran: Spyware app spies on its own compatriots
Eset_News

An Iranian hacker group spies on their own compatriots with the help of a manipulated app. FurBall spyware, disguised as a translation app, is targeting Iranian citizens. Anyone who downloads apps onto their Android smartphone or tablet should have security software installed if possible. Especially when the desired translation app turns out to be a spy tool - and suddenly personal data changes hands. This is exactly what is currently happening in Iran, according to researchers at the IT security manufacturer ESET. APT-C-50 group Domestic Kitten Apparently the Iranian APT-C-50 group "Domestic Kitten" is running such a campaign. In a translation app, she hides a new version of the…

Read more