How to Stay Protected From Malware While Online at Home
Our everyday lives are not what they used to be three months ago. Many users have made the transition from working in an office to working from home and students have adopted distance learning. But while the world focuses on one virus sweeping the globe, criminals see an opportunity to spread other types of viruses across our networks and devices. […] more…Good Malware Protection Doesn’t Need to Slow You Down!
Good malware protection doesn’t need to slow you down! “Security software slows down my PC.” This is a comment that is often heard when talking about malware protection on computers and laptops. While this may be true for many security products, even including the security software that is built into the Windows operating system, this […] more…Cyberthreats on lockdown
Every year, our anti-malware research team releases a series of reports on various cyberthreats: financial malware, web attacks, exploits, etc. As we monitor the increase, or decrease, in the number of certain threats, we do not usually associate these changes with concurrent world events – unless these events have a direct relation to the cyberthreats, […] more…Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments
By Joey Chen (Threats Analyst) Tropic Trooper, a threat actor group that targets government, military, healthcare, transportation, and high-tech industries in Taiwan, the Philippines, and Hong Kong, has been active since 2011. The group was reportedly using spear-phishing emails with weaponized attachments to exploit known vulnerabilities. Primarily motivated by information theft and espionage, the group […] more…World Password Day 2020
Are Your Password Habits Keeping You Safe Online? Learning how to navigate our entire lives online has definitely been a steep learning curve for many of us over the last few weeks. Whether it’s working from home, helping our kids learn from home, conducting ‘wine time’ from home or even doing our Zumba classes from […] more…How to Ace Your Video Interview: Job Hunting From Home
How to Ace Your Video Interview: Job Hunting from Home, Part Two So, it’s game day. Your online video interview is about to begin, and you’re feeling good. Okay, so maybe there are just a few nerves, but you know you’ve got this. The space you’ve set up for your call is all in order […] more…DDoS attacks in Q1 2020
News overview Since the beginning of 2020, due to the COVID-2019 pandemic, life has shifted almost entirely to the Web — people worldwide are now working, studying, shopping, and having fun online like never before. This is reflected in the goals of recent DDoS attacks, with the most targeted resources in Q1 being websites of […] more…School From Home: Project-Based Learning
School from Home: Project-Based Learning If keeping your kids on task and engaged with schoolwork from home is proving to be a challenge, you aren’t alone. We recently surveyed families and found that keeping kids focused was at the top of parent concerns right alongside establishing a routine. Just as school-aged kids can often struggle […] more…Flaw in defunct WordPress plugin exploited to create backdoor
A vulnerability in the defunct OneTone WordPress theme plugin is being exploited to compromise entire sites while installing backdoor admin accounts. more…Remote spring: the rise of RDP bruteforce attacks
With the spread of COVID-19, organizations worldwide have introduced remote working, which is having a direct impact on cybersecurity and the threat landscape. Alongside the higher volume of corporate traffic, the use of third-party services for data exchange, and employees working on home computers (and potentially insecure Wi-Fi networks), another headache for infosec teams is […] more…Connect With Confidence: Benefits of Using a Personal VPN
Protect your digital life The recent surge in work from home is likely accompanied by a corresponding increase in corporate VPN (virtual private network) usage. More and more employees who would typically be connected at the office are using these protected networks to access confidential documents and sites. To some, these corporate VPNs are simply a tunnel into their work lives. But what about the benefits of a personal VPN? What is a VPN […] more…Duplicated Vulnerabilities in WordPress Plugins
During a recent plugin audit, we noticed a weird pattern among many plugins responsible for performing a specific task: Duplicating a page or a post. With a bit of research, we came to the following conclusion: Many of these plugins came from the same source — and contained the same vulnerabilities. SQL Injections in Vulnerable […] more…School #FromHome: Bring Structure to Your Day
School #FromHome: Bring Structure to Your Day Whether you’re a few weeks into a school closure or going on a few months now, you’re no doubt helping your school-aged children—and even your college kids—settle into a new routine that involves learning from home. Needless to say, it’s an adjustment for everyone as you and […] more…Exposing Modular Adware: How DealPly, IsErIk, and ManageX Persist in Systems
By RonJay Caragay, Fe Cureg, Ian Lagrazon, Erika Mendoza, and Jay Yaneza (Threats Analysts) Adware isn’t new and they don’t spark much interest. A lot of them are overlooked and underestimated because they’re not supposed to cause harm — as its name suggests, adware is advertising-supported software. However, we have constantly observed suspicious activities caused […] more…Unkillable xHelper and a Trojan matryoshka
It was the middle of last year that we detected the start of mass attacks by the xHelper Trojan on Android smartphones, but even now the malware remains as active as ever. The main feature of xHelper is entrenchment — once it gets into the phone, it somehow remains there even after the user deletes […] more…Analyzing & Decrypting L4NC34’s Simple Ransomware
We’re constantly seeing news about computers being infected by ransomware, but very little do we hear about it affecting websites. That being said, the impact can be serious if the affected website is the webmaster’s only source of income or a business relies entirely on it’s website and online presence. When the word ransomware is […] more…More information
- ConnectWise Rushes to Patch Critical Vulns in Remote Access Tool
- Encyclopedia Britannica sues OpenAI over AI training
- Malware targeting energy companies in the USA and Europe
- MWC 2017: What We Learned About the Mobile Landscape
- Google sees a silver lining in NSA spying
- ICS/OT Security Firms Announce Product Updates
- Learning from the Equifax breach [VIDEO]
- S3 Ep55: Live malware, global encryption, dating scams, and secret emanations [Podcasts]
- Microsoft SharePoint Server CVE-2018-8323 Remote Privilege Escalation Vulnerability
- Bill Gates: Cryptocurrencies killing people in “fairly direct way”