eset
Latest
Ukraine says Russian hackers tried and failed to attack an energy provider
ESET and Microsoft helped fend off the cyberattack.
Microsoft helped disrupt the infamous Trickbot botnet
Microsoft has confirmed that it and partners disrupted the Trickbot botnet in a bid to protect US elections.
Multiple antivirus apps are vulnerable to common security flaws
At least 28 well-known antivirus apps could be exploited by shared security flaws, and a few are still vulnerable now.
Yes Chrome is scanning your Windows PC, but it might be a bug
A few days ago Kelly Shortridge, a product manager at SecurityScorecard detected some unexpected behavior on her PC, as a honeypot Canarytoken reported being accessed by Chrome.exe. That's not what you'd expect from a web browser normally, except for one thing -- Google did add some antivirus-y capabilities to its browser on Windows late last year as an enhancement to its Chrome Cleanup tool that can help reset hijacked settings. Google Chrome security lead Justin Schuh explained how the feature works and pointed to some documentation about it, and that was that -- until last night. If you are hitting this issue and you want a fix right now then go to chrome://downloads in your browser, go to the menu in the top right, and select Clear All. That will clear Chrome's list of downloaded files so that it won't have any files to existence-check at startup. If you have a large list of downloaded files then this will improve startup time slightly. It turns out the "AV scanning" wasn't that at all, and what it was doing could affect you right now. It turns out that Chrome is checking the integrity of downloaded files at startup, and a bug lead it to that particular folder. It relies on the Downloaded History list for this check, and if you have a lot of files in there, it could slow down your computer when you start Chrome. While the dev team is working to skip the check entirely in a future update, users worried about it can fix it by clearing their download history. Easy, right?
New ransomware is causing major issues across Europe and Russia
There's a new ransomware making the rounds today with confirmed targets in Russia, Ukraine, Turkey and Germany. Kaspersky Labs says that nearly 200 victims have been hit with the ransomware that's been dubbed Bad Rabbit.
Malware infects computers by hiding in browser ad GIFs
Unless you still use Internet Explorer (and please don't do that), you probably don't have to worry about new malware discovered by Eset researchers. However, the Stegano exploit kit shows how adept hackers have become at slipping infected ads past major networks and then hiding the malware from discovery. It's been operating stealthily for the last two years and specifically targeting corporate payment and banking services.
Unofficial BitTorrent app once again linked to Mac malware
The developers of Transmission can't catch a break. Just months after their BitTorrent app was linked to the first known instance of Mac ransomware, security researchers at ESET have pinpointed another form of malware taking advantage of Transmission to infect Mac users. Keydnap, as it's called, takes advantage of a modified version of Transmission (planted on the developer's site without its knowledge) to attack your computer. It's similar to the ransomware's approach in more ways than just its choice of host app -- it even uses a signing key to trick Apple's Gatekeeper safeguard into letting it through.
Watch out for fraudulent 'Pokémon Go' apps
It's official: Pokémon Go has become a major phenomenon: It's getting people interested in augmented reality, inspiring filmmakers and even helping players cope with anxiety. Unfortunately, it's also creating targets for malware developers. According to the antivirus folks at ESET, at least three fake Pokémon Go apps have been spotted on the Google Play store since the game launched. One of them has the unsettling distinction of being the first malicious, fraudulent screen-locking app to surface on Google Play.
Makers of uncrackable ransomware hand over the key
The creators of a virus that forces users to pay to recover their own files seem to have turned over a new leaf. Security researchers at ESET are reporting that TeslaCrypt's developers posted the master encryption key, enabling ESET to develop a free fix. According to the firm, the creators of the virus were "wrapping up" their activities, and when a researcher asked for the master key, it was simply handed over. ESET has subsequently been able to produce a decryption tool (available here) that'll enable anyone affected to get their files back.
A taste of Macworld/iWorld 2013: Bowblade, Eset, Kanex and more
Here's a little taste of the atmosphere on the floor of Macworld/iWorld 2013, plus a closer look at the Bowblade we wrote up yesterday, a chat with the antivirus/anti-malware maker Eset, and a look at what's new from Kanex. Enjoy!
