Search
744 results for “wmlive”
-
🎉 I am really thrilled to have won the 10th Péter Szőr award at @VirusBulletin. Congrats to all the authors of the nominated papers. They are all excellent pieces and know that I highly respect your work. It is very flattering to have our work recognized by our peers. #vb2024
https://infosec.exchange/@VirusBulletin/113248734129035293
Publishing exhaustive malware research paper is a _lot_ of work, and it wouldn't be possible for me without help. I'd like to thank our partners (NHTCU et al.) and the team @ESETresearch for technical and language reviews, as well as designers that render the final result.
If you are curious about our research, and to understand how a botnet of Linux servers has been around for 15 years stealing credit cards and cryptocurrency, and mangling HTTP traffic, the paper is available here: https://www.welivesecurity.com/en/eset-research/ebury-alive-unseen-400k-linux-servers-compromised-cryptotheft-financial-gain/
-
Zero-day exploit targets Telegram for Android.
A critical vulnerability dubbed "EvilVideo" allowed attackers to send malicious payloads disguised as multimedia files on Telegram.
Thankfully, Telegram patched this in July 2024 (v10.14.5+).
What's more concerning? The same threat actor was offering a "fully undetectable" Android cryptor service on underground forums.
#CybersecurityAlert #MobileSecurity #ZeroDay
https://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android/ -
ESET reported a targeted cyber espionage campaign (dubbed eXotic Visit) of Android users in India and Pakistan from November 2021 through to the end of 2023. All of the malicious apps have been removed from the Google Play store, along with 10 extra apps containing XploitSPY Android RAT code. The threat actors (tracked as Virtual Invaders) customized their malicious code by adding obfuscation, emulator detection, hiding C2 addresses, and using a native library. ESET describes campaign timeline, victimology, obfuscation techniques, and provides a technical analysis. IOC and MITRE ATT&CK TTPs listed. 🔗 https://www.welivesecurity.com/en/eset-research/exotic-visit-campaign-tracing-footprints-virtual-invaders/
#eXoticVisit #VirtualInvaders #threatintel #cyberespionage #india #Pakistan #IOC #XploitSPY #L3mon #AhMyth
-
ESET reported a targeted cyber espionage campaign (dubbed eXotic Visit) of Android users in India and Pakistan from November 2021 through to the end of 2023. All of the malicious apps have been removed from the Google Play store, along with 10 extra apps containing XploitSPY Android RAT code. The threat actors (tracked as Virtual Invaders) customized their malicious code by adding obfuscation, emulator detection, hiding C2 addresses, and using a native library. ESET describes campaign timeline, victimology, obfuscation techniques, and provides a technical analysis. IOC and MITRE ATT&CK TTPs listed. 🔗 https://www.welivesecurity.com/en/eset-research/exotic-visit-campaign-tracing-footprints-virtual-invaders/
#eXoticVisit #VirtualInvaders #threatintel #cyberespionage #india #Pakistan #IOC #XploitSPY #L3mon #AhMyth
-
ESET reported a targeted cyber espionage campaign (dubbed eXotic Visit) of Android users in India and Pakistan from November 2021 through to the end of 2023. All of the malicious apps have been removed from the Google Play store, along with 10 extra apps containing XploitSPY Android RAT code. The threat actors (tracked as Virtual Invaders) customized their malicious code by adding obfuscation, emulator detection, hiding C2 addresses, and using a native library. ESET describes campaign timeline, victimology, obfuscation techniques, and provides a technical analysis. IOC and MITRE ATT&CK TTPs listed. 🔗 https://www.welivesecurity.com/en/eset-research/exotic-visit-campaign-tracing-footprints-virtual-invaders/
#eXoticVisit #VirtualInvaders #threatintel #cyberespionage #india #Pakistan #IOC #XploitSPY #L3mon #AhMyth
-
ESET reported a targeted cyber espionage campaign (dubbed eXotic Visit) of Android users in India and Pakistan from November 2021 through to the end of 2023. All of the malicious apps have been removed from the Google Play store, along with 10 extra apps containing XploitSPY Android RAT code. The threat actors (tracked as Virtual Invaders) customized their malicious code by adding obfuscation, emulator detection, hiding C2 addresses, and using a native library. ESET describes campaign timeline, victimology, obfuscation techniques, and provides a technical analysis. IOC and MITRE ATT&CK TTPs listed. 🔗 https://www.welivesecurity.com/en/eset-research/exotic-visit-campaign-tracing-footprints-virtual-invaders/
#eXoticVisit #VirtualInvaders #threatintel #cyberespionage #india #Pakistan #IOC #XploitSPY #L3mon #AhMyth
-
ESET reported a targeted cyber espionage campaign (dubbed eXotic Visit) of Android users in India and Pakistan from November 2021 through to the end of 2023. All of the malicious apps have been removed from the Google Play store, along with 10 extra apps containing XploitSPY Android RAT code. The threat actors (tracked as Virtual Invaders) customized their malicious code by adding obfuscation, emulator detection, hiding C2 addresses, and using a native library. ESET describes campaign timeline, victimology, obfuscation techniques, and provides a technical analysis. IOC and MITRE ATT&CK TTPs listed. 🔗 https://www.welivesecurity.com/en/eset-research/exotic-visit-campaign-tracing-footprints-virtual-invaders/
#eXoticVisit #VirtualInvaders #threatintel #cyberespionage #india #Pakistan #IOC #XploitSPY #L3mon #AhMyth
-
ESET reports a cyberespionage campaign (dubbed eXotic Visit) targeting a select group of Android users in Pakistan and India from November 2021 through the end of 2023. The malicious apps pimarily pose as messaging services and are bundled with open-source XploitSPY malware. ESET describes the timeline, provides a technical analysis and IOC. Not enough evidence to attribute this activity to any known threat group. 🔗 https://www.welivesecurity.com/en/eset-research/exotic-visit-campaign-tracing-footprints-virtual-invaders/
-
I'm a big advocate of #SlowReading , but I have to agree with Sam that I read different kinds of books at different rates. How about you? | #LetsDiscuss2024 #reading #ReadingRate #bookstodon
Discussion - Reading Rate
https://www.weliveandbreathebooks.com/2024/03/discussion-reading-rate.html -
ESET Research reports that AceCryptor use surged in the second half of 2023. This included Remcos RAT campaigns for the first time, using compromised accounts for credibility in phishing emails. AceCryptor + Remcos campaigns targeted Poland, Bulgaria, Spain, and Serbia. Campaigns were described, MITRE ATT&CK TTPs and IOC provided. 🔗 https://www.welivesecurity.com/en/eset-research/rescoms-rides-waves-acecryptor-spam/
#AceCryptor #threatintel #IOC #Remcos #RemcosRAT #VidarStealer #Stopransomware #SmokeLoader
-
Die deutsche U17-Nationalmannschaft wollte nach dem Gewinn des EM-Titels auch Weltmeister werden. Das Team von Trainer Christian Wück liefert sich im Finale mit Frankreich einen großen Kampf. Und siegt dann im Elfmeterschießen mit 4:3.#DFB #Chlebna-Rouven #U-17FußballWM #DFBDeutscherFußball-Bund #Fußball #ChristianWück #MarioGötze #Augsburg #RiodeJaneiro #Twitter #Fussball #SaimonBouabré #BilalYalcinkaya #HamburgerSV #NoahDarvich #KonstantinHeide #Argentinien #Surakarta #Frankreich #U17-Fußballer
U17-WM live: Dramatisches Finale – Deutschland ist Weltmeister -
Die deutsche U17-Nationalmannschaft will nach dem Gewinn des EM-Titels nun auch Weltmeister werden. Das Team von Trainer Christian Wück trifft im Finale auf Frankreich. Verfolgen Sie das Spiel hier im Liveticker.#DFB #Chlebna-Rouven #U-17FußballWM #DFBDeutscherFußball-Bund #Fußball #ChristianWück #MarioGötze #Augsburg #RiodeJaneiro #Twitter #Fussball #SaimonBouabré #BilalYalcinkaya #HamburgerSV #NoahDarvich #KonstantinHeide #Argentinien #Indonesien #Surakarta #Frankreich #U17-Fußballer
U17-WM live: Dramatisches Finale – Deutschland ist Weltmeister -
Die deutsche U17-Nationalmannschaft will nach dem Gewinn des EM-Titels nun auch Weltmeister werden. Das Team von Trainer Christian Wück trifft im Finale auf Frankreich. Verfolgen Sie das Spiel hier im Liveticker.#DFB #Chlebna-Rouven #U-17FußballWM #DFBDeutscherFußball-Bund #Fußball #Jakarta #ChristianWück #MarioGötze #Augsburg #RiodeJaneiro #Twitter #Fussball #SaimonBouabré #BilalYalcinkaya #HamburgerSV #NoahDarvich #Frankreich #U17-Fußballer
U17-WM live: Deutschland kassiert gegen Frankreich den Ausgleich -
Die deutsche U17-Nationalmannschaft will nach dem Gewinn des EM-Titels nun auch Weltmeister werden. Das Team von Trainer Christian Wück trifft im Finale auf Frankreich. Verfolgen Sie das Spiel hier im Liveticker.#DFB #Chlebna-Rouven #U-17FußballWM #DFBDeutscherFußball-Bund #Fußball #Jakarta #ChristianWück #MarioGötze #Augsburg #RiodeJaneiro #Twitter #Fussball #SaimonBouabré #NoahDarvich #BilalYalcinkaya #HamburgerSV #Frankreich #U17-Fußballer
U17-WM live: Deutschland kassiert gegen Frankreich den Ausgleich -
Die deutsche U17-Nationalmannschaft will nach dem Gewinn des EM-Titels nun auch Weltmeister werden. Das Team von Trainer Christian Wück trifft im Finale auf Frankreich. Verfolgen Sie das Spiel hier im Liveticker.#DFB #Chlebna-Rouven #U-17FußballWM #DFBDeutscherFußball-Bund #Fußball #Jakarta #ChristianWück #MarioGötze #Augsburg #RiodeJaneiro #Twitter #Fussball #SaimonBouabré #ManahanStadion #Indonesien #FodeSylla #Surakarta #DeutschlandFrankreich #NoahDarvich #U17-Fußballer
U17-WM live: Deutschland erhöht, doch Frankreich schlägt sofort zurück -
Die deutsche U17-Nationalmannschaft will nach dem Gewinn des EM-Titels nun auch Weltmeister werden. Das Team von Trainer Christian Wück trifft im Finale auf Frankreich. Verfolgen Sie das Spiel hier im Liveticker.#DFB #Chlebna-Rouven #U-17FußballWM #DFBDeutscherFußball-Bund #Fußball #Jakarta #ChristianWück #MarioGötze #Augsburg #RiodeJaneiro #Twitter #Fussball #Frankreich #U17-Fußballer
U17-WM live: Pause – Deutschland führt hochverdient gegen Frankreich -
Die deutsche U17-Nationalmannschaft will nach dem Gewinn des EM-Titels nun auch Weltmeister werden. Das Team von Trainer Christian Wück trifft im Finale auf Frankreich. Verfolgen Sie das Spiel hier im Liveticker.#DFB #Chlebna-Rouven #U-17FußballWM #DFBDeutscherFußball-Bund #Fußball #Jakarta #ChristianWück #MarioGötze #Augsburg #RiodeJaneiro #Twitter #Fussball #Frankreich #U17-Fußballer
U17-WM live: Deutschland drängt gegen Frankreich auf die Führung -
"⚰️ Mozi Botnet's Mysterious Demise: The Kill Switch Discovery 🕵️♂️"
Researchers at ESET have uncovered the kill switch that led to the abrupt downfall of the Mozi botnet, a notorious threat to IoT devices. The botnet's activity plummeted in August 2023, first in India and then in China, as a result of a control payload delivered via UDP, bypassing the BitTorrent DHT protocol. This strategic takedown raises questions about its orchestrators - the botnet creators themselves or Chinese law enforcement. 🤔💡
Tags: #MoziBotnet #KillSwitch #CyberForensics #IoTSecurity #BotnetTakedown #ESETResearch #CyberSecurity #ThreatIntelligence
Credit: Ivan Bešina, Michal Škuta, Miloš Čermák via WeLiveSecurity
For a detailed analysis of the Mozi botnet's kill switch and its implications, stay tuned to ESET's upcoming publications. Meanwhile, explore the MITRE ATT&CK techniques used:
- Resource Development: Acquiring infrastructure like virtual private servers.
- Initial Access: Exploiting public-facing applications.
- Persistence: Using boot or logon initialization scripts.
- Exfiltration: Sending data over unencrypted protocols.
- Impact: Stopping services and blocking access with iptables.
-
ICYMI~ ESET Research discovered a zero-day XSS vulnerability (#CVE-2023-5631) in Roundcube Webmail servers. It is actively used in the wild by #WinterVivern to target governments and a think tank in Europe. The exploit was contained in a legitimate-looking email about Outlook. Check it out. 👀https://www.welivesecurity.com/en/eset-research/winter-vivern-exploits-zero-day-vulnerability-roundcube-webmail-servers/
-
ICYMI~ ESET Research discovered a zero-day XSS vulnerability (#CVE-2023-5631) in Roundcube Webmail servers. It is actively used in the wild by #WinterVivern to target governments and a think tank in Europe. The exploit was contained in a legitimate-looking email about Outlook. Check it out. 👀https://www.welivesecurity.com/en/eset-research/winter-vivern-exploits-zero-day-vulnerability-roundcube-webmail-servers/
-
ICYMI~ ESET Research discovered a zero-day XSS vulnerability (#CVE-2023-5631) in Roundcube Webmail servers. It is actively used in the wild by #WinterVivern to target governments and a think tank in Europe. The exploit was contained in a legitimate-looking email about Outlook. Check it out. 👀https://www.welivesecurity.com/en/eset-research/winter-vivern-exploits-zero-day-vulnerability-roundcube-webmail-servers/
-
ICYMI~ ESET Research discovered a zero-day XSS vulnerability (#CVE-2023-5631) in Roundcube Webmail servers. It is actively used in the wild by #WinterVivern to target governments and a think tank in Europe. The exploit was contained in a legitimate-looking email about Outlook. Check it out. 👀https://www.welivesecurity.com/en/eset-research/winter-vivern-exploits-zero-day-vulnerability-roundcube-webmail-servers/
-
#ESETresearch discovered a #backdoor we have named Sponsor, used in a #BallisticBobcat (aka Charming Kitten, #TA453, #APT35, or #PHOSPHORUS) campaign targeting various entities in Brazil, Israel, and the United Arab Emirates. Check it out: https://welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/
-
#ESETresearch discovered a #backdoor we have named Sponsor, used in a #BallisticBobcat (aka Charming Kitten, #TA453, #APT35, or #PHOSPHORUS) campaign targeting various entities in Brazil, Israel, and the United Arab Emirates. Check it out: https://welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/
-
#ESETresearch discovered a #backdoor we have named Sponsor, used in a #BallisticBobcat (aka Charming Kitten, #TA453, #APT35, or #PHOSPHORUS) campaign targeting various entities in Brazil, Israel, and the United Arab Emirates. Check it out: https://welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/
-
#ESETresearch discovered a #backdoor we have named Sponsor, used in a #BallisticBobcat (aka Charming Kitten, #TA453, #APT35, or #PHOSPHORUS) campaign targeting various entities in Brazil, Israel, and the United Arab Emirates. Check it out: https://welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/
-
#ESETresearch discovered a #backdoor we have named Sponsor, used in a #BallisticBobcat (aka Charming Kitten, #TA453, #APT35, or #PHOSPHORUS) campaign targeting various entities in Brazil, Israel, and the United Arab Emirates. Check it out: https://welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/
-
Today 👀💻 ESET Research discovered a trojanized Android app that had been available on the Google Play store with over 50,000 installs. #ESETresearch named this #Android malware AhRat, as it is based on the open-source #AhMyth Android RAT. Great work by @lukasstefanko
https://www.welivesecurity.com/2023/05/23/android-app-breaking-bad-legitimate-screen-recording-file-exfiltration/ -
Today 👀💻 ESET Research discovered a trojanized Android app that had been available on the Google Play store with over 50,000 installs. #ESETresearch named this #Android malware AhRat, as it is based on the open-source #AhMyth Android RAT. Great work by @lukasstefanko
https://www.welivesecurity.com/2023/05/23/android-app-breaking-bad-legitimate-screen-recording-file-exfiltration/ -
Today 👀💻 ESET Research discovered a trojanized Android app that had been available on the Google Play store with over 50,000 installs. #ESETresearch named this #Android malware AhRat, as it is based on the open-source #AhMyth Android RAT. Great work by @lukasstefanko
https://www.welivesecurity.com/2023/05/23/android-app-breaking-bad-legitimate-screen-recording-file-exfiltration/