Week in security with Tony Anscombe

Share ESET research into Winnti Group’s new backdoor – A dangerous Android app under the microscope – The BIAS Bluetooth bug ESET researchers have published a deep-dive into a new backdoor, PipeMon, that the Winnti Group has deployed against several video gaming companies in Asia. Also this week, ESET researchers released their analysis of “DEFENSOR […]

Insidious Android malware gives up all malicious features but one to gain stealth

ESET researchers detect a new way of misusing Accessibility Service, the Achilles’ heel of Android security ESET researchers have analyzed an extremely dangerous Android app that can perform a host of nefarious actions, notably wiping out the victim’s bank account or cryptocurrency wallet and taking over their email or social media accounts. Called “DEFENSOR ID”, […]

How encryption can help protect your sensitive data

Here’s how encryption can help keep your data safe from prying eyes – even if your device is stolen or your cloud account is hacked You probably store all kinds of sensitive information on your personal computer – or your smartphone, for that matter. For good measure, you may even store your data in the […]

Asnarök attackers twice modified attack midstream

In the hours after Sophos issued hotfixes that secured firewalls targeted by unknown threat actors, the attackers pivoted to a new phase of the attack, adding new components—including files intended to spread ransomware to unpatched Windows machines inside the network. Unfortunately for the threat actors, the hotfixes also prevented the subsequent attempted attacks. Since we […]

Chrome 83 arrives with enhanced security and privacy controls

New features include DNS over HTTPS, a Safety Check section and simpler cookie management Google has launched the hotly anticipated version 83 of its Chrome browser that comes complete with a raft of features originally planned for version 82, which was scrapped due to the COVID-19 pandemic. Most of all, the new release brings new […]

Ragnar Locker ransomware deploys virtual machine to dodge security

A new ransomware attack method takes defense evasion to a new level—deploying as a full virtual machine on each targeted device to hide the ransomware from view. In a recently detected attack, Ragnar Locker ransomware was deployed inside an Oracle VirtualBox Windows XP virtual machine. The attack payload was a 122 MB installer with a 282 […]