2022 witnessed a drop in exploited zero-days
Malicious threat actors have actively exploited 55 zero-days in 2022 – down from 81 in 2021 – with Microsoft, Google, and Apple products being most targeted. 53 …
cybercrime
Tracking the global spread of malware
Approximately 10-16 percent of organizations have shown evidence of malicious command and control (C2) activities, strongly indicating a network breach within the last year, …
Data loss prevention company hacked by Tick cyberespionage group
ESET researchers have uncovered a compromise of an East Asian data loss prevention (DLP) company. The attackers utilized at least three malware families during the intrusion, …
Alleged seller of NetWire RAT arrested in Croatia
This week, as part of a global law enforcement operation, federal authorities in Los Angeles successfully confiscated www.worldwiredlabs.com, a domain utilized by …
Internet crime in 2022: Over $3 billion lost to investment scammers
“In 2022, investment scam losses were the most (common or dollar amount) scheme reported to the Internet Crime Complaint Center (IC3),” the FBI shared in its 2022 …
China-aligned APT is exploring new technology stacks for malicious tools
ESET researchers have analyzed MQsTTang, a custom backdoor that they attribute to the China-aligned Mustang Panda APT group. This backdoor is part of an ongoing campaign that …
Law enforcement teams score major win against DoppelPaymer ransomware gang
In a joint effort, the German Regional Police, Ukrainian National Police, Europol, Dutch Police, and FBI joined forces on February 28, 2023, to take down the masterminds …
BlackLotus UEFI bootkit disables Windows security mechanisms
ESET researchers have published the first analysis of a UEFI bootkit capable of circumventing UEFI Secure Boot, a critical platform security feature. The functionality of the …
Expert strategies for defending against multilingual email-based attacks
BEC (Business Email Compromise) attacks have become increasingly prevalent in recent years, with cybercriminals using a variety of tactics to gain access to sensitive …
Resecurity identified the investment scam network Digital Smoke
Resecurity identified one of the largest investment fraud networks by size and volume of operations created to defraud Internet users from Australia, Canada, China, Colombia, …
FTC reveals alarming increase in scam activity, costing consumers billions
Newly released Federal Trade Commission (FTC) data shows that consumers reported losing nearly $8.8 billion to fraud in 2022, an increase of more than 30 percent over the …
Wiper malware goes global, destructive attacks surge
The threat landscape and organizations’ attack surface are constantly transforming, and cybercriminals’ ability to design and adapt their techniques to suit this evolving …