Emotet strikes Quebec’s Department of Justice: An ESET Analysis

The cyber attack affects 14 inboxes belonging to the Department of Justice was confirmed by ESET researchers.  ESET’s team of malware researchers in Montreal, in collaboration with journalist Hugo Joncas, helped shed light on a cyber attack that affected the Quebec Department of Justice.  Indeed, on August 11 and 12, the Department of Justice suffered a cyber attack in which malicious actors used malicious software to infect 14 inboxes under the Department‘s jurisdiction. The attackers were thus able to access the emails addressed to these addresses. Alexis Dorais-Joncas (no relation), director of ESET’s R&D office in Montreal identified that the hackers used a version of the malware Emotet, whose malicious campaigns have been running for several years.    In the case of this latest attack, the hackers used the stolen information to spread their malware in [...]

Sports data for ransom – it’s not all just fun and games anymore

However, change lay just around the corner. With wireless communication standards beginning to proliferate in the early 2000s, the missing element was the transformation and integration of personal communications and computing. From there, data-driven sports tech could go fully commercial. Integration – enter the era of smartphones In the year 2000, mobile phones began to connect to the nascent 3G network. With the 1st generation iPhone released January 9th, 2007 – followed by the first Android device in September 2008 – data-driven sports technology and consumers’ appetite for social sharing were on a collision course. The introduction of smartphones allowed user access to multiple service types as well as other devices. This [...]

Zoom makes 2FA available for all its users

Zoom now supports phone calls, text messages and authentication apps as forms of two-factor authentication   Zoom is rolling out support for two-factor authentication (2FA) across its web, desktop, and mobile applications, allowing users to double down on the security of their accounts with an extra layer of protection.  For context, 2FA systems require users to pass authentication challenges that need responses from two different factors. There are three classic authentication factors that are commonly used – something you know like a password or PIN code, something you have such as physical keys  or authentication apps, and something you are, this includes biometrics like fingerprints or retina scans.  The videoconferencing platform announced the new security feature in a blog stating: “Zoom’s enhanced Two-Factor Authentication (2FA) makes it [...]

Portland passes the strictest facial recognition technology ban in the US yet 

Oregon’s largest city aims to be a trailblazer when it comes to facial recognition legislation . On Wednesday, The Portland City Council passed what could be considered one of the strictest facial recognition bans in the United States. The legislation bans both city government agencies and private businesses from using the technology on the city’s grounds.  While bans on the public use of facial recognition have been previously passed by other cities, Portland is the first to bar private use of this technology. As stated by Portland City Council Commissioner Jo Ann Hardesty, quoted by OneZero: “I believe what we’re passing is model legislation that the rest of the country will be emulating as soon as we have completed our work here.”  The bill that was [...]

Who is calling? CDRThief targets Linux VoIP softswitches

ESET researchers have discovered and analyzed malware that targets Voice over IP (VoIP) softswitches. This new malware that we have discovered and named CDRThief is designed to target a very specific VoIP platform, used by two China-produced softswitches (software switches): Linknat VOS2009 and VOS3000. A softswitch is a core element of a VoIP network that provides call control, billing, and management. These softswitches are software-based solutions that run on standard Linux servers. The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, including call detail records (CDR). CDRs contain metadata about VoIP calls such as caller and callee IP addresses, starting time of the call, call [...]

UK University suffers cyberattack, ransomware gang claims responsibility 

The cyber incident has taken most of Newcastle University’s systems offline and officials estimates it will take weeks to recover.  While students are slowly preparing to return to their universities and colleges after a prolonged absence due to the Covid-19 pandemic, Newcastle University in England has been left reeling from a cybersecurity incident that has affected almost all its systems.  The university first became aware of the cyber incident disrupting its networks and IT systems on Sunday, August 30th, and deployed a full incident response plan to evaluate the extent of the issue and stabilize the situation.  Although Newcastle University only stated that it suffered a cyberattack without identifying a culprit, according to BleepingComputer the DoppelPaymer ransomware gang is claiming credit for the attack sharing 750Kb of stolen [...]