Internet Security
What makes Starmus unique? – A Q&A with award-winning filmmaker Todd Miller
The director of the Apollo 11 movie shares his views about the role of technology in addressing pressing global challenges as well as why he became involved with Starmus....
How technology drives progress – A Q&A with Nobel laureate Michel Mayor
We spoke to Michel Mayor about the importance of public engagement with science and fostering responsibility among the youth for the preservation of our changing planet...
The vision behind Starmus – A Q&A with the festival’s co-founder Garik Israelian
Dr. Israelian talks about Starmus's vision and mission, the importance of inspiring and engaging audiences, and the strong sense of community within the Starmus universe...
Protecting yourself after a medical data breach – Week in security with Tony Anscombe
What are the risks and consequences of having your health data exposed and what are the steps to take if it happens to you?...
The many faces of impersonation fraud: Spot an imposter before it’s too late
What are some of the most common giveaway signs that the person behind the screen or on the other end of the line isn’t who they claim to be?...
The ABCs of how online ads can impact children’s well-being
From promoting questionable content to posing security risks, inappropriate ads present multiple dangers for children. Here’s how to help them stay safe....
eXotic Visit includes XploitSPY malware – Week in security with Tony Anscombe
Almost 400 people in India and Pakistan have fallen victim to an ongoing Android espionage campaign called eXotic Visit...
Bitcoin scams, hacks and heists – and how to avoid them
Here’s how cybercriminals target cryptocurrencies and how you can keep your bitcoin or other crypto safe...
Beyond fun and games: Exploring privacy risks in children’s apps
Should children’s apps come with ‘warning labels’? Here's how to make sure your children's digital playgrounds are safe places to play and learn....
The devil is in the fine print – Week in security with Tony Anscombe
Temu's cash giveaway where people were asked to hand over vast amounts of their personal data to the platform puts the spotlight on the data-slurping practices of online services today...
RDP remains a security concern – Week in security with Tony Anscombe
Much has been written about the risks that poorly-secured RDP connections entail, but many organizations continue to leave themselves at risk and get hit by data breaches as a result...
How often should you change your passwords?
And is that actually the right question to ask? Here’s what else you should consider when it comes to keeping your accounts safe....
Malware hiding in pictures? More likely than you think
There is more to some images than meets the eye – their seemingly innocent façade can mask a sinister threat....
AceCryptor attacks surge in Europe – Week in security with Tony Anscombe
The second half of 2023 saw massive growth in AceCryptor-packed malware spreading in the wild, including courtesy of multiple spam campaigns where AceCryptor packed the Rescoms RAT...
Borrower beware: Common loan scams and how to avoid them
Personal loan scams prey on your financial vulnerability and might even trap you in a vicious circle of debt. Here’s how to avoid being scammed when considering a loan....
Cybercriminals play dirty: A look back at 10 cyber hits on the sporting world
This rundown of 10 cyberattacks against the sports industry shows why every team needs to keep its eyes on the ball when it comes to cybersecurity...
Cybersecurity starts at home: Help your children stay safe online with open conversations
Struggle to know how to help children and teens stay safe in cyberspace? A good ol’ fashioned chat is enough to put them on the right track....
A prescription for privacy protection: Exercise caution when using a mobile health app
Given the unhealthy data-collection habits of some mHealth apps, you’re well advised to tread carefully when choosing with whom you share some of your most sensitive data...
Healthcare still a prime target for cybercrime gangs – Week in security with Tony Anscombe
Healthcare organizations remain firmly in attackers' crosshairs, representing 20 percent of all victims of ransomware attacks among critical infrastructure entities in the US in 2023...
Threat intelligence explained | Unlocked 403: A cybersecurity podcast
We break down the fundamentals of threat intelligence and its role in anticipating and countering emerging threats...
Rescoms rides waves of AceCryptor spam
Insight into ESET telemetry statistics about AceCryptor in H2 2023 with a focus on Rescoms campaigns in European countries...
How to share sensitive files securely online
Here are a few tips for secure file transfers and what else to consider when sharing sensitive documents so that your data remains safe...
APT attacks taking aim at Tibetans – Week in security with Tony Anscombe
Evasive Panda has been spotted targeting Tibetans in several countries and territories with payloads that included a previously undocumented backdoor ESET has named Nightdoor...
Election cybersecurity: Protecting the ballot box and building trust in election integrity
What cyberthreats could wreak havoc on elections this year and how worried should we as voters be about the integrity of our voting systems?...
Top 10 scams targeting seniors – and how to keep your money safe
The internet can be a wonderful place. But it’s also awash with fraudsters preying on people who are susceptible to fraud....
Irresistible: Hooks, habits and why you can’t put down your phone
Struggle to part ways with your tech? You’re not alone. Here’s why your devices are your vices....
Deceptive AI content and 2024 elections – Week in security with Tony Anscombe
As the specter of AI-generated disinformation looms large, tech giants vow to crack down on fabricated content that could sway voters and disrupt elections taking place around the world this year...
Evasive Panda leverages Monlam Festival to target Tibetans
ESET researchers uncover strategic web compromise and supply-chain attacks targeting Tibetans...
eXotic Visit campaign: Tracing the footprints of Virtual Invaders
ESET researchers uncovered the eXotic Visit espionage campaign that targets users mainly in India and Pakistan with seemingly innocuous apps...
Vulnerabilities in business VPNs under the spotlight
As adversaries increasingly set their sights on vulnerable enterprise VPN software to infiltrate corporate networks, concerns mount about VPNs themselves being a source of cyber risk...
PSYOP campaigns targeting Ukraine – Week in security with Tony Anscombe
Coming in two waves, the campaign sought to demoralize Ukrainians and Ukrainian speakers abroad with disinformation messages about war-related subjects...
10 things to avoid posting on social media – and why
Do you often take to social media to broadcast details from your life? Here’s why this habit may put your privacy and security at risk....
Cyber-insurance and vulnerability scanning – Week in security with Tony Anscombe
Here's how the results of vulnerability scans factor into decisions on cyber-insurance and how human intelligence comes into play in the assessment of such digital signals...
What is AI, really? | Unlocked 403: A cybersecurity podcast
Artificial intelligence is on everybody’s lips these days, but there are also many misconceptions about what AI actually is and isn’t. We unpack AI's basics, applications and broader implications....
Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war
A mix of PSYOPs, espionage and … fake Canadian pharmacies!...
Everything you need to know about IP grabbers
Unsuspecting users beware, IP grabbers do not ask for your permission....
Watching out for the fakes: How to spot online disinformation
Why and how are we subjected to so much disinformation nowadays, and is there a way to spot the fakes?...
Ransomware payments hit a record high in 2023 – Week in security with Tony Anscombe
Called a "watershed year for ransomware", 2023 marked a reversal from the decline in ransomware payments observed in the previous year...
Deepfakes in the global election year of 2024: A weapon of mass deception?
As fabricated images, videos and audio clips of real people go mainstream, the prospect of a firehose of AI-powered disinformation is a cause for mounting concern...
7 reasons why cybercriminals want your personal data
Here's what drives cybercriminals to relentlessly target the personal information of other people – and why you need to guard your data like your life depends on it...
Blue Team toolkit: 6 open-source tools to assess and enhance corporate defenses
Here’s how the blue team wards off red teamers and a few open-source tools it may leverage to identify chinks in the corporate armor...
Grandoreiro banking malware disrupted – Week in security with Tony Anscombe
The banking trojan, which targeted mostly Brazil, Mexico and Spain, blocked the victim’s screen, logged keystrokes, simulated mouse and keyboard activity and displayed fake pop-up windows...
The buck stops here: Why the stakes are high for CISOs
Heavy workloads and the specter of personal liability for incidents take a toll on security leaders, so much so that many of them look for the exits. What does this mean for corporate cyber-defenses?...
Could your Valentine be a scammer? How to avoid getting caught in a bad romance
With Valentine’s Day almost upon us, here’s some timely advice on how to prevent scammers from stealing more than your heart...
ESET Research Podcast: ChatGPT, the MOVEit hack, and Pandora
An AI chatbot inadvertently kindles a cybercrime boom, ransomware bandits plunder organizations without deploying ransomware, and a new botnet enslaves Android TV boxes...
ESET takes part in global operation to disrupt the Grandoreiro banking trojan
ESET provided technical analysis, statistical information, known C&C servers and was able to get a glimpse of the victimology...
Blackwood hijacks software updates to deploy NSPX30 – Week in security with Tony Anscombe
The previously unknown threat actor used the implant to target Chinese and Japanese companies, as well as individuals in China, Japan, and the UK...
Cyber: The Swiss army knife of tradecraft
In today’s digitally interconnected world, advanced cyber capabilities have become an exceptionally potent and versatile tool of tradecraft for nation-states and criminals alike...
VajraSpy: A Patchwork of espionage apps
ESET researchers discovered several Android apps carrying VajraSpy, a RAT used by the Patchwork APT group...
Assessing and mitigating supply chain cybersecurity risks
Blindly trusting your partners and suppliers on their security posture is not sustainable – it’s time to take control through effective supplier risk management...
Why many CISOs consider quitting – Week in security with Tony Anscombe
The job of a CISO is becoming increasingly stressful as cybersecurity chiefs face overwhelming workloads and growing concerns over personal liability for security failings...
Break the fake: The race is on to stop AI voice cloning scams
As AI-powered voice cloning turbocharges imposter scams, we sit down with ESET’s Jake Moore to discuss how to hang up on ‘hi-fi’ scam calls – and what the future holds for deepfake detection...
NSPX30: A sophisticated AitM-enabled implant evolving since 2005
ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group we have named Blackwood...
Virtual kidnapping: How to see through this terrifying scam
Phone fraud takes a frightening twist as fraudsters can tap into AI to cause serious emotional and financial damage to the victims...
Is Temu safe? What to know before you ‘shop like a billionaire’
Here are some scams you may encounter on the shopping juggernaut, plus a few simple steps you can take to help safeguard your data while bagging that irresistible deal...
The 7 deadly cloud security sins – and how SMBs can do things better
By eliminating these mistakes and blind spots, your organization can take massive strides towards optimizing its use of cloud without exposing itself to cyber-risk...
Lessons from SEC's X account hack – Week in security with Tony Anscombe
The cryptocurrency rollercoaster never fails to provide a thrilling ride – this week it was a drama surrounding the hack of SEC's X account right ahead of the much-anticipated decision about Bitcoin ETFs...
Attack of the copycats: How fake messaging apps and app mods could bite you
WhatsApp, Telegram and Signal clones and mods remain a popular vehicle for malware distribution. Don’t get taken for a ride....
Love is in the AI: Finding love online takes on a whole new meaning
Is AI companionship the future of not-so-human connection – and even the cure for loneliness?...
Cybersecurity trends and challenges to watch out for in 2024 – Week in security with Tony Anscombe
What are some of the key cybersecurity trends that people and organizations should have on their radars this year?...
Lost and found: How to locate your missing devices and more
Losing your keys, your wallet – or anything else, really – can be a pain, but there is a wide world of trackers that can help you locate your missing things – with awesome accuracy...
Cracking the 2023 SANS Holiday Hack Challenge
From ChatNPT to Game Boys and space apps, this year’s challenge took us to the Geese Islands for another rollicking romp of fun...
The art of digital sleuthing: How digital forensics unlocks the truth
Learn how the cyber variety of CSI works, from sizing up the crime scene and hunting for clues to piecing together the story that the data has to tell...
A peek behind the curtain: How are sock puppet accounts used in OSINT?
How wearing a ‘sock puppet’ can aid the collection of open source intelligence while insulating the ‘puppeteer’ from risks...
Key findings from ESET Threat Report H2 2023 – Week in security with Tony Anscombe
How cybercriminals take advantage of the popularity of ChatGPT and other tools of its ilk to direct people to sketchy sites, plus other interesting findings from ESET's latest Threat Report...
A year in review: 10 of the biggest security incidents of 2023
As we draw the curtain on another eventful year in cybersecurity, let’s review some of the high-profile cyber-incidents that befell various organizations this year...
Got a new device? 7 things to do before disposing of your old tech
Before getting rid of your no-longer-needed device, make sure it doesn’t contain any of your personal documents or information...
Safeguard the joy: 10 tips for securing your shiny new device
Unwrapping a new gadget this holiday season will put a big smile on your face but things may quickly turn sour if the device and data on it aren’t secured properly...
New iOS feature to thwart eavesdropping – Week in security with Tony Anscombe
Your iPhone has just received a new feature called iMessage Contact Key Verification that is designed to help protect your messages from prying eyes...
ESET Threat Report H2 2023
A view of the H2 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts...
These aren’t the Androids you should be looking for
You may get more than you bargained for when you buy a budget-friendly smartphone and forgo safeguards baked into Google Play...
ESET Research Podcast: Neanderthals, Mammoths and Telekopye
ESET researchers discuss the dynamics within and between various groups of scammers who use a Telegram bot called Telekopye to scam people on online marketplaces...
Black Hat Europe 2023: Should we regulate AI?
ChatGPT would probably say "Definitely not!", but will we learn any lessons from the rush to regulate IoT in the past?...
Delivering trust with DNS security
Can DNS protection technology transform consumers’ worries about cybercrime with a trust-based approach?...
Surge in deceptive loan apps – Week in security with Tony Anscombe
ESET Research reveals details about a growth in the number of deceptive loan apps on Android, their origins and modus operandi....
Black Hat Europe 2023: The past could return to haunt you
Legacy protocols in the healthcare industry present dangers that can make hospitals extremely vulnerable to cyberattacks....
Silent but deadly: The rise of zero-click attacks
A security compromise so stealthy that it doesn’t even require your interaction? Yes, zero-click attacks require no action from you – but this doesn’t mean you’re left vulnerable....
OilRig’s persistent attacks using cloud service-powered downloaders
ESET researchers document a series of new OilRig downloaders, all relying on legitimate cloud service providers for C&C communications...
A pernicious potpourri of Python packages in PyPI
The past year has seen over 10,000 downloads of malicious packages hosted on the official Python package repository...
To tap or not to tap: Are NFC payments safer?
Contactless payments are quickly becoming ubiquitous – but are they more secure than traditional payment methods?...
Navigating privacy: Should we put the brakes on car tracking?
Your car probably knows a lot more about you than it lets on – but is the trade-off of privacy for convenience truly justifiable?...
Teaching appropriate use of AI tech – Week in security with Tony Anscombe
Several cases of children creating indecent images of other children using AI software add to the worries about harmful uses of AI technology...
Beware of predatory fin(tech): Loan sharks use Android apps to reach new depths
ESET researchers describe the growth of deceptive loan apps for Android and techniques they use to circumvent Google Play...
Very precisely lost – GPS jamming
The technology is both widely available and well developed, hence it's also poised to proliferate – especially in the hands of those wishing ill...
Executives behaving badly: 5 ways to manage the executive cyberthreat
Failing to practice what you preach, especially when you are a juicy target for bad actors, creates a situation fraught with considerable risk...
Telekopye's tricks of the trade – Week in security with Tony Anscombe
ESET's research team reveals details about the onboarding process of the Telekopye scam operation and the various methods that the fraudsters use to defraud people online...
Left to their own devices: Security for employees using personal devices for work
As personal devices within corporate networks make for a potentially combustible mix, a cavalier approach to BYOD security won’t cut it...
Retail at risk: Top threats facing retailers this holiday season
While it may be too late to introduce wholesale changes to your security policies, it doesn’t hurt to take a fresh look at where the biggest threats are and which best practices can help neutralize them...
‘Tis the season to be wary: 12 steps to ruin a cybercriminal's day
The holiday shopping season may be the time to splurge, but it’s a also favorite time of year for cybercriminals to target shoppers with phony deals, phishing scams and other threats...
Telekopye: Chamber of Neanderthals’ secrets
Insight into groups operating Telekopye bots that scam people in online marketplaces...
Your voice is my password
AI-driven voice cloning can make things far too easy for scammers – I know because I’ve tested it so that you don’t have to learn about the risks the hard way....
Fuel for thought: Can a driverless car get arrested?
What happens when problems caused by autonomous vehicles are not the result of errors, but the result of purposeful attacks?...
Safeguarding ports from the rising tide of cyberthreats – Week in security with Tony Anscombe
An attack against a port operator that ultimately hobbled some 40 percent of Australia’s import and export capacity highlights the kinds of supply chain shocks that a successful cyberattack can cause...
Say what you will? Your favorite speech-to-text app may be a privacy risk
Typing with your voice? It should go without saying that you need to take some precautions and avoid spilling your secrets....
Spyware disguised as a news app – Week in security with Tony Anscombe
The Urdu version of the Hunza News website offers readers the option to download an Android app – little do they know that the app is actually spyware...
Level up! These games will make learning about cybersecurity fun
Discover six games that will provide valuable knowledge while turning learning about digital security into an enjoyable and rewarding adventure...
Capture the flag: 5 websites to sharpen your hacking skills
Through engaging hacking challenges and competitions, CTFs offer an excellent opportunity to test and enhance your security and problem-solving skills...
Cyber threat intelligence: Getting on the front foot against adversaries
By collecting, analyzing and contextualizing information about possible cyberthreats, including the most advanced ones, threat intelligence offers a critical method to identify, assess and mitigate cyber risk...
Unlucky Kamran: Android malware spying on Urdu-speaking residents of Gilgit-Baltistan
ESET researchers discovered Kamran, previously unknown malware, which spies on Urdu-speaking readers of Hunza News...
The mysterious demise of the Mozi botnet – Week in security with Tony Anscombe
Various questions linger following the botnet's sudden and deliberate demise, including: who actually initiated it?...