Internet Security
Jane Goodall: Reasons for hope | Starmus highlights
The trailblazing scientist shares her reasons for hope in the fight against climate change and how we can tackle seemingly impossible problems and keep going in the face of adversity...
Life on a crooked RedLine: Analyzing the infamous infostealer’s backend
Following the takedown of RedLine Stealer by international authorities, ESET researchers are publicly releasing their research into the infostealer’s backend modules...
ESET APT Activity Report Q2 2024–Q3 2024
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2024 and Q3 2024...
Month in security with Tony Anscombe – October 2024 edition
Election interference, American Water and the Internet Archive breaches, new cybersecurity laws, and more – October saw no shortage of impactful cybersecurity news stories...
How to remove your personal information from Google Search results
Have you ever googled yourself? Were you happy with what came up? If not, consider requesting the removal of your personal information from search results....
Tony Fadell: Innovating to save our planet | Starmus highlights
As methane emissions come under heightened global scrutiny, learn how a state-of-the-art satellite can pinpoint their sources and deliver the insights needed for targeted mitigation efforts...
ESET Research Podcast: CosmicBeetle
Learn how a rather clumsy cybercrime group wielding buggy malicious tools managed to compromise a number of SMBs in various parts of the world...
Threat actors exploiting zero-days faster than ever – Week in security with Tony Anscombe
The average time it takes attackers to weaponize a vulnerability, either before or after a patch is released, shrank from 63 days in 2018-2019 to just five days last year...
CloudScout: Evasive Panda scouting cloud services
ESET researchers discovered a previously undocumented toolset used by Evasive Panda to access and retrieve data from cloud services...
Don't become a statistic: Tips to help keep your personal data off the dark web
You may not always stop your personal information from ending up in the internet’s dark recesses, but you can take steps to protect yourself from criminals looking to exploit it...
Google Voice scams: What are they and how do I avoid them?
Watch out for schemes where fraudsters trick people into sharing verification codes so they can gain access to their phone numbers...
Protecting children from grooming | Unlocked 403 cybersecurity podcast (ep. 7)
“Hey, wanna chat?” This innocent phrase can take on a sinister meaning when it comes from an adult to a child online – and even be the start of a predatory relationship...
Embargo ransomware: Rock’n’Rust
Novice ransomware group Embargo is testing and deploying a new Rust-based toolkit...
GoldenJackal jumps the air gap … twice – Week in security with Tony Anscombe
ESET research dives deep into a series of attacks that leveraged bespoke toolsets to compromise air-gapped systems belonging to governmental and diplomatic entities...
Quishing attacks are targeting electric car owners: Here’s how to slam on the brakes
Ever alert to fresh money-making opportunities, fraudsters are blending physical and digital threats to steal drivers’ payment details...
Aspiring digital defender? Explore cybersecurity internships, scholarships and apprenticeships
The world needs more cybersecurity professionals – here are three great ways to give you an ‘in’ to the ever-growing and rewarding security industry...
Cyber insurance, human risk, and the potential for cyber-ratings
Could human risk in cybersecurity be managed with a cyber-rating, much like credit scores help assess people’s financial responsibility?...
The complexities of attack attribution – Week in security with Tony Anscombe
Attributing a cyberattack to a specific threat actor is a complex affair, as evidenced by new ESET research published this week...
Telekopye transitions to targeting tourists via hotel booking scam
ESET Research shares new findings about Telekopye, a scam toolkit used to defraud people on online marketplaces, and newly on accommodation booking platforms...
Mind the (air) gap: GoldenJackal gooses government guardrails
ESET Research analyzed two separate toolsets for breaching air-gapped systems, used by a cyberespionage threat actor known as GoldenJackal...
Why system resilience should mainly be the job of the OS, not just third-party applications
Building efficient recovery options will drive ecosystem resilience...
Separating the bee from the panda: CeranaKeeper making a beeline for Thailand
ESET Research details the tools and activities of a new China-aligned threat actor, CeranaKeeper, focusing on massive data exfiltration in Southeast Asia...
Gamaredon's operations under the microscope – Week in security with Tony Anscombe
ESET research examines the group's malicious wares as used to spy on targets in Ukraine in the past two years...
Cybersecurity Awareness Month needs a radical overhaul – it needs legislation
Despite their benefits, awareness campaigns alone are not enough to encourage widespread adoption of cybersecurity best practices...
Don’t panic and other tips for staying safe from scareware
Keep your cool, arm yourself with the right knowledge, and other tips for staying unshaken by fraudsters’ scare tactics...
FBI, CISA warning over false claims of hacked voter data – Week in security with Tony Anscombe
With just weeks to go before the US presidential election, the FBI and the CISA are warning about attempts to sow distrust in the electoral process...
Time to engage: How parents can help keep their children safe on Snapchat
Here’s what parents should know about Snapchat and why you should take some time to ensure your children can stay safe when using the app...
Influencing the influencers | Unlocked 403 cybersecurity podcast (ep. 6)
How do analyst relations professionals sort through the noise to help deliver the not-so-secret sauce for a company's success? We spoke with ESET's expert to find out....
Understanding cyber-incident disclosure
Proper disclosure of a cyber-incident can help shield your business from further financial and reputational damage, and cyber-insurers can step in to help...
CosmicBeetle joins the ranks of RansomHub affiliates – Week in security with Tony Anscombe
ESET researchers also find that CosmicBeetle attempts to exploit the notoriety of the LockBit ransomware gang to advance its own ends...
Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023
ESET Research has conducted a comprehensive technical analysis of Gamaredon’s toolset used to conduct its cyberespionage activities focused in Ukraine...
ESET Research Podcast: EvilVideo
ESET researchers discuss how they uncovered a zero-day Telegram for Android exploit that allowed attackers to send malicious files posing as videos...
AI security bubble already springing leaks
Artificial intelligence is just a spoke in the wheel of security – an important spoke but, alas, only one...
6 common Geek Squad scams and how to defend against them
Learn about the main tactics used by scammers impersonating Best Buy’s tech support arm and how to avoid falling for their tricks...
Bitcoin ATM scams skyrocket – Week in security with Tony Anscombe
The schemes disproportionately victimize senior citizens, as those aged 60 or over were more than three times as likely as younger adults to fall prey to the scams...
ESET Research Podcast: HotPage
ESET researchers discuss HotPage, a recently discovered adware armed with a highest-privilege, yet vulnerable, Microsoft-signed driver...
CosmicBeetle steps up: Probation period at RansomHub
CosmicBeetle, after improving its own ransomware, tries its luck as a RansomHub affiliate...
Stealing cash using NFC relay – Week in Security with Tony Anscombe
The discovery of the NGate malware by ESET Research is another example of how sophisticated Android threats have become...
In plain sight: Malicious ads hiding in search results
Sometimes there’s more than just an enticing product offer hiding behind an ad...
The key considerations for cyber insurance: A pragmatic approach
Would a more robust cybersecurity posture impact premium costs? Does the policy offer legal cover? These are some of the questions organizations should consider when reviewing their cyber insurance options...
Analysis of two arbitrary code execution vulnerabilities affecting WPS Office
Demystifying CVE-2024-7262 and CVE-2024-7263...
PWA phishing on Android and iOS – Week in security with Tony Anscombe
Phishing using PWAs? ESET Research's latest discovery might just ruin some users' assumptions about their preferred platform's security...
Old devices, new dangers: The risks of unsupported IoT tech
In the digital graveyard, a new threat stirs: Out-of-support devices becoming thralls of malicious actors...
Exploring Android threats and ways to mitigate them | Unlocked 403 cybersecurity podcast (ep. 5)
The world of Android threats is quite vast and intriguing. In this episode, Becks and Lukáš demonstrate how easy it is to take over your phone, with some added tips on how to stay secure...
How regulatory standards and cyber insurance inform each other
Should the payment of a ransomware demand be illegal? Should it be regulated in some way? These questions are some examples of the legal minefield that cybersecurity teams must deal with...
How a BEC scam cost a company $60 million – Week in security with Tony Anscombe
Business email compromise (BEC) has once again proven to be a costly issue, with a company losing $60 million in a wire transfer fraud scheme...
NGate Android malware relays NFC traffic to steal cash
Android malware discovered by ESET Research relays NFC data from victims’ payment cards, via victims’ mobile phones, to the device of a perpetrator waiting at an ATM...
The great location leak: Privacy risks in dating apps
What if your favorite dating, social media or gaming app revealed your exact coordinates to someone you’d rather keep at a distance?...
Be careful what you pwish for – Phishing in PWA applications
ESET analysts dissect a novel phishing method tailored to Android and iOS users...
Black Hat USA 2024 recap – Week in security with Tony Anscombe
Unsurprisingly, many discussions revolved around the implications of the CrowdStrike outage, including the lessons it may have offered for bad actors...
Black Hat USA 2024: All eyes on election security
In this high-stakes year for democracy, the importance of robust election safeguards and national cybersecurity strategies cannot be understated...
Why scammers want your phone number
Your phone number is more than just a way to contact you – scammers can use it to target you with malicious messages and even exploit it to gain access to your bank account or steal corporate data...
Black Hat USA 2024: How cyber insurance is shaping cybersecurity strategies
Cyber insurance is not only a safety net, but it can also be a catalyst for advancing security practices and standards...
Top 6 Craigslist scams: Don’t fall for these tricks
Here’s how to spot and dodge scams when searching for stuff on the classified ads website that offers almost everything under the sun...
Why tech-savvy leadership is key to cyber insurance readiness
Having knowledgeable leaders at the helm is crucial for protecting the organization and securing the best possible cyber insurance coverage...
AI and automation reducing breach costs – Week in security with Tony Anscombe
Organizations that leveraged AI and automation in security prevention cut the cost of a data breach by $2.22 million compared to those that didn't deploy these technologies...
The cyberthreat that drives businesses towards cyber risk insurance
Many smaller organizations are turning to cyber risk insurance, both to protect against the cost of a cyber incident and to use the extensive post-incident services that insurers provide...
Telegram for Android hit by a zero-day exploit – Week in security with Tony Anscombe
Attackers abusing the EvilVideo vulnerability could share malicious Android payloads via Telegram channels, groups, and chats, all while making them appear as legitimate multimedia files...
Beware of fake AI tools masking very real malware threats
Ever attuned to the latest trends, cybercriminals distribute malicious tools that pose as ChatGPT, Midjourney and other generative AI assistants...
Phishing targeting Polish SMBs continues via ModiLoader
ESET researchers detected multiple, widespread phishing campaigns targeting SMBs in Poland during May 2024, distributing various malware families...
Building cyber-resilience: Lessons learned from the CrowdStrike incident
Organizations, including those that weren’t struck by the CrowdStrike incident, should resist the temptation to attribute the IT meltdown to exceptional circumstances...
Beyond the blue screen of death: Why software updates matter
The widespread IT outages triggered by a faulty CrowdStrike update have put software updates in the spotlight. Here’s why you shouldn’t dread them....
How a signed driver exposed users to kernel-level threats – Week in Security with Tony Anscombe
A purported ad blocker marketed as a security solution leverages a Microsoft-signed driver that inadvertently exposes victims to dangerous threats...
The complexities of cybersecurity update processes
If a software update process fails, it can lead to catastrophic consequences, as seen today with widespread blue screens of death blamed on a bad update by CrowdStrike...
Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android
ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos...
The tap-estry of threats targeting Hamster Kombat players
ESET researchers have discovered threats abusing the success of the Hamster Kombat clicker game...
Hello, is it me you’re looking for? How scammers get your phone number
Your humble phone number is more valuable than you may think. Here’s how it could fall into the wrong hands – and how you can help keep it out of the reach of fraudsters....
Should ransomware payments be banned? – Week in security with Tony Anscombe
Blanket bans on ransomware payments are a much-debated topic in cybersecurity and policy circles. What are the implications of outlawing the payments, and would the ban be effective?...
Understanding IoT security risks and how to mitigate them | Unlocked 403 cybersecurity podcast (ep. 4)
As security challenges loom large on the IoT landscape, how can we effectively counter the risks of integrating our physical and digital worlds?...
HotPage: Story of a signed, vulnerable, ad-injecting driver
A study of a sophisticated Chinese browser injector that leaves more doors open!...
Social media and teen mental health – Week in security with Tony Anscombe
Social media sites are designed to make their users come back for more. Do laws restricting children's exposure to addictive social media feeds have teeth or are they a political gimmick?...
5 common Ticketmaster scams: How fraudsters steal the show
Scammers gonna scam scam scam, so before hunting for your tickets to a Taylor Swift gig or other in-demand events, learn how to stop fraudsters from leaving a blank space in your bank account...
Small but mighty: Top 5 pocket-sized gadgets to boost your ethical hacking skills
These five formidable bits of kit that can assist cyber-defenders in spotting chinks in corporate armors and help hobbyist hackers deepen their understanding of cybersecurity...
Key trends shaping the threat landscape in H1 2024 – Week in security with Tony Anscombe
Learn about the types of threats that 'topped the charts' and the kinds of techniques that bad actors leveraged most commonly in the first half of this year...
AI in the workplace: The good, the bad, and the algorithmic
While AI can liberate us from tedious tasks and even eliminate human error, it's crucial to remember its weaknesses and the unique capabilities that humans bring to the table...
No room for error: Don’t get stung by these common Booking.com scams
From sending phishing emails to posting fake listings, here’s how fraudsters hunt for victims while you’re booking your well-earned vacation...
Cyber insurance as part of the cyber threat mitigation strategy
Why organizations of every size and industry should explore their cyber insurance options as a crucial component of their risk mitigation strategies...
The long-tail costs of a data breach – Week in security with Tony Anscombe
Understanding and preparing for the potential long-tail costs of data breaches is crucial for businesses that aim to mitigate the impact of security incidents...
Buying a VPN? Here’s what to know and look for
VPNs are not all created equal – make sure to choose the right provider that will help keep your data safe from prying eyes...
ESET Threat Report H1 2024
A view of the H1 2024 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts...
Hijacked: How hacked YouTube channels spread scams and malware
Here’s how cybercriminals go after YouTube channels and use them as conduits for fraud – and what you should watch out for when watching videos on the platform...
My health information has been stolen. Now what?
As health data continues to be a prized target for hackers, here's how to minimize the fallout from a breach impacting your own health records...
Hacktivism is evolving – and that could be bad news for organizations everywhere
Hacktivism is nothing new, but the increasingly fuzzy lines between traditional hacktivism and state-backed operations make it a more potent threat...
How Arid Viper spies on Android users in the Middle East – Week in security with Tony Anscombe
The spyware, called AridSpy by ESET, is distributed through websites that pose as various messaging apps, a job search app, and a Palestinian Civil Registry app...
Preventative defense tactics in the real world
Don’t get hacked in the first place – it costs far less than dealing with the aftermath of a successful attack...
ESET Research Podcast: APT Activity Report Q4 2023–Q1 2024
The I-SOON data leak confirms that this contractor is involved in cyberespionage for China, while Iran-aligned groups step up aggressive tactics following the Hamas-led attack on Israel in 2023...
Arid Viper poisons Android apps with AridSpy
ESET researchers discovered Arid Viper espionage campaigns spreading trojanized apps to Android users in Egypt and Palestine...
WeLiveSecurity wins Best Cybersecurity Vendor Blog award!
The results of the 2024 European Cybersecurity Blogger Awards are in and the winner of the Best Cybersecurity Vendor Blog is... drumroll, please... WeLiveSecurity!...
560 million Ticketmaster customer data for sale? – Week in security with Tony Anscombe
Ticketmaster seems to have experienced a data breach, with the ShinyHunters hacker group claiming to have exfiltrated 560 million customer data...
The job hunter’s guide: Separating genuine offers from scams
$90,000/year, full home office, and 30 days of paid leave for a junior data analyst – what's not to like? Except that these kinds of job offers are only intended to trick unsuspecting victims into giving up their data....
What happens when facial recognition gets it wrong – Week in security with Tony Anscombe
A facial recognition system misidentifies a woman in London as a shoplifter, igniting fresh concerns over the technology's accuracy and reliability...
The murky world of password leaks – and how to check if you’ve been hit
Password leaks are increasingly common and figuring out whether the keys to your own kingdom have been exposed might be tricky – unless you know where to look...
AI in HR: Is artificial intelligence changing how we hire employees forever?
Much digital ink has been spilled on artificial intelligence taking over jobs, but what about AI shaking up the hiring process in the meantime?...
ESET World 2024: Big on prevention, even bigger on AI
What is the state of artificial intelligence in 2024 and how can AI level up your cybersecurity game? These hot topics and pressing questions surrounding AI were front and center at the annual conference....
Mandatory reporting of ransomware attacks? – Week in security with Tony Anscombe
As the UK mulls new rules for ransomware disclosure, what would be the wider implications of such a move, how would cyber-insurance come into play, and how might cybercriminals respond?...
Beyond the buzz: Understanding AI and its role in cybersecurity
A new white paper from ESET uncovers the risks and opportunities of artificial intelligence for cyber-defenders...
Introducing Nimfilt: A reverse-engineering tool for Nim-compiled binaries
Available as both an IDA plugin and a Python script, Nimfilt helps to reverse engineer binaries compiled with the Nim programming language compiler by demangling package and function names, and applying structs to strings...
What happens when AI goes rogue (and how to stop it)
As AI gets closer to the ability to cause physical harm and impact the real world, “it’s complicated” is no longer a satisfying response...
The who, where, and how of APT attacks – Week in security with Tony Anscombe
This week, ESET experts released several research publications that shine the spotlight on a number of notable campaigns and broader developments on the threat landscape...
Untangling the hiring dilemma: How security solutions free up HR processes
The prerequisites for becoming a security elite create a skills ceiling that is tough to break through – especially when it comes to hiring skilled EDR or XDR operators. How can businesses crack this conundrum?...