Cyber Security

A North Korea-aligned activity cluster tracked by ESET as DeceptiveDevelopment drains victims’ crypto wallets and steals their login details from web browsers and password managers 20 Feb 2025 ESET researchers have observed a malicious campaign where North Korea-aligned threat actors, posing as headhunters, target freelance software developers with info-stealing malware. The activities – named DeceptiveDevelopment

Some employment scams take an unexpected turn as cybercriminals shift from “hiring” to “firing” staff Phil Muncaster 18 Feb 2025  •  , 5 min. read Most of us are in a job or looking for one. Or both. That’s largely why employment and work-from-home scams are so popular among cybercriminals (and even some state-aligned threat

Ever wondered what it’s like to hack for a living – legally? Learn about the art and thrill of ethical hacking and how white-hat hackers help organizations tighten up their security. 12 Feb 2025 What if breaking into computer systems, tricking people into handing over passwords, and even sneaking into buildings was part of your

WeLiveScience The atmospheric scientist makes a compelling case for a head-to-heart-to-hands connection as a catalyst for climate action 17 Feb 2025 Most people acknowledge that climate change is real and human-driven, yet many still struggle to see how it directly affects their lives. To bridge this gap, Dr. Katharine Hayhoe introduces a simple but powerful

Kids Online The virtual treasure chests and other casino-like rewards inside your children’s games may pose risks you shouldn’t play down 13 Feb 2025  •  , 5 min. read Historically, many video games followed a straightforward economic model: pay once, play forever. These days, however, purchasing a game is often just the beginning. At the

On October 28th, 2024, the Dutch National police, alongside the FBI, Eurojust, and several other law enforcement organizations, performed a takedown of the infamous RedLine Stealer malware-as-a-service (MaaS) operation, and its clone called META Stealer. This global effort, named Operation Magnus, resulted in the takedown of three servers in the Netherlands, the seizure of two

ESET Research, Threat Reports An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2024 and Q3 2024 Jean-Ian Boutin 07 Nov 2024  •  , 3 min. read ESET APT Activity Report Q2 2024–Q3 2024 summarizes notable activities of selected advanced persistent threat (APT) groups that were documented

We Live Science The trailblazing scientist shares her reasons for hope in the fight against climate change and how we can tackle seemingly impossible problems and keep going in the face of adversity 06 Nov 2024 Renowned ethologist and conservationist Jane Goodall offers a sobering, but hopeful reflection on the precarious state of our planet.

Video Election interference, American Water and the Internet Archive breaches, new cybersecurity laws, and more – October saw no shortage of impactful cybersecurity news stories 31 Oct 2024 With so much happening in the world of cybersecurity, staying on top of threats, breaches, scams, and industry insights can feel like a full-time job. So, let

Cybercrime You may not always stop your personal information from ending up in the internet’s dark recesses, but you can take steps to protect yourself from criminals looking to exploit it Phil Muncaster 29 Oct 2024  •  , 6 min. read How did 44% members of the European Parliament (MEPs) and 68% of British MPs

How To Have you ever googled yourself? Were you happy with what came up? If not, consider requesting the removal of your personal information from search results. Márk Szabó 30 Oct 2024  •  , 4 min. read In today’s digital age, maintaining control over your personal information is more crucial than ever. Whether you’re concerned

In this blogpost, we provide a technical analysis of CloudScout, a post-compromise toolset used by Evasive Panda to target a government entity and a religious organization in Taiwan from 2022 to 2023. The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen web session cookies. Through a plugin, CloudScout works

We Live Science As methane emissions come under heightened global scrutiny, learn how a state-of-the-art satellite can pinpoint their sources and deliver the insights needed for targeted mitigation efforts 28 Oct 2024 While carbon dioxide typically takes center stage in discussions about climate change, methane emissions have historically flown somewhat under the radar. So what’s

ESET Research Learn how a rather clumsy cybercrime group wielding buggy malicious tools managed to compromise a number of SMBs in various parts of the world ESET Research 24 Oct 2024  •  , 1 min. read Some cybercriminal groups are sophisticated, create advanced schemes, cooperate with other attackers and do everything to stay under the

ESET researchers have discovered new Rust-based tooling leading to the deployment of Embargo ransomware. Embargo is a relatively new player in the ransomware scene, first observed by ESET in June 2024. The new toolkit consists of a loader and an EDR killer, named MDeployer and MS4Killer respectively by ESET. MS4Killer is particularly noteworthy as it

Scams Watch out for schemes where fraudsters trick people into sharing verification codes so they can gain access to their phone numbers Phil Muncaster 21 Oct 2024  •  , 5 min. read In our hyper-connected world, technology has transformed the way we communicate, enabling us to connect with anyone, anywhere, at the touch of a

Video The average time it takes attackers to weaponize a vulnerability, either before or after a patch is released, shrank from 63 days in 2018-2019 to just five days last year 18 Oct 2024 As many as 97 out of the 138 vulnerabilities disclosed as actively exploited in the wild in 2023 were zero-days, according

Video, Kids Online “Hey, wanna chat?” This innocent phrase can take on a sinister meaning when it comes from an adult to a child online – and even be the start of a predatory relationship 16 Oct 2024 “Hey, wanna chat?” What sounds like a casual and innocent phrase between adults can take a sinister

Scams Ever alert to fresh money-making opportunities, fraudsters are blending physical and digital threats to steal drivers’ payment details Phil Muncaster 15 Oct 2024  •  , 5 min. read Many countries and regions across the world have been moving quickly on electric cars in recent years. Around 14 million new cars were registered in 2023

Video ESET research dives deep into a series of attacks that leveraged bespoke toolsets to compromise air-gapped systems belonging to governmental and diplomatic entities 11 Oct 2024 This week, ESET researchers published the results of their probe into a series of attacks that leveraged bespoke toolsets to compromise air-gapped systems belonging to governmental and diplomatic

The growing popularity of online marketplaces has attracted fraudsters preying on unsuspecting buyers and sellers, looking to score payment card information rather than to strike a bargain. ESET researchers have found that one such organized scammer network – which uses Telekopye, a toolkit discovered by ESET Research in 2023 – has expanded its operations to

Business Security Could human risk in cybersecurity be managed with a cyber-rating, much like credit scores help assess people’s financial responsibility? Tony Anscombe 08 Oct 2024  •  , 5 min. read It’s undeniable that cyber insurance and cybersecurity are intrinsically linked. One requires the other, and they are a perfect pairing, even if they may

ESET researchers discovered a series of attacks on a governmental organization in Europe using tools capable of targeting air-gapped systems. The campaign, which we attribute to GoldenJackal, a cyberespionage APT group that targets government and diplomatic entities, took place from May 2022 to March 2024. By analyzing the toolset deployed by the group, we were

Video As highlighted by new ESET research this week, attributing a cyberattack to a specific threat actor is a complex affair 04 Oct 2024 Attributing a cyberattack to a specific threat actor is no easy task, as highlighted by new ESET research published this week. ESET experts recently uncovered a new China-aligned APT group that

Digital Security Despite their benefits, awareness campaigns alone are not enough to encourage widespread adoption of cybersecurity best practices Tony Anscombe 01 Oct 2024  •  , 3 min. read As we enter October, governments, non-profit organizations, cybersecurity vendors and many companies with corporate social responsibility teams are all likely gearing up to push out some

ESET researchers observed several campaigns targeting governmental institutions in Thailand, starting in 2023. These attacks leveraged revamped versions of components previously attributed by other researchers to the China-aligned advanced persistent threat (APT) group Mustang Panda, and later, a new set of tools that abuse service providers such as Pastebin, Dropbox, OneDrive, and GitHub to execute

Business Security Building efficient recovery options will drive ecosystem resilience Tony Anscombe 01 Oct 2024  •  , 4 min. read Last week, a US congressional hearing regarding the CrowdStrike incident in July saw one of the company’s executives answer questions from policy makers. One point that caught my interest during the ensuing debate was the

Video ESET research examines the group’s malicious wares as used to spy on targets in Ukraine in the past two years 27 Sep 2024 This week, ESET researchers published an extensive analysis of the tools and techniques of Gamaredon, a Russia-aligned threat actor that is currently the most active APT group in Ukraine. Their research

ESET Research ESET Research has conducted a comprehensive technical analysis of Gamaredon’s toolset used to conduct its cyberespionage activities focused in Ukraine Zoltán Rusnák 26 Sep 2024  •  , 5 min. read The war in Ukraine, which started in February 2014 and intensified with Russia’s invasion of the country on February 24th, 2022, exemplifies a

Digital Security Keep your cool, arm yourself with the right knowledge, and other tips for staying unshaken by fraudsters’ scare tactics Phil Muncaster 25 Sep 2024  •  , 5 min. read We live in fast-paced and often worrying times, and fraudsters are primed to take advantage. Fear can be a powerful weapon and scammers know