Cyber Security

Digital Security As is their wont, cybercriminals waste no time launching attacks that aim to cash in on the frenzy around the latest big thing – plus, what else to know before using DeepSeek 31 Jan 2025  •  , 4 min. read It’s become almost a cliché to say that cybercriminals are remarkably quick to

Business Security Don’t wait for a costly breach to provide a painful reminder of the importance of timely software patching Phil Muncaster 05 Feb 2025  •  , 5 min. read Vulnerability exploitation has long been a popular tactic for threat actors. But it’s becoming increasingly so – a fact that should alarm every network defender.

Deepfake fraud, synthetic identities, and AI-powered scams make identity theft harder to detect and prevent – here’s how to fight back Phil Muncaster 11 Feb 2025  •  , 4 min. read Artificial intelligence (AI) is transforming our world in ways both expected and unforeseen. For consumers, the technology means more accurately personalized digital content, better

WeLiveScience As AI advances at a rapid clip, reshaping industries, automating tasks, and redefining what machines can achieve, one question looms large: what remains uniquely human? 10 Feb 2025 In his talk, Neil Lawrence, the Deep Mind Professor of Machine Learning at the University of Cambridge, tackles the aforementioned fundamental question head-on. With a career

Cybercriminals have been known to approach their targets under the guise of company recruiters, enticing them with fake employment offers. After all, what better time to strike than when the potential victim is distracted by the possibility of getting a job? Since early 2024, ESET researchers have observed a series of malicious North Korea-aligned activities,

A North Korea-aligned activity cluster tracked by ESET as DeceptiveDevelopment drains victims’ crypto wallets and steals their login details from web browsers and password managers 20 Feb 2025 ESET researchers have observed a malicious campaign where North Korea-aligned threat actors, posing as headhunters, target freelance software developers with info-stealing malware. The activities – named DeceptiveDevelopment

Some employment scams take an unexpected turn as cybercriminals shift from “hiring” to “firing” staff Phil Muncaster 18 Feb 2025  •  , 5 min. read Most of us are in a job or looking for one. Or both. That’s largely why employment and work-from-home scams are so popular among cybercriminals (and even some state-aligned threat

Ever wondered what it’s like to hack for a living – legally? Learn about the art and thrill of ethical hacking and how white-hat hackers help organizations tighten up their security. 12 Feb 2025 What if breaking into computer systems, tricking people into handing over passwords, and even sneaking into buildings was part of your

WeLiveScience The atmospheric scientist makes a compelling case for a head-to-heart-to-hands connection as a catalyst for climate action 17 Feb 2025 Most people acknowledge that climate change is real and human-driven, yet many still struggle to see how it directly affects their lives. To bridge this gap, Dr. Katharine Hayhoe introduces a simple but powerful

Kids Online The virtual treasure chests and other casino-like rewards inside your children’s games may pose risks you shouldn’t play down 13 Feb 2025  •  , 5 min. read Historically, many video games followed a straightforward economic model: pay once, play forever. These days, however, purchasing a game is often just the beginning. At the

On October 28th, 2024, the Dutch National police, alongside the FBI, Eurojust, and several other law enforcement organizations, performed a takedown of the infamous RedLine Stealer malware-as-a-service (MaaS) operation, and its clone called META Stealer. This global effort, named Operation Magnus, resulted in the takedown of three servers in the Netherlands, the seizure of two

ESET Research, Threat Reports An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2024 and Q3 2024 Jean-Ian Boutin 07 Nov 2024  •  , 3 min. read ESET APT Activity Report Q2 2024–Q3 2024 summarizes notable activities of selected advanced persistent threat (APT) groups that were documented

We Live Science The trailblazing scientist shares her reasons for hope in the fight against climate change and how we can tackle seemingly impossible problems and keep going in the face of adversity 06 Nov 2024 Renowned ethologist and conservationist Jane Goodall offers a sobering, but hopeful reflection on the precarious state of our planet.

Video Election interference, American Water and the Internet Archive breaches, new cybersecurity laws, and more – October saw no shortage of impactful cybersecurity news stories 31 Oct 2024 With so much happening in the world of cybersecurity, staying on top of threats, breaches, scams, and industry insights can feel like a full-time job. So, let

Cybercrime You may not always stop your personal information from ending up in the internet’s dark recesses, but you can take steps to protect yourself from criminals looking to exploit it Phil Muncaster 29 Oct 2024  •  , 6 min. read How did 44% members of the European Parliament (MEPs) and 68% of British MPs

How To Have you ever googled yourself? Were you happy with what came up? If not, consider requesting the removal of your personal information from search results. Márk Szabó 30 Oct 2024  •  , 4 min. read In today’s digital age, maintaining control over your personal information is more crucial than ever. Whether you’re concerned

In this blogpost, we provide a technical analysis of CloudScout, a post-compromise toolset used by Evasive Panda to target a government entity and a religious organization in Taiwan from 2022 to 2023. The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen web session cookies. Through a plugin, CloudScout works

We Live Science As methane emissions come under heightened global scrutiny, learn how a state-of-the-art satellite can pinpoint their sources and deliver the insights needed for targeted mitigation efforts 28 Oct 2024 While carbon dioxide typically takes center stage in discussions about climate change, methane emissions have historically flown somewhat under the radar. So what’s

ESET Research Learn how a rather clumsy cybercrime group wielding buggy malicious tools managed to compromise a number of SMBs in various parts of the world ESET Research 24 Oct 2024  •  , 1 min. read Some cybercriminal groups are sophisticated, create advanced schemes, cooperate with other attackers and do everything to stay under the

ESET researchers have discovered new Rust-based tooling leading to the deployment of Embargo ransomware. Embargo is a relatively new player in the ransomware scene, first observed by ESET in June 2024. The new toolkit consists of a loader and an EDR killer, named MDeployer and MS4Killer respectively by ESET. MS4Killer is particularly noteworthy as it

Scams Watch out for schemes where fraudsters trick people into sharing verification codes so they can gain access to their phone numbers Phil Muncaster 21 Oct 2024  •  , 5 min. read In our hyper-connected world, technology has transformed the way we communicate, enabling us to connect with anyone, anywhere, at the touch of a

Video The average time it takes attackers to weaponize a vulnerability, either before or after a patch is released, shrank from 63 days in 2018-2019 to just five days last year 18 Oct 2024 As many as 97 out of the 138 vulnerabilities disclosed as actively exploited in the wild in 2023 were zero-days, according

Video, Kids Online “Hey, wanna chat?” This innocent phrase can take on a sinister meaning when it comes from an adult to a child online – and even be the start of a predatory relationship 16 Oct 2024 “Hey, wanna chat?” What sounds like a casual and innocent phrase between adults can take a sinister

Scams Ever alert to fresh money-making opportunities, fraudsters are blending physical and digital threats to steal drivers’ payment details Phil Muncaster 15 Oct 2024  •  , 5 min. read Many countries and regions across the world have been moving quickly on electric cars in recent years. Around 14 million new cars were registered in 2023

Video ESET research dives deep into a series of attacks that leveraged bespoke toolsets to compromise air-gapped systems belonging to governmental and diplomatic entities 11 Oct 2024 This week, ESET researchers published the results of their probe into a series of attacks that leveraged bespoke toolsets to compromise air-gapped systems belonging to governmental and diplomatic

The growing popularity of online marketplaces has attracted fraudsters preying on unsuspecting buyers and sellers, looking to score payment card information rather than to strike a bargain. ESET researchers have found that one such organized scammer network – which uses Telekopye, a toolkit discovered by ESET Research in 2023 – has expanded its operations to

Business Security Could human risk in cybersecurity be managed with a cyber-rating, much like credit scores help assess people’s financial responsibility? Tony Anscombe 08 Oct 2024  •  , 5 min. read It’s undeniable that cyber insurance and cybersecurity are intrinsically linked. One requires the other, and they are a perfect pairing, even if they may

ESET researchers discovered a series of attacks on a governmental organization in Europe using tools capable of targeting air-gapped systems. The campaign, which we attribute to GoldenJackal, a cyberespionage APT group that targets government and diplomatic entities, took place from May 2022 to March 2024. By analyzing the toolset deployed by the group, we were

Video As highlighted by new ESET research this week, attributing a cyberattack to a specific threat actor is a complex affair 04 Oct 2024 Attributing a cyberattack to a specific threat actor is no easy task, as highlighted by new ESET research published this week. ESET experts recently uncovered a new China-aligned APT group that

Digital Security Despite their benefits, awareness campaigns alone are not enough to encourage widespread adoption of cybersecurity best practices Tony Anscombe 01 Oct 2024  •  , 3 min. read As we enter October, governments, non-profit organizations, cybersecurity vendors and many companies with corporate social responsibility teams are all likely gearing up to push out some