Cyber Security

Strategies for stopping and responding to cyberbullying require a concerted, community-wide effort involving parents, educators and children themselves Bullying of any kind can have a devastating impact on the victim’s well-being and life. Physical bullying, also known as face-to-face or in-person bullying, is still an issue in schools, with many researchers saying that its long-term

Could your Android phone be home to a remote access tool (RAT) that steals WhatsApp backups or performs other shenanigans? Could your Android phone be home to a remote access tool (RAT) that steals WhatsApp backups? This week, ESET researchers revealed how an updated version of Android GravityRAT spyware is being spread as free messaging

While not a ‘get out of jail free card’ for your business, cyber insurance can help insulate it from the financial impact of a cyber-incident Cyber risk is on the rise as the combined impact of surging threat levels, expanding attack surfaces and security skills shortages are putting organizations at a disadvantage. Faced with an

A curious case of a threat actor at the border between crimeware and cyberespionage Asylum Ambuscade is a cybercrime group that has been performing cyberespionage operations on the side. They were first publicly outed in March 2022 by Proofpoint researchers after the group targeted European government staff involved in helping Ukrainian refugees, just a few

A crimeware group that usually targets individuals and SMBs in North America and Europe adds cyberespionage to its activities It’s rather rare to find a cybercrime group that ventures into cyberespionage, which alone makes new ESET research all the more interesting. According to ESET experts, a cybercrime group known as Asylum Ambuscade – which usually

Plus, 7 ways to tell that you downloaded a sketchy app and 7 tips for staying safe from mobile security threats in the future You’ve just downloaded a new mobile game, cryptocurrency wallet, or fitness app, but something isn’t right. Your phone’s screen is swamped by annoying ads, the app is not doing what you

How  your voice assistant could do the bidding of a hacker – without you ever hearing a thing Regular WeLiveSecurity readers won’t be stunned to read that cyberattacks and their methods keep evolving as bad actors continue to enhance their repertoire. It’s also become a common refrain that as security vulnerabilities are found and patched

Given the reliance of today’s digital world on APIs and the fact that attacks targeting them continue to rise sharply, API security cannot be an afterthought. Given the increasing reliance of today’s digital world on APIs and the fact that cyberattacks targeting them continue to rise sharply, API security cannot be an afterthought. Here is

A peek under the hood of a cybercrime operation and what you can do to avoid being an easy target for similar ploys They hacked into corporate emails, stole money from people and businesses, and tricked others into transferring the loot. Nigerian nationals Solomon Ekunke Okpe and Johnson Uke Obogo ran a sophisticated fraud scheme

As APIs are a favorite target for threat actors, the challenge of securing the glue that holds various software elements together is taking on increasing urgency The application programming interface (API) is an unsung hero of the digital revolution. It provides the glue that sticks together diverse software components in order to create new user

A roundup of some of the handiest tools for the collection and analysis of publicly available data from Twitter, Facebook and other social media platforms Social media sites are a near-bottomless source of information that almost anyone can use for security and intelligence research, as well as for marketing campaigns. The platforms allow anybody to

ESET research uncovers an Android app that initially had no harmful features but months later turned into a spying tool This week, ESET malware researcher Lukas Stefanko revealed how an initially legitimate Android app morphed into a malicious trojan that could steal users’ files and record surrounding audio from the device’s microphone and then exfiltrate

ESET researchers reveal details about a prevalent cryptor, operating as a cryptor-as-a-service used by tens of malware families In this blogpost we examine the operation of AceCryptor, originally documented by Avast. This cryptor has been around since 2016 and because – throughout its existence – it has been used to pack tens of malware families,

Nobody wants to spend their time dealing with the fallout of a security incident instead of building up their business Approximately one in seven people in Europe and the United States are self-employed, often realizing their dream to be in charge of their own destiny and having more freedom and control over their careers. But

ESET researchers discover AhRat – a new Android RAT based on AhMyth – that exfiltrates files and records audio ESET researchers have discovered a trojanized Android app that had been available on the Google Play store with over 50,000 installs. The app, named iRecorder – Screen Recorder, was initially uploaded to the store without malicious

Don’t download software from non-reputable websites and sketchy links – you might be in for more than you bargained for Chances are good that you have, at some point, searched for free stuff online, including software, movies, TV shows, or live streams of sports matches. But the truth is that this search for “free” may

Before rushing to embrace the LLM-powered “hire”, make sure your organization has safeguards in place to avoid putting its business and customer data at risk Chatbots powered by large language models (LLMs) are not just the world’s new favorite pastime. The technology is increasingly being recruited to boost workers’ productivity and efficiency, and given its

A roundup of some of the handiest tools that security professionals can use to search for and monitor devices that are accessible from the internet Internet security is a constant concern for technology and cybersecurity professionals. With the ever-increasing number of online devices and services, it is important to have a clear and accurate view

Why do people still download files from sketchy places and get compromised as a result? One of the pieces of advice that security practitioners have been giving out for the past couple of decades, if not longer, is that you should only download software from reputable sites. As far as computer security advice goes, this

As the war shows no signs of ending and cyber-activity by states and criminal groups remains high, conversations around the cyber-resilience of critical infrastructure have never been more vital A number of security practitioners, policymakers, law enforcement professionals and other experts from various countries gathered in Warsaw, Poland, on May 10th, 2023, to discuss how

Strike a balance between making the internet a safer place for your children and giving them the freedom to explore, learn and socialize There was a time when parents didn’t have to worry much about their children’s digital activities. A single, centralized computer in the house was the only gateway to the internet, and could

What have some of the world’s most infamous advanced threat actors been up to and what might be the implications of their activities for your business? This week, ESET researchers released a new issue of the APT Activity Report that looks at the activities of selected advanced persistent threat (APT) groups from October 2022 to

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2022 and Q1 2023 ESET APT Activity Report Q4 2022–Q1 2023 summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from October 2022 until the end of March 2023. Attentive

Have your cake and eat it too – enjoy some of what the online world has to offer without always giving out your contact details We’ve all lost count of how many times we’ve entered our email address and phone number to sign up for an online service, access a website or an app, read

Don’t torture people with exceedingly complex password composition rules but do blacklist commonly used passwords, plus other ways to help people help themselves – and your entire organization When engineer Bill Burr from the U.S. National Institute of Standards and Technology (NIST) wrote in 2003 what would soon become the world’s gold standard for password

The recent compromise of the networks of several companies via the abuse of a remote access tool used by MSPs exemplifies why state-aligned threat actors should be on the radars of IT service providers Managed service providers (MSPs) that don’t consider themselves targets for state-aligned threat actors may need to think again. While many people

It’s all fun and games until someone gets hacked – here’s what to know about, and how to avoid, threats lurking on the social media juggernaut There are several tools or software applications that enable us to stay connected with our fellow teammates even during gameplay, with the best of them having a low impact

A quick dive into the murky world of cyberespionage and other growing threats facing managed service providers – and their customers ESET telemetry from Q4 2022 saw the start of a new campaign by MuddyWater, a cyberespionage group linked to Iran’s Ministry of Intelligence and Security (MOIS) and active since at least 2017. The group

The importance of understanding – and prioritizing – the privacy and security implications of large language models like ChatGPT cannot be overstated Thousands of security professionals descended on San Francisco this week to attend RSA Conference, the world’s leading gathering of the security community. What was the hottest topic at the event? You guessed it

As all things (wrongly called) AI take the world’s biggest security event by storm, we round up of some of their most-touted use cases and applications Okay, so there’s this ChatGPT thing layered on top of AI – well, not really, it seems even the practitioners responsible for some of the most impressive machine learning