Cyber Security

ESET Research uncovers a campaign by the APT group known as Evasive Panda targeting an international NGO in China with malware delivered through updates of popular Chinese software ESET researchers have discovered a campaign that we attribute to the APT group known as Evasive Panda, where update channels of legitimate applications were mysteriously hijacked to

Before you rush to buy new hardware, try these simple tricks to get your machine up to speed again – and keep it that way. A slow-running computer can be a major headache, affecting your productivity and causing unnecessary stress. But before frustration kicks in and makes you run to buy a new machine, there

Many routers that are offered for resale contain sensitive corporate information and allow third-party connections to corporate networks Did you mistakenly sell access to your network when you sold a decommissioned router? Recently, ESET researchers purchased several used core routers to set up a test environment, only to find that, in many cases, the previously

Similarities with newly discovered Linux malware used in Operation DreamJob corroborate the theory that the infamous North Korea-aligned group is behind the 3CX supply-chain attack ESET researchers have discovered a new Lazarus Operation DreamJob campaign targeting Linux users. Operation DreamJob is the name for a series of campaigns where the group uses social engineering techniques

The legislation aims to bolster the Union’s cyber-resilience and enhance its capabilities to prepare for, detect and respond to incidents The European Union (EU) is transforming itself into a digitally aware, secure, and productive collective, with the aim of entering the 2030s as a relevant player within the digital sector. One of the base ideas

When decommissioning their old hardware, many companies ‘throw the baby out with the bathwater’ Taking a defunct router out of an equipment rack and sliding in a shiny new replacement is probably an everyday occurrence in many business networking environments. However, the fate of the router being discarded should be as important, if not more

The much-dreaded writer’s block isn’t the only threat that may derail your progress. Are you doing enough to keep your blog (and your livelihood) safe from online dangers? Whether we like it or not, writers and bloggers are part of a community. And while we might write on totally different topics and espouse views from

Microsoft releases guidance on how organizations can check their systems for the presence of BlackLotus, a powerful threat first analyzed by ESET researchers Microsoft has released guidance on how organizations can detect BlackLotus, a powerful threat that was first analyzed by ESET researchers. BlackLotus is a UEFI bootkit that is capable of operating on Windows

Some sectors have high confidence in their in-house cybersecurity expertise, while others prefer to enlist the support of an external provider to keep their systems and data secured While threat detections continue to rise, the widening cybersecurity skills gap is leaving businesses exposed. It is an issue particularly felt by SMBs forced to rein in

Here’s how to choose the right password vault for you and what exactly to consider when weighing your options Wave after wave of new technologies have threatened to bring about the end of the password over the years. But none so far have succeeded. That leaves most users with a problem. Passwords are a potential

In a rush to file your taxes? Watch out for cybercriminals preying on stressed taxpayers as Tax Day looms large on the horizon. The IRS-approved tax return filing service eFile.com has been caught compromising people’s devices with malware for weeks, serving a strong reminder that cybercriminals are also well aware of the fact that it’s

Give your social media presence a good spring scrubbing, audit your passwords and other easy ways to bring order to your digital chaos Spring has sprung, the sun is out longer, and the birds’ chirping, peeping and tweeting in the trees have put that much-needed pep in your step. With the arrival of spring also

Do you know how many devices are connected to your home network? You don’t? This is precisely why it’s time for a network audit. The rite of spring cleaning is clearly good for your home and your mind and well-being, but trust me, your home network and all the devices connected to it could use

Spring is in the air and as the leaves start growing again, why not breathe some new life into the devices you depend on so badly? It’s spring time in the northern hemisphere, and chances are good that you have a whole new spring in your step (excuse the pun!) thanks to the weather becoming

ESET experts share their insights on the cyber-elements of the first year of the war in Ukraine and how a growing number of destructive malware variants tried to rip through critical Ukrainian systems With the Russian invasion on February 24th, 2022, the age of wipers seems to have arrived as a growing number of destructive

Today is World Backup Day, but maybe we also need a “did you test your backups” day? When did you last attempt to restore your data? Today is World Backup Day, but maybe we also need a “did you test your backups” day? Why is that? Because many people and organizations that do create backups

By failing to prepare you are preparing to fail. Make sure you’re able to bounce back if, or when, a data disaster strikes. “Backup refers to copying physical and virtual files, or databases, to a secondary location for preservation in case of equipment failure or catastrophe. Backing up data is pivotal to any successful disaster

How fraudsters groom their marks and move in for the kill using tricks from the playbooks of romance and investment scammers Sometimes you have to say things that go without saying: Social media and instant messaging have made staying in touch with friends easier than ever. These days, you’re never too far away from people

How content creators and subscribers can embrace the social media platform without (overly) exposing themselves to the potentially toxic brew of NSFW content and privacy threats By now you’ve most probably heard of, or possibly even use, OnlyFans. Launched in 2016, this subscription service for content creators gained momentum over the course of the pandemic

As TikTok CEO attempts to placate U.S. lawmakers, it’s time for us all to think about the wealth of personal information that TikTok and other social media giants collect about us TikTok CEO Shou Zi Chew has appeared before the U.S. Congress to give his take on the app’s data security and privacy practices and

Here are some of the key moments from the five hours of Shou Zi Chew’s testimony and other interesting news on the data privacy front As the controversy surrounding TikTok continues, the app’s CEO Shou Zi Chew appeared before the U.S. Congress to explain the app’s data privacy and security practices. Here are some of

Why your organization should consider an MDR solution and five key things to look for in a service offering The threat landscape is evolving at breakneck speed and corporate cyberattack surfaces expand, with many trends and developments kicked into overdrive as a result of the surge in digital transformation investments during and after the COVID-19

Twitter’s ditching of free text-message authentication doesn’t mean that you should forgo using 2FA. Instead, switch to another – and, indeed, better – 2FA option. Starting today, Twitter is disabling SMS-based two-factor authentication (2FA) for all but paying users following a decision that, not unlike other recent moves by the social media giant, has been

Scammers are looking to cash in on the chaos that has set in following the startling meltdowns of Silicon Valley Bank and Signature Bank and the crisis at Credit Suisse When mayhem, panic and chaos set in – as has been the case following the meltdowns of Silicon Valley Bank (SVB) and Signature Bank and

How cybercriminals can exploit Silicon Valley Bank’s downfall for their own ends – and at your expense Big news events and major crises usually trigger an avalanche of follow-on phishing attempts. The COVID-19 pandemic and Russia’s invasion of Ukraine are perhaps the most obvious examples, but the most recent one is the collapse of Silicon

ESET researchers analyzed Android and Windows clippers that can tamper with instant messages and use OCR to steal cryptocurrency funds ESET researchers have discovered dozens of copycat Telegram and WhatsApp websites targeting mainly Android and Windows users with trojanized versions of these instant messaging apps. Most of the malicious apps we identified are clippers –

ESET Research uncovered a campaign by APT group Tick against a data-loss prevention company in East Asia and found a previously unreported tool used by the group ESET researchers discovered a campaign that we attribute with high confidence to the APT group Tick. The incident took place in the network of an East Asian company

Here’s how to know you have fallen victim to a scam – and what to do in order to undo or mitigate the damage. Online fraud can be thought of as a price we pay for the ubiquity of digital services. These services make our lives easier, healthier, safer and more entertaining. But there are

Here’s a roundup of some of the most common tricks that fraudsters use to dupe their victims on WhatsApp – and what you can do to protect yourself against them. With more than two billion users, WhatsApp offers a vast pool of potential targets for scammers. To make things more complicated, fraudsters aren’t known for

A request to move an online conversation to a supposedly more secure platform may not be as well-meaning as it sounds Have you ever been asked to move an online conversation to another – and supposedly more secure – platform? This technique, often used by romance scammers, was recently used against a number of Indian