Cyber Security

ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tool are attributed to the China-aligned APT group GREF. Most likely active since July 2020 and since July 2022, respectively, the campaigns have distributed the Android BadBazaar espionage code through the Google Play store, Samsung Galaxy Store, and dedicated

Video ESET research uncovers active campaigns targeting Android users and spreading espionage code through the Google Play store, Samsung Galaxy Store and dedicated websites 31 Aug 2023 ESET researchers have uncovered two active campaigns targeting Android users and spreading the BadBazaar espionage code through the Google Play store, Samsung Galaxy Store, and dedicated websites. The

ESET Research Listen as ESET’s Director of Threat Research Jean-Ian Boutin unravels the tactics, techniques and procedures of MoustachedBouncer, an APT group taking aim at foreign embassies in Belarus ESET Research 10 Aug 2023 Press play to learn about the intricate workings of MoustachedBouncer, an advanced persistent threat (APT) group discovered by ESET and first

Business Security New reports from Europol and the UK’s National Crime Agency (NCA) shed a light on how the battle against cybercrime is being fought Phil Muncaster 06 Sep 2023  •  , 4 min. read Law enforcement remains an integral part of the fight against agile and increasingly well-resourced adversaries. Consumers and businesses, too, can

ESET researchers discovered a Ballistic Bobcat campaign targeting various entities in Brazil, Israel, and the United Arab Emirates, using a novel backdoor we have named Sponsor. We discovered Sponsor after we analyzed an interesting sample we detected on a victim’s system in Israel in May 2022 and scoped the victim-set by country. Upon examination, it

Video The update to X’s privacy policy has sparked some questions among privacy and security folks, including how long X will retain users’ biometric information and how the data will be stored and secured 08 Sep 2023 Will you give X your biometric data in order to help secure your account on the site? The

ESET Research Closing intrusion vectors force cybercriminals to revisit old attack avenues, but also to look for new ways to attack their victims ESET Research 12 Sep 2023 Sextortion emails and other text-based threats have been on a massive increase in H1 2023 and the question remains why. Are criminals just lazy? Are they trying

Why is kids’ personal information in high demand, how do criminals steal it, and what can parents do to help prevent child identity theft? Total identity fraud losses in the US were estimated at a whopping $43bn last year. While many of us are getting savvier about how we protect our personal information online, can

There is a significant secondary marketplace where tickets can sell for several times their original value, opening the opportunity for scammers and fraud As European football teams prepare to kick-off their summer soccer tours in the USA it provides a huge opportunity for local fans to see some of the top teams and players in

Here’s how cybercriminals have adjusted their tactics in response to Microsoft’s stricter security policies and other interesting findings from ESET’s new Threat Report This week, the ESET research team released the H1 2023 ESET Threat Report that examines the key trends and developments that shaped the cybersecurity landscape from December 2022 to May 2023. Among

A view of the H1 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts We are pleased to present the latest issue of ESET Threat Report, which brings changes aimed at making its contents more engaging and accessible. One notable modification is our new approach

Some threats may be closer than you think. Are security risks that originate from your own trusted employees on your radar? It all began innocently enough when a Tesla employee received an invitation from a former associate to catch up over drinks. Several wining and dining sessions later, the old acquaintance made his real intentions

A story of how an analysis of a supposed game cheat turned into the discovery of a powerful UEFI threat Towards the end of 2022 an unknown threat actor boasted on an underground forum that they’d created a new and powerful UEFI bootkit called BlackLotus. Its most distinctive feature? It could bypass UEFI Secure Boot

Originally a banking trojan, Emotet later evolved into a full-blown botnet and went on to become one of the most dangerous cyberthreats worldwide Originally a banking trojan, Emotet later evolved into a botnet that went on to become one of the most prevalent cyberthreats worldwide – until it was taken down by an international law

A brief summary of what happened with Emotet since its comeback in November 2021 Emotet is a malware family active since 2014, operated by a cybercrime group known as Mealybug or TA542. Although it started as a banking trojan, it later evolved into a botnet that became one of the most prevalent threats worldwide. Emotet

Criminals increasingly create deepfake nudes from people’s benign public photos in order to extort money from them, the FBI warns The U.S. Federal Bureau of Investigation (FBI) is warning about an increase in extortion campaigns where criminals tap into readily available artificial intelligence (AI) tools to create sexually explicit deepfakes from people’s innocent photos and

Here are some of the key insights on the evolving data breach landscape as revealed by Verizon’s analysis of more than 16,000 incidents Contrary to common perception, small and medium-sized businesses (SMBs) are often the target of cyberattacks. That’s understandable, as in the US and UK, they comprise over 99% of businesses, a majority of

The growing use of synthetic media and difficulties in distinguishing between real and fake content raises a slew of legal and ethical questions The news cycle is awash with articles about (what’s not always rightly called) artificial intelligence – some good, some bad, and some ugly. The fact that some individuals are using readily available

While employee monitoring software may boost productivity, it may also be a potential privacy minefield and it can affect your relationship with your employees Things may not always run smoothly in the workplace and bosses and workers may not always see eye to eye on many things. But there may be another “threat” in town:

The beginning of the summer break is the perfect time for parents to remind their children about the importance of safe online habits The sun’s out, and so is school. But despite our best efforts, the chances are that our children will spend the coming summer holiday period glued to their devices. Depending on their

Cybercriminals can use USB charging stations in airports, hotels, malls or other public spaces as conduits for malware Over the past 10-plus years, modern smartphones and other portable devices have become our constant companions. These days, smartphones let us do much more than make phone calls or send text messages. Mobile technology puts the world

The US government has now announced a bounty of $10 million for intel linking the Cl0p ransomware gang to a foreign government The US government is now offering a $10 million reward for information linking the Cl0p ransomware gang or other threat actors targeting US critical infrastructure to a foreign government. This is after Cl0p

A primer on how to use this powerful tool for uncovering and connecting information from publicly available sources It’s a truism that personal data is a valuable asset for cybercriminals, as it allows them to tailor and otherwise improve their phishing and other social engineering attacks. The wealth and variety of personal data that is

From bogus free trips to fake rental homes, here are some of the most common online threats you should look out for both before and during your travels As the mercury rises and we look forward to vacationing in sunnier climbs, it’s also time to keep one eye peeled for internet scams and cyberthreats. Travel

With passkeys poised for prime time, passwords seem passé. What are the main benefits of ditching one in favor of the other? Chances are good that many of us have had enough of passwords. In a world where we have to manage access for scores of online accounts, passwords no longer seem fit for purpose.

ESET researchers analyzed an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can receive commands to delete files ESET researchers have identified an updated version of Android GravityRAT spyware being distributed as the messaging apps BingeChat and Chatico. GravityRAT is a remote access tool known to be used since at least

Strategies for stopping and responding to cyberbullying require a concerted, community-wide effort involving parents, educators and children themselves Bullying of any kind can have a devastating impact on the victim’s well-being and life. Physical bullying, also known as face-to-face or in-person bullying, is still an issue in schools, with many researchers saying that its long-term

Could your Android phone be home to a remote access tool (RAT) that steals WhatsApp backups or performs other shenanigans? Could your Android phone be home to a remote access tool (RAT) that steals WhatsApp backups? This week, ESET researchers revealed how an updated version of Android GravityRAT spyware is being spread as free messaging

While not a ‘get out of jail free card’ for your business, cyber insurance can help insulate it from the financial impact of a cyber-incident Cyber risk is on the rise as the combined impact of surging threat levels, expanding attack surfaces and security skills shortages are putting organizations at a disadvantage. Faced with an

A curious case of a threat actor at the border between crimeware and cyberespionage Asylum Ambuscade is a cybercrime group that has been performing cyberespionage operations on the side. They were first publicly outed in March 2022 by Proofpoint researchers after the group targeted European government staff involved in helping Ukrainian refugees, just a few