Cyber Security

Don’t be the next victim – here’s what to know about some of the most common tricks that scammers use on the payment app Today’s consumers have a wealth of choice when it comes to paying and sending money online. A range of slick digital payment apps have emerged over recent years to make the

It is now acceptable to find a job on a dating app! As we observed last week, many enterprises and small and medium businesses (SMBs) take advantage of solutions such as Slack, Zoom or Microsoft Teams for collaborative work. At the same time, these platforms are still trying to figure out better ways to create

Hybrid work and hybrid play now merge into hybrid living, but where is the line between the two? Is there one? That the COVID-19 pandemic brought a new normal to businesses, educational institutions, and our everyday lives is an understatement. Many interactions, whether work-related or personal, moved online or at least gained a virtual mirror.

StrongPity’s backdoor is fitted with various spying features and can record phone calls, collect texts, and gather call logs and contact lists This week, the ESET research team published their findings about an espionage campaign by the StrongPity APT group that spreads a fully functional, but trojanized version of the legitimate Telegram app for Android.

ESET Research announces IPyIDA 2.0, a Python plugin integrating IPython and Jupyter Notebook into IDA IDA Pro from Hex-Rays is probably the most popular tool today for reverse-engineering software. For ESET researchers, this tool is a favorite disassembler and has inspired the development of the IPyIDA plugin that embeds an IPython kernel into IDA Pro. Under

A new law portends a future where (we hope) it will be easier for us all to repair, fix, upgrade, and just tinker with things we already own Want to secure, patch, upgrade, or modify tech you own? You may not be able to, if some manufacturers have anything to say about it. They view

ESET researchers identified an active StrongPity campaign distributing a trojanized version of the Android Telegram app, presented as the Shagle app – a video-chat service that has no app version ESET researchers identified an active campaign that we have attributed to the StrongPity APT group. Active since November 2021, the campaign has distributed a malicious

Learning meets fun at the 2022 SANS Holiday Hack Challenge – strap yourself in for a crackerjack ride at the North Pole as I foil Grinchum’s foul plan and recover the five golden rings This is my first year participating in the SANS Holiday Hack Challenge and it was a blast. Through a series of

Do you use any of these extremely popular – and eminently hackable – passwords? If so, we have a New Year’s resolution for you. Security experts have been predicting the death of the password for well over a decade. But it’s still the main way we log-in to our online accounts and mobile applications. Why?

Why schools, hospitals, local governments and other public sector organizations are in a sweet spot for ransomware attacks Why are schools, hospitals and local governments firmly in the crosshairs of cybercriminals and why do public-sector entities fall into a sweet spot for ransomware attacks? What are the latest trends on the ransomware scene? A report

Are your virtual doctor visits private and secure? Here’s what to know about, and how to prepare for, connecting with a doctor from the comfort of your home. Telehealth services were one of the tech success stories of the COVID-19 pandemic. Just as cloud-based services helped suddenly locked-down workers to stay productive, telemedicine consultations ensured

With many children spending a little too much time playing video games, learn to spot the signs things may be spinning out of control Across Europe, half of the population aged 6-64 plays video games, according to industry body ISFE. The number rises significantly for 6-10-year-olds (68%), and those aged 11-14 (79%) and 15-24 (72%).

What are some of the key cybersecurity trends and themes that organizations should have on their radars in 2023? As another eventful year comes to a close, it’s time not only to take stock of and reflect on the defining moments of 2022, but especially to look ahead to the challenges that are likely to

The past year has seen no shortage of disruptive cyberattacks – here’s a round-up of some of the worst hacks and breaches that have impacted a variety of targets around the world in 2022 The past year has seen the global economy lurch from one crisis to another. As COVID-19 finally began to recede in

It’s all fun and games over the holidays, but is your young gamer safe from the darker side of the action? As Christmas draws nearer, parents are handling a barrage of requests from their kids for the latest gaming titles and consoles. Despite gathering macro-economic headwinds, US consumers are set to increase their total retail

Give yourself peace of mind and help create a safe online space for your child using Android or iOS parental controls So you’re about to give your kid their first smartphone. While your child will be over the moon with their shiny new device, you begin to wonder how to stop the kid from spending

ESET experts offer their reflections on what the continued blurring of boundaries between different spheres of life means for our human and social experience – and especially our cybersecurity and privacy The future isn’t what it used to be. This adage, if a little trite, has taken on a whole new meaning after our lives

The group’s proprietary backdoor LODEINFO delivers additional malware, exfiltrates credentials, and steals documents and emails This week, the ESET research team published their findings about a spearphishing campaign that the Chinese-speaking threat actor MirrorFace launched in Japan and that mainly focused on members of a specific Japanese political party. The campaign – which ESET Research

The time has come for your child to receive their first smartphone. Before handing it over, however, make sure to help them use their new gadget safely and responsibly. Choosing the right holiday gift(s) for your children can be nerve-racking, perhaps doubly so if you’re choosing it for your pre-teen. It’s at that age when

Holiday travel is back with a vengeance this year. Set yourself up for a cyber-safe and hassle-free trip with our checklist. You’ve successfully avoided all sorts of shopping scams while hunting for bargains this holiday season, and now the time has come to drive, fly or take a train home for Christmas. You’re taking time

ESET researchers discovered a spearphishing campaign targeting Japanese political entities a few weeks before the House of Councillors elections, and in the process uncovered a previously undescribed MirrorFace credential stealer ESET researchers discovered a spearphishing campaign, launched in the weeks leading up to the Japanese House of Councillors election in July 2022, by the APT

Think outside the (gift) box. Here are a few ideas for security and privacy gifts to get for your relatives – or even for yourself. Some don’t cost a penny! Thanks to a decade or more of big-name data breaches, global privacy scandals and consumer rights legislation like the GDPR, we’re all more aware of

ESET researchers uncover a new wiper and its execution tool, both attributed to the Iran-aligned Agrius APT group This week, ESET researchers published their findings about a new wiper, Agrius, and its execution tool, Sandals, both attributed to the Iran-aligned Agrius APT group. The researchers discovered the malicious tool while analyzing a supply-chain attack that

Xenomorph pilfers victims’ login credentials for banking, payment, social media, cryptocurrency and other apps with valuable data More than 50,000 Android devices were compromised with an Android banking trojan called Xenomorph earlier this year. First reported by ThreatFabric, Xenomorph posed as a system-optimizing app called “Fast Cleaner”. Disguising malicious software as device optimizers, battery- or performance-enhancing and

ESET researchers analyzed a supply-chain attack abusing an Israeli software developer to deploy Fantasy, Agrius’s new wiper, with victims including the diamond industry ESET researchers discovered a new wiper and its execution tool, both attributed to the Agrius APT group, while analyzing a supply-chain attack abusing an Israeli software developer. The group is known for

Forget pests for a minute. Modern farms also face another – and more insidious – breed of threat. While I was in the UK police force and part of the National Cyber Crime Unit in 2018, I was asked to give a talk on cybersecurity at a National Farmers’ Union (NFU) meeting in southern England.

Deployed against carefully selected targets, the new backdoor combs through the drives of compromised systems for files of interest before exfiltrating them to Google Drive This week, ESET researchers published their analysis of a previously undocumented backdoor that the ScarCruft APT group has used against carefully selected targets. ScarCruft is an espionage group that has

With the rapidly rising energy prices putting a strain on many households, what are some quick wins to help reduce the power consumption of your gadgets? This time last year few of us were concerned about how much energy we used. Even fewer probably bothered to check how much we were spending annually. That calculus

ESET researchers uncover Dolphin, a sophisticated backdoor extending the arsenal of the ScarCruft APT group ESET researchers have analyzed a previously unreported backdoor used by the ScarCruft APT group. The backdoor, which we named Dolphin, has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and

ESET researchers spot a new ransomware campaign that goes after Ukrainian organizations and has Sandworm’s fingerprints all over it The ESET research team has spotted a new wave of ransomware attacks taking aim at multiple organizations in Ukraine and bearing the hallmarks of other campaigns previously unleashed by the Sandworm APT group. Even though the