Cyber Security

It’s been 100 days since Russia invaded Ukraine, and we look back at various cyberattacks connected to the conflict On January 14th this year, a raid by Russian law enforcement authorities made headlines all over the world, as it resulted in the arrests of 14 members of the infamous Sodinokibi/REvil ransomware gang. The crackdown came

A review of the key trends that defined the threatscape in the first four months of 2022 and what these developments mean for your cyber-defenses As the ESET research team released its T1 2022 Threat Report this week, Tony reviews the key trends and developments that defined the threat landscape in the first four months

A view of the T 1 2022 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts After more than two years of shielding from a global pandemic, we get a ‘reward’: war! Several conflicts are raging in different parts of the world, but for us, this one

A 14-year-old shares his thoughts about technology and the potential privacy and security implications of the internet Talking to children and teenagers is not always an easy task – we’ve all been teens before, huh? When I first approached Xavier, 14, to talk about how he engages with the online world, I was quite concerned

Falsehoods about the war in Ukraine come in all shapes and sizes – here are a few examples of what’s in the fake news Manipulation, propaganda, lies and half-truths that even drive a wedge between relatives on either side of the Russia-Ukraine border – a war on truth is playing out on the digital front

New and exacerbated cyber-risks following Russia’s invasion of Ukraine are fueling a new urgency towards enhancing resilience Governments around the world are concerned about growing risks of cyberattacks against their critical infrastructure. Recently, the cybersecurity agencies of the countries comprising the ‘Five Eyes’ alliance warned of a possible rise in such attacks “as a response

As with everything digital, there’s someone, somewhere devising a method to steal the assets away from their rightful owners Are you an NFT investor? If so, watch out, there’s a scammer about! As with everything digital, there’s someone, somewhere devising a method to steal these assets away from their rightful owner. Watch the video to

Listen to Aryeh Goretsky, Martin Smolár, and Jean-Ian Boutin discuss what UEFI threats are capable of and what the ESPecter bootkit tells us about their evolution As Unified Extensible Firmware Interface (UEFI) replaced legacy BIOS as the leading technology embedded into chips of modern computers and devices, it became vital to the security of the

The landmark regulation changed everyone’s mindset on how companies worldwide collect and use the personal data of EU citizens It was May 25th, 2018, and the sun was certainly shining in many of the (then) 28 European Union member states. In the offices of many companies in (and often also outside) the EU, this was

As NFTs exploded in popularity, scammers also jumped on the hype. Watch out for counterfeit NFTs, rug pulls, pump-and-dumps and other common scams plaguing the industry. Looking back at 2012, colored coins were the first hint of what we now call non-fungible tokens (NFTs), or nifties for some. Ten years later, these blockhain-based assets that

ESET researchers spot an updated version of the malware loader used in the Industroyer2 and CaddyWiper attacks Sandworm, the APT group behind some of the world’s most disruptive cyberattacks, continues to update its arsenal for campaigns targeting Ukraine. The ESET research team has now spotted an updated version of the ArguePatch malware loader that was

When you hear the term ‘cryptocurrency’, does ‘secure’ also spring to mind? Here are some implications of the lack of sound security practices in the world of crypto. When you hear the term ‘cryptocurrency’, does ‘secure’ also immediately spring to mind? In this edition of Week in security, Tony examines several implications of the lack

Cybercriminals continue to mine for opportunities in the crypto space – here’s what you should know about coin-mining hacks and crypto theft Wherever you look these days, cryptocurrencies are in the news. And it’s not just because of the recent slump in their prices. Everybody seems to have grabbed a slice of the crypto pie

In the age of the perpetual news cycle and digital media, the risks that stem from the fake news problem are all too real Every day brings a deluge of news content that competes for our attention and spans everything from politics, health, sports, climate change to the war in Ukraine. The endless amount and

The decision to release a ransomware decryptor involves a delicate balancing act between helping victims recover their data and alerting criminals to errors in their code Ransomware – the security scourge of the modern, digital world – just keeps getting more dangerous. We’re educating users about what to do, but it’s hard to stay ahead

Can you spot the tell-tale signs of a phishing attempt and check if an email that has landed in your inbox is legit? Did you know that some 90 percent of successful cyberattacks start with a phishing email? This helps show why learning to recognize and avoid phishing attacks is such an important skill to

The ‘it won’t happen to me’ mindset leaves you unprepared – here are some common factors that put any of us at risk of online fraud Sometimes you need to say things that go without saying: The internet has revolutionized our lives, changing the way we work, learn, entertain ourselves and interact with each other.

What can organizations do to capitalize on the current fluidity in the job market and bring fresh cybersecurity talent into the fold? We all know there’s a cybersecurity skills shortage. Across the globe, the shortfall of talent is now measured in the millions. We’ve also all heard about the Great Resignation: a once-in-a-generation period of

LinkedIn scammers attack when we may be at our most vulnerable – here’s what to look out for and how to avoid falling victim to fraud when using the platform Job hunting is hard work, a kind of full-time job in itself. It requires focus and patience to go from one job posting to another

The conflict in Ukraine has highlighted the risks of cyberespionage attacks that typically involve Advanced Persistent Threat groups and often target organizations’ most valuable data The conflict in Ukraine has highlighted the risks of cyberespionage and sabotage, which typically involve Advanced Persistent Threat (APT) groups. In this special edition of Week in security, Tony looks

Here’s what you should know about some of the nastiest mobile malware – from malicious software that takes phones and data hostage to RATs that allow hackers to control devices remotely These days, the device in your pocket can do far more than call or send text messages. Your smartphone stores almost every aspect of

The bitter truth about how fraudsters dupe online daters in this new twist on romance fraud The world is a confusing and lonely place sometimes. Police and security experts have been out in force for years warning lonely hearts not to fall for the romance fraudsters whose schemes cost victims more than US$950 million in

Organizations need to get better at mitigating threats from unknown vulnerabilities, especially as both state-backed operatives and financially-motivated cybercriminals are increasing their activity Zero-day vulnerabilities have always had something of a special reputation in the cybersecurity space. These software bugs are exploited for attacks before the flaw is known to the software vendor and so

Here’s what you should know about FlowingFrog, LookingFrog and JollyFrog – the three teams making up the TA410 espionage umbrella group In this edition of Week in security, Tony looks at the latest ESET research that: provided a detailed overview of TA410, a cyberespionage umbrella group that targets entities in the government and education sectors

ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET. ESET researchers have documented and analyzed TA410 activity going back to 2019. TA410 is a cyberespionage umbrella group loosely linked to

BEC fraud generated more losses for victims than any other type of cybercrime in 2021. It’s long past time that organizations got a handle on these scams. The old adage of people being the weakest link in security is especially true when it comes to email threats. Here, cybercriminals can arguable generate their biggest “bang-for-buck”

Camfecting doesn’t ‘just’ invade your privacy – it could seriously impact your mental health and wellbeing. Here’s how to keep an eye on your laptop camera. Our 24/7 digital lives mean we’re increasingly sitting in front of a screen, whether that’s a laptop, a smartphone or another device. That usually means we’re also sitting in

Young people are not passive victims of technology or helpless addicts. They are technology creators and agents with diverse backgrounds and interests. When people hear that I study digital youth culture, I often get asked, “Is technology good or bad for kids?” My first struggle is to reframe the question. The question assumes technology is

Lessons from history and recent attacks on critical infrastructure throw into sharp relief the need to better safeguard our essential systems and services Just days ago, Ukraine’s power grid came under attack as the Sandworm group attempted to deploy a piece of malware called Industroyer2 against the operations of an energy supplier in the country.

Here’s what to know about vulnerabilities in more than 100 Lenovo consumer laptop models and what you can do right away to stay safe – all in under three minutes ESET researchers have released their findings about a trio of vulnerabilities that impact more than 100 Lenovo consumer laptop models with millions of users across the