Cyber Security

Here are some of the key insights on the evolving data breach landscape as revealed by Verizon’s analysis of more than 16,000 incidents Contrary to common perception, small and medium-sized businesses (SMBs) are often the target of cyberattacks. That’s understandable, as in the US and UK, they comprise over 99% of businesses, a majority of

The growing use of synthetic media and difficulties in distinguishing between real and fake content raises a slew of legal and ethical questions The news cycle is awash with articles about (what’s not always rightly called) artificial intelligence – some good, some bad, and some ugly. The fact that some individuals are using readily available

While employee monitoring software may boost productivity, it may also be a potential privacy minefield and it can affect your relationship with your employees Things may not always run smoothly in the workplace and bosses and workers may not always see eye to eye on many things. But there may be another “threat” in town:

The beginning of the summer break is the perfect time for parents to remind their children about the importance of safe online habits The sun’s out, and so is school. But despite our best efforts, the chances are that our children will spend the coming summer holiday period glued to their devices. Depending on their

Cybercriminals can use USB charging stations in airports, hotels, malls or other public spaces as conduits for malware Over the past 10-plus years, modern smartphones and other portable devices have become our constant companions. These days, smartphones let us do much more than make phone calls or send text messages. Mobile technology puts the world

The US government has now announced a bounty of $10 million for intel linking the Cl0p ransomware gang to a foreign government The US government is now offering a $10 million reward for information linking the Cl0p ransomware gang or other threat actors targeting US critical infrastructure to a foreign government. This is after Cl0p

A primer on how to use this powerful tool for uncovering and connecting information from publicly available sources It’s a truism that personal data is a valuable asset for cybercriminals, as it allows them to tailor and otherwise improve their phishing and other social engineering attacks. The wealth and variety of personal data that is

From bogus free trips to fake rental homes, here are some of the most common online threats you should look out for both before and during your travels As the mercury rises and we look forward to vacationing in sunnier climbs, it’s also time to keep one eye peeled for internet scams and cyberthreats. Travel

With passkeys poised for prime time, passwords seem passé. What are the main benefits of ditching one in favor of the other? Chances are good that many of us have had enough of passwords. In a world where we have to manage access for scores of online accounts, passwords no longer seem fit for purpose.

ESET researchers analyzed an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can receive commands to delete files ESET researchers have identified an updated version of Android GravityRAT spyware being distributed as the messaging apps BingeChat and Chatico. GravityRAT is a remote access tool known to be used since at least

Strategies for stopping and responding to cyberbullying require a concerted, community-wide effort involving parents, educators and children themselves Bullying of any kind can have a devastating impact on the victim’s well-being and life. Physical bullying, also known as face-to-face or in-person bullying, is still an issue in schools, with many researchers saying that its long-term

Could your Android phone be home to a remote access tool (RAT) that steals WhatsApp backups or performs other shenanigans? Could your Android phone be home to a remote access tool (RAT) that steals WhatsApp backups? This week, ESET researchers revealed how an updated version of Android GravityRAT spyware is being spread as free messaging

While not a ‘get out of jail free card’ for your business, cyber insurance can help insulate it from the financial impact of a cyber-incident Cyber risk is on the rise as the combined impact of surging threat levels, expanding attack surfaces and security skills shortages are putting organizations at a disadvantage. Faced with an

A curious case of a threat actor at the border between crimeware and cyberespionage Asylum Ambuscade is a cybercrime group that has been performing cyberespionage operations on the side. They were first publicly outed in March 2022 by Proofpoint researchers after the group targeted European government staff involved in helping Ukrainian refugees, just a few

A crimeware group that usually targets individuals and SMBs in North America and Europe adds cyberespionage to its activities It’s rather rare to find a cybercrime group that ventures into cyberespionage, which alone makes new ESET research all the more interesting. According to ESET experts, a cybercrime group known as Asylum Ambuscade – which usually

Plus, 7 ways to tell that you downloaded a sketchy app and 7 tips for staying safe from mobile security threats in the future You’ve just downloaded a new mobile game, cryptocurrency wallet, or fitness app, but something isn’t right. Your phone’s screen is swamped by annoying ads, the app is not doing what you

How  your voice assistant could do the bidding of a hacker – without you ever hearing a thing Regular WeLiveSecurity readers won’t be stunned to read that cyberattacks and their methods keep evolving as bad actors continue to enhance their repertoire. It’s also become a common refrain that as security vulnerabilities are found and patched

Given the reliance of today’s digital world on APIs and the fact that attacks targeting them continue to rise sharply, API security cannot be an afterthought. Given the increasing reliance of today’s digital world on APIs and the fact that cyberattacks targeting them continue to rise sharply, API security cannot be an afterthought. Here is

A peek under the hood of a cybercrime operation and what you can do to avoid being an easy target for similar ploys They hacked into corporate emails, stole money from people and businesses, and tricked others into transferring the loot. Nigerian nationals Solomon Ekunke Okpe and Johnson Uke Obogo ran a sophisticated fraud scheme

As APIs are a favorite target for threat actors, the challenge of securing the glue that holds various software elements together is taking on increasing urgency The application programming interface (API) is an unsung hero of the digital revolution. It provides the glue that sticks together diverse software components in order to create new user

A roundup of some of the handiest tools for the collection and analysis of publicly available data from Twitter, Facebook and other social media platforms Social media sites are a near-bottomless source of information that almost anyone can use for security and intelligence research, as well as for marketing campaigns. The platforms allow anybody to

ESET research uncovers an Android app that initially had no harmful features but months later turned into a spying tool This week, ESET malware researcher Lukas Stefanko revealed how an initially legitimate Android app morphed into a malicious trojan that could steal users’ files and record surrounding audio from the device’s microphone and then exfiltrate

ESET researchers reveal details about a prevalent cryptor, operating as a cryptor-as-a-service used by tens of malware families In this blogpost we examine the operation of AceCryptor, originally documented by Avast. This cryptor has been around since 2016 and because – throughout its existence – it has been used to pack tens of malware families,

Nobody wants to spend their time dealing with the fallout of a security incident instead of building up their business Approximately one in seven people in Europe and the United States are self-employed, often realizing their dream to be in charge of their own destiny and having more freedom and control over their careers. But

ESET researchers discover AhRat – a new Android RAT based on AhMyth – that exfiltrates files and records audio ESET researchers have discovered a trojanized Android app that had been available on the Google Play store with over 50,000 installs. The app, named iRecorder – Screen Recorder, was initially uploaded to the store without malicious

Don’t download software from non-reputable websites and sketchy links – you might be in for more than you bargained for Chances are good that you have, at some point, searched for free stuff online, including software, movies, TV shows, or live streams of sports matches. But the truth is that this search for “free” may

A roundup of some of the handiest tools that security professionals can use to search for and monitor devices that are accessible from the internet Internet security is a constant concern for technology and cybersecurity professionals. With the ever-increasing number of online devices and services, it is important to have a clear and accurate view

Before rushing to embrace the LLM-powered “hire”, make sure your organization has safeguards in place to avoid putting its business and customer data at risk Chatbots powered by large language models (LLMs) are not just the world’s new favorite pastime. The technology is increasingly being recruited to boost workers’ productivity and efficiency, and given its

Why do people still download files from sketchy places and get compromised as a result? One of the pieces of advice that security practitioners have been giving out for the past couple of decades, if not longer, is that you should only download software from reputable sites. As far as computer security advice goes, this

As the war shows no signs of ending and cyber-activity by states and criminal groups remains high, conversations around the cyber-resilience of critical infrastructure have never been more vital A number of security practitioners, policymakers, law enforcement professionals and other experts from various countries gathered in Warsaw, Poland, on May 10th, 2023, to discuss how