The recent compromise of the networks of several companies via the abuse of a remote access tool used by MSPs exemplifies why state-aligned threat actors should be on the radars of IT service providers
Donβt torture people with exceedingly complex password composition rules but do blacklist commonly used passwords, plus other ways to help people help themselves β and your entire organization
The importance of understanding β and prioritizing β the privacy and security implications of large language models like ChatGPT cannot be overstated
As all things (wrongly called) AI take the worldβs biggest security event by storm, we round up of some of their most-touted use cases and applications
ESET Research uncovers a campaign by the APT group known as Evasive Panda targeting an international NGO in China with malware delivered through updates of popular Chinese software
Similarities with newly discovered Linux malware used in Operation DreamJob corroborate the theory that the infamous North Korea-aligned group is behind the 3CX supply-chain attack
Microsoft releases guidance on how organizations can check their systems for the presence of BlackLotus, a powerful threat first analyzed by ESET researchers
The much-dreaded writerβs block isnβt the only threat that may derail your progress. Are you doing enough to keep your blog (and your livelihood) safe from online dangers?
Some sectors have high confidence in their in-house cybersecurity expertise, while others prefer to enlist the support of an external provider to keep their systems and data secured
Ballistic Bobcat is a suspected Iran-aligned cyberespionage group that targets organizations in various industry verticals, as well as human rights activists and journalists, mainly in Israel, the Middle East, and the United States
Do you know what types of scams and other fakery you should look out for when using a platform that once billed itself as βthe front page of the Internetβ?
The update to X's privacy policy has sparked some questions among privacy and security folks, including how long X will retain users' biometric information and how the data will be stored and secured
Phishing emails are a weapon of choice for criminals intent on stealing peopleβs personal data and planting malware on their devices. The healing process does not end with antivirus scanning.
ESET research uncovers active campaigns targeting Android users and spreading espionage code through the Google Play store, Samsung Galaxy Store and dedicated websites
If you want to try to enter the world of VPNs with a small dip, then iCloud Private Relay is your friend β but is it a true VPN service? The devil is in the details.
ESET researchers have discovered active campaigns linked to the China-aligned APT group known as GREF, distributing espionage code that has previously targeted Uyghurs
The AI race is on! Itβs easy to lose track of the latest developments and possibilities, and yet everyone wants to see firsthand what the hype is about. Heydays for cybercriminals!
DEF CON, the annual hacker convention in Las Vegas, was interrupted on Saturday evening when authorities evacuated the event's venue due to a bomb threat
Unsurprisingly, artificial intelligence took the center stage at this year's edition of Black Hat, one of the world's largest gatherings of cybersecurity professionals
Listen as ESET's Director of Threat Research Jean-Ian Boutin unravels the tactics, techniques and procedures of MoustachedBouncer, an APT group taking aim at foreign embassies in Belarus
Long-term espionage against diplomats, leveraging email-based C&C protocols, C++ modular backdoors, and adversary-in-the-middle (AitM) attacks⦠Sounds like the infamous Turla? Think again!
Gamers and cybersecurity professionals have something in common β the ever-terrible presence of hacking, scams, and data theft β but how and why would anyone want to target gamers?
Browser fingerprinting is supposedly a more privacy-conscious tracking method, replacing personal information with more general data. But is it a valid promise?
With powerful AI, it doesnβt take much to fake a person virtually, and while there are some limitations, voice-cloning can have some dangerous consequences.
Bills granting access to end-to-end encrypted systems, opportunity for cybercriminals, abuse by authority, human rights, and tech companies leaving the UK?
Responses generated by ChatGPT about individual people could be misleading or harmful or spill their personal information. What are the takeaways for you as a ChatGPT user?
There is a significant secondary marketplace where tickets can sell for several times their original value, opening the opportunity for scammers and fraud
Here's how cybercriminals have adjusted their tactics in response to Microsoft's stricter security policies, plus other interesting findings from ESET's new Threat Report