FreshRSS

πŸ”’
☐ β˜† βœ‡ WeLiveSecurity

DinodasRAT used against governmental entity in Guayana – Week in security with Tony Anscombe

October 6th 2023 at 12:15
The backdoor can exfiltrate files, manipulate Windows registry keys, and execute commands that are capable of performing various actions on a victim’s machine
☐ β˜† βœ‡ WeLiveSecurity

Fake friends and followers on social media – and how to spot them

October 6th 2023 at 09:30
One of the biggest threats to watch out for on social media is fraud perpetrated by people who aren’t who they claim to be. Here’s how to recognize them.
☐ β˜† βœ‡ WeLiveSecurity

Operation Jacana: Foundling hobbits in Guyana

October 5th 2023 at 09:30
ESET researchers discovered a cyberespionage campaign against a governmental entity in Guyana
☐ β˜† βœ‡ WeLiveSecurity

Playing your part in building a safer digital world: Why cybersecurity matters

October 3rd 2023 at 09:30
In an increasingly complex and interconnected digital landscape, personal cybersecurity empowers you to protect your data, privacy and digital well-being
☐ β˜† βœ‡ WeLiveSecurity

How Lazarus impersonated Meta to attack a target in Spain – Week in security with Tony Anscombe

September 29th 2023 at 13:00
During the attack, the group deployed several tools, most notably a newly-discovered sophisticated backdoor that ESET named LightlessCan
☐ β˜† βœ‡ WeLiveSecurity

Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company

September 29th 2023 at 09:30
While analyzing a Lazarus attack luring employees of an aerospace company, ESET researchers discovered a publicly undocumented backdoor
☐ β˜† βœ‡ WeLiveSecurity

5 of the top programming languages for cybersecurity

September 27th 2023 at 09:30
While far from all roles in security explicitly demand coding skills, it’s challenging to envision a career in this field that wouldn’t derive substantial advantages from at least a basic understanding of fundamental coding principles
☐ β˜† βœ‡ WeLiveSecurity

Can open-source software be secure?

September 26th 2023 at 09:31
Or, is mass public meddling just opening the door for problems? And how does open-source software compare to proprietary software in terms of security?
☐ β˜† βœ‡ WeLiveSecurity

ESET's cutting-edge threat research at LABScon – Week in security with Tony Anscombe

September 22nd 2023 at 21:42
Two ESET malware researchers took to the LABScon stage this year to deconstruct sophisticated attacks conducted by two well-known APT groups
☐ β˜† βœ‡ WeLiveSecurity

Stealth Falcon preying over Middle Eastern skies with Deadglyph

September 22nd 2023 at 21:01
ESET researchers have discovered Deadglyph, a sophisticated backdoor used by the infamous Stealth Falcon group for espionage in the Middle East
☐ β˜† βœ‡ WeLiveSecurity

OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes

September 21st 2023 at 18:30
ESET researchers document OilRig’s Outer Space and Juicy Mix campaigns, targeting Israeli organizations in 2021 and 2022
☐ β˜† βœ‡ WeLiveSecurity

10 tips to ace your cybersecurity job interview

September 18th 2023 at 09:30
Once you’ve made it past the initial screening process and secured that all-important interview, it’s time to seal the deal. These 10 tips will put you on the right track.
☐ β˜† βœ‡ WeLiveSecurity

Ballistic Bobcat's Sponsor backdoor – Week in security with Tony Anscombe

September 14th 2023 at 14:01
Ballistic Bobcat is a suspected Iran-aligned cyberespionage group that targets organizations in various industry verticals, as well as human rights activists and journalists, mainly in Israel, the Middle East, and the United States
☐ β˜† βœ‡ WeLiveSecurity

Read it right! How to spot scams on Reddit

September 13th 2023 at 09:31
Do you know what types of scams and other fakery you should look out for when using a platform that once billed itself as β€œthe front page of the Internet”?
☐ β˜† βœ‡ WeLiveSecurity

ESET Research Podcast: Sextortion, digital usury and SQL brute-force

September 12th 2023 at 09:31
Closing intrusion vectors force cybercriminals to revisit old attack avenues, but also to look for new ways to attack their victims
☐ β˜† βœ‡ WeLiveSecurity

Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike backdoor

September 11th 2023 at 09:30
ESET Research uncovers the Sponsoring Access campaign, which utilizes an undocumented Ballistic Bobcat backdoor we have named Sponsor
☐ β˜† βœ‡ WeLiveSecurity

Will you give X your biometric data? – Week in security with Tony Anscombe

September 8th 2023 at 09:22
The update to X's privacy policy has sparked some questions among privacy and security folks, including how long X will retain users' biometric information and how the data will be stored and secured
☐ β˜† βœ‡ WeLiveSecurity

Staying ahead of threats: 5 cybercrime trends to watch

September 6th 2023 at 09:31
New reports from Europol and the UK’s National Crime Agency (NCA) shed a light on how the battle against cybercrime is being fought
☐ β˜† βœ‡ WeLiveSecurity

Getting off the hook: 10 steps to take after clicking on a phishing link

September 4th 2023 at 09:30
Phishing emails are a weapon of choice for criminals intent on stealing people’s personal data and planting malware on their devices. The healing process does not end with antivirus scanning.
☐ β˜† βœ‡ WeLiveSecurity

Fake Signal and Telegram apps – Week in security with Tony Anscombe

August 31st 2023 at 13:10
ESET research uncovers active campaigns targeting Android users and spreading espionage code through the Google Play store, Samsung Galaxy Store and dedicated websites
☐ β˜† βœ‡ WeLiveSecurity

What you need to know about iCloud Private Relay

August 31st 2023 at 09:30
If you want to try to enter the world of VPNs with a small dip, then iCloud Private Relay is your friend β€” but is it a true VPN service? The devil is in the details.
☐ β˜† βœ‡ WeLiveSecurity

BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps

August 30th 2023 at 09:30
ESET researchers have discovered active campaigns linked to the China-aligned APT group known as GREF, distributing espionage code that has previously targeted Uyghurs
☐ β˜† βœ‡ WeLiveSecurity

Recovering from a supply-chain attack: What are the lessons to learn from the 3CX hack?

August 28th 2023 at 09:30
The campaign started with a trojanized version of unsupported financial software
☐ β˜† βœ‡ WeLiveSecurity

How a Telegram bot helps scammers target victims – Week in security with Tony Anscombe

August 25th 2023 at 13:53
ESET researchers uncover a Telegram bot that enables even less tech-savvy scammers to defraud people out of their money
☐ β˜† βœ‡ WeLiveSecurity

Telekopye: Hunting Mammoths using Telegram bot

August 24th 2023 at 09:30
Analysis of Telegram bot that helps cybercriminals scam people on online marketplaces
☐ β˜† βœ‡ WeLiveSecurity

Scarabs colon-izing vulnerable servers

August 22nd 2023 at 09:30
Analysis of Spacecolon, a toolset used to deploy Scarab ransomware on vulnerable servers, and its operators, CosmicBeetle
☐ β˜† βœ‡ WeLiveSecurity

A Bard’s Tale – how fake AI bots try to install malware

August 21st 2023 at 09:31
The AI race is on! It’s easy to lose track of the latest developments and possibilities, and yet everyone wants to see firsthand what the hype is about. Heydays for cybercriminals!
☐ β˜† βœ‡ WeLiveSecurity

Evacuation of 30,000 hackers – Week in security with Tony Anscombe

August 18th 2023 at 09:54
DEF CON, the annual hacker convention in Las Vegas, was interrupted on Saturday evening when authorities evacuated the event's venue due to a bomb threat
☐ β˜† βœ‡ WeLiveSecurity

DEF CON 31: US DoD urges hackers to go and hack β€˜AI’

August 18th 2023 at 09:31
The limits of current AI need to be tested before we can rely on their output
☐ β˜† βœ‡ WeLiveSecurity

Mass-spreading campaign targeting Zimbra users

August 17th 2023 at 09:54
ESET researchers have observed a new phishing campaign targeting users of the Zimbra Collaboration email server.
☐ β˜† βœ‡ WeLiveSecurity

DEF CON 31: Robot vacuums may be doing more than they claim

August 16th 2023 at 09:35
When it comes to privacy, it remains complicated and near impossible for a consumer to make an informed decision.
☐ β˜† βœ‡ WeLiveSecurity

Black Hat 2023: Hacking the police (at least their radios)

August 15th 2023 at 09:30
Hiding behind a black box and hoping no one will hack it has been routinely proven to be unwise and less secure.
☐ β˜† βœ‡ WeLiveSecurity

Black Hat 2023: How AI changes the monetization of search

August 14th 2023 at 12:30
Search engines, AI, and monetization in the new era
☐ β˜† βœ‡ WeLiveSecurity

Black Hat 2023: AI gets big defender prize money

August 14th 2023 at 09:30
Black Hat is big on AI this year, and for a good reason
☐ β˜† βœ‡ WeLiveSecurity

Black Hat 2023: β€˜Teenage’ AI not enough for cyberthreat intelligence

August 12th 2023 at 15:12
Current LLMs are just not mature enough for high-level tasks
☐ β˜† βœ‡ WeLiveSecurity

20k security folks in the desert – Week in security with Tony Anscombe

August 11th 2023 at 11:38
Unsurprisingly, artificial intelligence took the center stage at this year's edition of Black Hat, one of the world's largest gatherings of cybersecurity professionals
☐ β˜† βœ‡ WeLiveSecurity

Black Hat 2023: Cyberwar fire-and-forget-me-not

August 11th 2023 at 09:29
What happens to cyberweapons after a cyberwar?
☐ β˜† βœ‡ WeLiveSecurity

ESET Research Podcast: Unmasking MoustachedBouncer

August 10th 2023 at 19:49
Listen as ESET's Director of Threat Research Jean-Ian Boutin unravels the tactics, techniques and procedures of MoustachedBouncer, an APT group taking aim at foreign embassies in Belarus
☐ β˜† βœ‡ WeLiveSecurity

MoustachedBouncer: Espionage against foreign diplomats in Belarus

August 10th 2023 at 09:03
Long-term espionage against diplomats, leveraging email-based C&C protocols, C++ modular backdoors, and adversary-in-the-middle (AitM) attacks… Sounds like the infamous Turla? Think again!
☐ β˜† βœ‡ WeLiveSecurity

Time is money, and online game scammers have lots of it

August 7th 2023 at 09:20
Gamers and cybersecurity professionals have something in common – the ever-terrible presence of hacking, scams, and data theft – but how and why would anyone want to target gamers?
☐ β˜† βœ‡ WeLiveSecurity

Check cybersecurity pre-invest – Week in security with Tony Anscombe

August 4th 2023 at 10:52
When you invest in a company, do you check its cybersecurity? The U.S. Securities and Exchange Commission has adopted new cybersecurity rules.
☐ β˜† βœ‡ WeLiveSecurity

Fingerprints all over: Can browser fingerprinting increase website security?

August 3rd 2023 at 09:25
Browser fingerprinting is supposedly a more privacy-conscious tracking method, replacing personal information with more general data. But is it a valid promise?
☐ β˜† βœ‡ WeLiveSecurity

The grand theft of Jake Moore’s voice: The concept of a virtual kidnap

August 2nd 2023 at 12:38
With powerful AI, it doesn’t take much to fake a person virtually, and while there are some limitations, voice-cloning can have some dangerous consequences.
☐ β˜† βœ‡ WeLiveSecurity

Quantum computing: Will it break crypto security within a few years?

August 1st 2023 at 09:32
Current cryptographic security methods watch out - quantum computing is coming for your lunch.
☐ β˜† βœ‡ WeLiveSecurity

Is backdoor access oppressive? – Week in security with Tony Anscombe

July 28th 2023 at 11:57
Bills granting access to end-to-end encrypted systems, opportunity for cybercriminals, abuse by authority, human rights, and tech companies leaving the UK?
☐ β˜† βœ‡ WeLiveSecurity

Gathering dust and data: How robotic vacuums can spy on you

July 26th 2023 at 10:40
Mitigate the risk of data leaks with a careful review of the product and the proper settings.
☐ β˜† βœ‡ WeLiveSecurity

Dear all, What are some common subject lines in phishing emails?

July 25th 2023 at 09:30
Scammers exploit current ongoing events, account notifications, corporate communication, and a sense of urgency.
☐ β˜† βœ‡ WeLiveSecurity

What happens if AI is wrong? – Week in security with Tony Anscombe

July 21st 2023 at 12:15
Responses generated by ChatGPT about individual people could be misleading or harmful or spill their personal information. What are the takeaways for you as a ChatGPT user?
☐ β˜† βœ‡ WeLiveSecurity

8 common work-from-home scams to avoid

July 20th 2023 at 09:00
That β€˜employer’ you’re speaking to may in reality be after your personal information, your money or your help with their illegal activities
☐ β˜† βœ‡ WeLiveSecurity

Child identity theft: how do I keep my kids’ personal data safe?

July 19th 2023 at 09:30
Why is kids’ personal information in high demand, how do criminals steal it, and what can parents do to help prevent child identity theft?
☐ β˜† βœ‡ WeLiveSecurity

Protect yourself from ticketing scams ahead of the Premier League Summer Series USA Tour

July 18th 2023 at 09:30
There is a significant secondary marketplace where tickets can sell for several times their original value, opening the opportunity for scammers and fraud
☐ β˜† βœ‡ WeLiveSecurity

Key findings from ESET Threat Report H1 2023 – Week in security with Tony Anscombe

July 14th 2023 at 13:30
Here's how cybercriminals have adjusted their tactics in response to Microsoft's stricter security policies, plus other interesting findings from ESET's new Threat Report
☐ β˜† βœ‡ WeLiveSecurity

The danger within: 5 steps you can take to combat insider threats

July 13th 2023 at 09:30
Some threats may be closer than you think. Are security risks that originate from your own trusted employees on your radar?
☐ β˜† βœ‡ WeLiveSecurity

ESET Research Podcast: Finding the mythical BlackLotus bootkit

July 12th 2023 at 11:30
Here's a story of how an analysis of a supposed game cheat turned into the discovery of a powerful UEFI threat
☐ β˜† βœ‡ WeLiveSecurity

ESET Threat Report H1 2023

July 11th 2023 at 11:30
A view of the H1 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
☐ β˜† βœ‡ WeLiveSecurity

Emotet: sold or on vacation? – Week in security with Tony Anscombe

July 7th 2023 at 13:00
Originally a banking trojan, Emotet later evolved into a full-blown botnet and went on to become one of the most dangerous cyberthreats worldwide
☐ β˜† βœ‡ WeLiveSecurity

What’s up with Emotet?

July 6th 2023 at 11:30
A brief summary of what happened with Emotet since its comeback in November 2021
☐ β˜† βœ‡ WeLiveSecurity

Deepfaking it: What to know about deepfake-driven sextortion schemes

July 4th 2023 at 11:30
Criminals increasingly create deepfake nudes from people’s benign public photos in order to extort money from them, the FBI warns
☐ β˜† βœ‡ WeLiveSecurity

Verizon 2023 DBIR: What’s new this year and top takeaways for SMBs

July 3rd 2023 at 11:30
Here are some of the key insights on the evolving data breach landscape as revealed by Verizon’s analysis of more than 16,000 incidents
☐ β˜† βœ‡ WeLiveSecurity

The good, the bad and the ugly of AI – Week in security with Tony Anscombe

June 30th 2023 at 15:15
The growing use of synthetic media and the difficulties in distinguishing between real and fake content raise a slew of legal and ethical questions
❌