- How Lazarus impersonated Meta to attack a target in Spain – Week in security with Tony Anscombeon September 29, 2023 at 1:00 pm
During the attack, the group deployed several tools, most notably a newly-discovered sophisticated backdoor that ESET named LightlessCan
- Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace companyon September 29, 2023 at 9:30 am
While analyzing a Lazarus attack luring employees of an aerospace company, ESET researchers discovered a publicly undocumented backdoor
- 5 of the top programming languages for cybersecurityon September 27, 2023 at 9:30 am
While far from all roles in security explicitly demand coding skills, it’s challenging to envision a career in this field that wouldn’t derive substantial advantages from at least a basic understanding of fundamental coding principles
- Can open-source software be secure?on September 26, 2023 at 9:31 am
Or, is mass public meddling just opening the door for problems? And how does open-source software compare to proprietary software in terms of security?
- ESET's cutting-edge threat research at LABScon – Week in security with Tony Anscombeon September 22, 2023 at 9:42 pm
Two ESET malware researchers took to the LABScon stage this year to deconstruct sophisticated attacks conducted by two well-known APT groups
- Stealth Falcon preying over Middle Eastern skies with Deadglyphon September 22, 2023 at 9:01 pm
ESET researchers have discovered Deadglyph, a sophisticated backdoor used by the infamous Stealth Falcon group for espionage in the Middle East
- OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipeson September 21, 2023 at 6:30 pm
ESET researchers document OilRig’s Outer Space and Juicy Mix campaigns, targeting Israeli organizations in 2021 and 2022
- 10 tips to ace your cybersecurity job interviewon September 18, 2023 at 9:30 am
Once you’ve made it past the initial screening process and secured that all-important interview, it’s time to seal the deal. These 10 tips will put you on the right track.
- Ballistic Bobcat's Sponsor backdoor – Week in security with Tony Anscombeon September 14, 2023 at 2:01 pm
Ballistic Bobcat is a suspected Iran-aligned cyberespionage group that targets organizations in various industry verticals, as well as human rights activists and journalists, mainly in Israel, the Middle East, and the United States
- Read it right! How to spot scams on Redditon September 13, 2023 at 9:31 am
Do you know what types of scams and other fakery you should look out for when using a platform that once billed itself as “the front page of the Internet”?
- ESET Research Podcast: Sextortion, digital usury and SQL brute-forceon September 12, 2023 at 9:31 am
Closing intrusion vectors force cybercriminals to revisit old attack avenues, but also to look for new ways to attack their victims
- Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike backdooron September 11, 2023 at 9:30 am
ESET Research uncovers the Sponsoring Access campaign, which utilizes an undocumented Ballistic Bobcat backdoor we have named Sponsor
- Will you give X your biometric data? – Week in security with Tony Anscombeon September 8, 2023 at 9:22 am
The update to X's privacy policy has sparked some questions among privacy and security folks, including how long X will retain users' biometric information and how the data will be stored and secured
- Staying ahead of threats: 5 cybercrime trends to watchon September 6, 2023 at 9:31 am
New reports from Europol and the UK’s National Crime Agency (NCA) shed a light on how the battle against cybercrime is being fought
- Getting off the hook: 10 steps to take after clicking on a phishing linkon September 4, 2023 at 9:30 am
Phishing emails are a weapon of choice for criminals intent on stealing people’s personal data and planting malware on their devices. The healing process does not end with antivirus scanning.
- Fake Signal and Telegram apps – Week in security with Tony Anscombeon August 31, 2023 at 1:10 pm
ESET research uncovers active campaigns targeting Android users and spreading espionage code through the Google Play store, Samsung Galaxy Store and dedicated websites
- What you need to know about iCloud Private Relayon August 31, 2023 at 9:30 am
If you want to try to enter the world of VPNs with a small dip, then iCloud Private Relay is your friend — but is it a true VPN service? The devil is in the details.
- BadBazaar espionage tool targets Android users via trojanized Signal and Telegram appson August 30, 2023 at 9:30 am
ESET researchers have discovered active campaigns linked to the China-aligned APT group known as GREF, distributing espionage code that has previously targeted Uyghurs
- Recovering from a supply-chain attack: What are the lessons to learn from the 3CX hack?on August 28, 2023 at 9:30 am
The campaign started with a trojanized version of unsupported financial software
- How a Telegram bot helps scammers target victims – Week in security with Tony Anscombeon August 25, 2023 at 1:53 pm
ESET researchers uncover a Telegram bot that enables even less tech-savvy scammers to defraud people out of their money