c 5 common Ticketmaster scams: How fraudsters steal the show By www.welivesecurity.com Published On :: Tue, 09 Jul 2024 09:30:00 +0000 Scammers gonna scam scam scam, so before hunting for your tickets to a Taylor Swift gig or other in-demand events, learn how to stop fraudsters from leaving a blank space in your bank account Full Article
c Social media and teen mental health – Week in security with Tony Anscombe By www.welivesecurity.com Published On :: Thu, 04 Jul 2024 14:31:24 +0000 Social media sites are designed to make their users come back for more. Do laws restricting children's exposure to addictive social media feeds have teeth or are they a political gimmick? Full Article
c HotPage: Story of a signed, vulnerable, ad-injecting driver By www.welivesecurity.com Published On :: Thu, 18 Jul 2024 09:30:00 +0000 A study of a sophisticated Chinese browser injector that leaves more doors open! Full Article
c Understanding IoT security risks and how to mitigate them | Unlocked 403 cybersecurity podcast (ep. 4) By www.welivesecurity.com Published On :: Wed, 10 Jul 2024 09:30:00 +0000 As security challenges loom large on the IoT landscape, how can we effectively counter the risks of integrating our physical and digital worlds? Full Article
c Should ransomware payments be banned? – Week in security with Tony Anscombe By www.welivesecurity.com Published On :: Fri, 12 Jul 2024 12:30:20 +0000 Blanket bans on ransomware payments are a much-debated topic in cybersecurity and policy circles. What are the implications of outlawing the payments, and would the ban be effective? Full Article
c Hello, is it me you’re looking for? How scammers get your phone number By www.welivesecurity.com Published On :: Mon, 15 Jul 2024 11:45:35 +0000 Your humble phone number is more valuable than you may think. Here’s how it could fall into the wrong hands – and how you can help keep it out of the reach of fraudsters. Full Article
c Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android By www.welivesecurity.com Published On :: Mon, 22 Jul 2024 09:00:00 +0000 ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos Full Article
c The complexities of cybersecurity update processes By www.welivesecurity.com Published On :: Fri, 19 Jul 2024 12:28:24 +0000 If a software update process fails, it can lead to catastrophic consequences, as seen today with widespread blue screens of death blamed on a bad update by CrowdStrike Full Article
c How a signed driver exposed users to kernel-level threats – Week in Security with Tony Anscombe By www.welivesecurity.com Published On :: Sun, 21 Jul 2024 07:24:11 +0000 A purported ad blocker marketed as a security solution leverages a Microsoft-signed driver that inadvertently exposes victims to dangerous threats Full Article
c Beyond the blue screen of death: Why software updates matter By www.welivesecurity.com Published On :: Fri, 19 Jul 2024 16:20:11 +0000 The widespread IT outages triggered by a faulty CrowdStrike update have put software updates in the spotlight. Here’s why you shouldn’t dread them. Full Article
c Building cyber-resilience: Lessons learned from the CrowdStrike incident By www.welivesecurity.com Published On :: Tue, 23 Jul 2024 12:23:39 +0000 Organizations, including those that weren’t struck by the CrowdStrike incident, should resist the temptation to attribute the IT meltdown to exceptional circumstances Full Article
c Phishing targeting Polish SMBs continues via ModiLoader By www.welivesecurity.com Published On :: Tue, 30 Jul 2024 09:00:00 +0000 ESET researchers detected multiple, widespread phishing campaigns targeting SMBs in Poland during May 2024, distributing various malware families Full Article
c Telegram for Android hit by a zero-day exploit – Week in security with Tony Anscombe By www.welivesecurity.com Published On :: Fri, 26 Jul 2024 11:57:23 +0000 Attackers abusing the EvilVideo vulnerability could share malicious Android payloads via Telegram channels, groups, and chats, all while making them appear as legitimate multimedia files Full Article
c The cyberthreat that drives businesses towards cyber risk insurance By www.welivesecurity.com Published On :: Wed, 31 Jul 2024 09:00:00 +0000 Many smaller organizations are turning to cyber risk insurance, both to protect against the cost of a cyber incident and to use the extensive post-incident services that insurers provide Full Article
c AI and automation reducing breach costs – Week in security with Tony Anscombe By www.welivesecurity.com Published On :: Fri, 02 Aug 2024 11:30:15 +0000 Organizations that leveraged AI and automation in security prevention cut the cost of a data breach by $2.22 million compared to those that didn't deploy these technologies Full Article
c Why tech-savvy leadership is key to cyber insurance readiness By www.welivesecurity.com Published On :: Wed, 07 Aug 2024 09:00:00 +0000 Having knowledgeable leaders at the helm is crucial for protecting the organization and securing the best possible cyber insurance coverage Full Article
c Top 6 Craigslist scams: Don’t fall for these tricks By www.welivesecurity.com Published On :: Mon, 12 Aug 2024 09:00:00 +0000 Here’s how to spot and dodge scams when searching for stuff on the classified ads website that offers almost everything under the sun Full Article
c Black Hat USA 2024: How cyber insurance is shaping cybersecurity strategies By www.welivesecurity.com Published On :: Thu, 08 Aug 2024 14:40:36 +0000 Cyber insurance is not only a safety net, but it can also be a catalyst for advancing security practices and standards Full Article
c Why scammers want your phone number By www.welivesecurity.com Published On :: Tue, 13 Aug 2024 09:00:00 +0000 Your phone number is more than just a way to contact you – scammers can use it to target you with malicious messages and even exploit it to gain access to your bank account or steal corporate data Full Article
c Black Hat USA 2024: All eyes on election security By www.welivesecurity.com Published On :: Fri, 09 Aug 2024 13:07:56 +0000 In this high-stakes year for democracy, the importance of robust election safeguards and national cybersecurity strategies cannot be understated Full Article
c Black Hat USA 2024 recap – Week in security with Tony Anscombe By www.welivesecurity.com Published On :: Fri, 09 Aug 2024 13:53:46 +0000 Unsurprisingly, many discussions revolved around the implications of the CrowdStrike outage, including the lessons it may have offered for bad actors Full Article
c Be careful what you pwish for – Phishing in PWA applications By www.welivesecurity.com Published On :: Tue, 20 Aug 2024 09:00:00 +0000 ESET analysts dissect a novel phishing method tailored to Android and iOS users Full Article
c The great location leak: Privacy risks in dating apps By www.welivesecurity.com Published On :: Mon, 12 Aug 2024 14:51:08 +0000 What if your favorite dating, social media or gaming app revealed your exact coordinates to someone you’d rather keep at a distance? Full Article
c NGate Android malware relays NFC traffic to steal cash By www.welivesecurity.com Published On :: Thu, 22 Aug 2024 09:00:00 +0000 Android malware discovered by ESET Research relays NFC data from victims’ payment cards, via victims’ mobile phones, to the device of a perpetrator waiting at an ATM Full Article
c How a BEC scam cost a company $60 million – Week in security with Tony Anscombe By www.welivesecurity.com Published On :: Fri, 16 Aug 2024 11:01:54 +0000 Business email compromise (BEC) has once again proven to be a costly issue, with a company losing $60 million in a wire transfer fraud scheme Full Article
c How regulatory standards and cyber insurance inform each other By www.welivesecurity.com Published On :: Wed, 21 Aug 2024 09:00:00 +0000 Should the payment of a ransomware demand be illegal? Should it be regulated in some way? These questions are some examples of the legal minefield that cybersecurity teams must deal with Full Article
c Exploring Android threats and ways to mitigate them | Unlocked 403 cybersecurity podcast (ep. 5) By www.welivesecurity.com Published On :: Mon, 26 Aug 2024 09:00:00 +0000 The world of Android threats is quite vast and intriguing. In this episode, Becks and Lukáš demonstrate how easy it is to take over your phone, with some added tips on how to stay secure Full Article
c Old devices, new dangers: The risks of unsupported IoT tech By www.welivesecurity.com Published On :: Tue, 27 Aug 2024 09:00:00 +0000 In the digital graveyard, a new threat stirs: Out-of-support devices becoming thralls of malicious actors Full Article
c PWA phishing on Android and iOS – Week in security with Tony Anscombe By www.welivesecurity.com Published On :: Fri, 23 Aug 2024 09:00:00 +0000 Phishing using PWAs? ESET Research's latest discovery might just ruin some users' assumptions about their preferred platform's security Full Article
c Analysis of two arbitrary code execution vulnerabilities affecting WPS Office By www.welivesecurity.com Published On :: Wed, 28 Aug 2024 09:00:00 +0000 Demystifying CVE-2024-7262 and CVE-2024-7263 Full Article
c The key considerations for cyber insurance: A pragmatic approach By www.welivesecurity.com Published On :: Wed, 04 Sep 2024 09:00:00 +0000 Would a more robust cybersecurity posture impact premium costs? Does the policy offer legal cover? These are some of the questions organizations should consider when reviewing their cyber insurance options Full Article
c In plain sight: Malicious ads hiding in search results By www.welivesecurity.com Published On :: Tue, 03 Sep 2024 09:00:00 +0000 Sometimes there’s more than just an enticing product offer hiding behind an ad Full Article
c Stealing cash using NFC relay – Week in Security with Tony Anscombe By www.welivesecurity.com Published On :: Wed, 28 Aug 2024 14:01:52 +0000 The discovery of the NGate malware by ESET Research is another example of how sophisticated Android threats have become Full Article
c CosmicBeetle steps up: Probation period at RansomHub By www.welivesecurity.com Published On :: Tue, 10 Sep 2024 09:00:00 +0000 CosmicBeetle, after improving its own ransomware, tries its luck as a RansomHub affiliate Full Article
c ESET Research Podcast: HotPage By www.welivesecurity.com Published On :: Thu, 05 Sep 2024 09:26:54 +0000 ESET researchers discuss HotPage, a recently discovered adware armed with a highest-privilege, yet vulnerable, Microsoft-signed driver Full Article
c Bitcoin ATM scams skyrocket – Week in security with Tony Anscombe By www.welivesecurity.com Published On :: Fri, 06 Sep 2024 10:25:42 +0000 The schemes disproportionately victimize senior citizens, as those aged 60 or over were more than three times as likely as younger adults to fall prey to the scams Full Article
c 6 common Geek Squad scams and how to defend against them By www.welivesecurity.com Published On :: Wed, 11 Sep 2024 09:00:00 +0000 Learn about the main tactics used by scammers impersonating Best Buy’s tech support arm and how to avoid falling for their tricks Full Article
c AI security bubble already springing leaks By www.welivesecurity.com Published On :: Mon, 16 Sep 2024 09:00:00 +0000 Artificial intelligence is just a spoke in the wheel of security – an important spoke but, alas, only one Full Article
c ESET Research Podcast: EvilVideo By www.welivesecurity.com Published On :: Tue, 17 Sep 2024 09:00:00 +0000 ESET researchers discuss how they uncovered a zero-day Telegram for Android exploit that allowed attackers to send malicious files posing as videos Full Article
c Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023 By www.welivesecurity.com Published On :: Thu, 26 Sep 2024 09:00:00 +0000 ESET Research has conducted a comprehensive technical analysis of Gamaredon’s toolset used to conduct its cyberespionage activities focused in Ukraine Full Article
c CosmicBeetle joins the ranks of RansomHub affiliates – Week in security with Tony Anscombe By www.welivesecurity.com Published On :: Fri, 13 Sep 2024 10:21:33 +0000 ESET researchers also find that CosmicBeetle attempts to exploit the notoriety of the LockBit ransomware gang to advance its own ends Full Article
c Understanding cyber-incident disclosure By www.welivesecurity.com Published On :: Wed, 18 Sep 2024 09:02:40 +0000 Proper disclosure of a cyber-incident can help shield your business from further financial and reputational damage, and cyber-insurers can step in to help Full Article
c Influencing the influencers | Unlocked 403 cybersecurity podcast (ep. 6) By www.welivesecurity.com Published On :: Thu, 19 Sep 2024 09:00:00 +0000 How do analyst relations professionals sort through the noise to help deliver the not-so-secret sauce for a company's success? We spoke with ESET's expert to find out. Full Article
c Time to engage: How parents can help keep their children safe on Snapchat By www.welivesecurity.com Published On :: Tue, 24 Sep 2024 09:00:00 +0000 Here’s what parents should know about Snapchat and why you should take some time to ensure your children can stay safe when using the app Full Article
c FBI, CISA warning over false claims of hacked voter data – Week in security with Tony Anscombe By www.welivesecurity.com Published On :: Fri, 20 Sep 2024 11:03:10 +0000 With just weeks to go before the US presidential election, the FBI and the CISA are warning about attempts to sow distrust in the electoral process Full Article
c Don’t panic and other tips for staying safe from scareware By www.welivesecurity.com Published On :: Wed, 25 Sep 2024 09:00:00 +0000 Keep your cool, arm yourself with the right knowledge, and other tips for staying unshaken by fraudsters’ scare tactics Full Article
c Cybersecurity Awareness Month needs a radical overhaul – it needs legislation By www.welivesecurity.com Published On :: Tue, 01 Oct 2024 09:00:00 +0000 Despite their benefits, awareness campaigns alone are not enough to encourage widespread adoption of cybersecurity best practices Full Article
c Gamaredon's operations under the microscope – Week in security with Tony Anscombe By www.welivesecurity.com Published On :: Fri, 27 Sep 2024 13:26:04 +0000 ESET research examines the group's malicious wares as used to spy on targets in Ukraine in the past two years Full Article
c Separating the bee from the panda: CeranaKeeper making a beeline for Thailand By www.welivesecurity.com Published On :: Wed, 02 Oct 2024 13:00:00 +0000 ESET Research details the tools and activities of a new China-aligned threat actor, CeranaKeeper, focusing on massive data exfiltration in Southeast Asia Full Article
c Why system resilience should mainly be the job of the OS, not just third-party applications By www.welivesecurity.com Published On :: Tue, 01 Oct 2024 13:00:00 +0000 Building efficient recovery options will drive ecosystem resilience Full Article