c

5 common Ticketmaster scams: How fraudsters steal the show

Scammers gonna scam scam scam, so before hunting for your tickets to a Taylor Swift gig or other in-demand events, learn how to stop fraudsters from leaving a blank space in your bank account




c

Social media and teen mental health – Week in security with Tony Anscombe

Social media sites are designed to make their users come back for more. Do laws restricting children's exposure to addictive social media feeds have teeth or are they a political gimmick?




c

HotPage: Story of a signed, vulnerable, ad-injecting driver

A study of a sophisticated Chinese browser injector that leaves more doors open!




c

Understanding IoT security risks and how to mitigate them | Unlocked 403 cybersecurity podcast (ep. 4)

As security challenges loom large on the IoT landscape, how can we effectively counter the risks of integrating our physical and digital worlds?




c

Should ransomware payments be banned? – Week in security with Tony Anscombe

Blanket bans on ransomware payments are a much-debated topic in cybersecurity and policy circles. What are the implications of outlawing the payments, and would the ban be effective?




c

Hello, is it me you’re looking for? How scammers get your phone number

Your humble phone number is more valuable than you may think. Here’s how it could fall into the wrong hands – and how you can help keep it out of the reach of fraudsters.




c

Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android

ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos




c

The complexities of cybersecurity update processes

If a software update process fails, it can lead to catastrophic consequences, as seen today with widespread blue screens of death blamed on a bad update by CrowdStrike




c

How a signed driver exposed users to kernel-level threats – Week in Security with Tony Anscombe

A purported ad blocker marketed as a security solution leverages a Microsoft-signed driver that inadvertently exposes victims to dangerous threats




c

Beyond the blue screen of death: Why software updates matter

The widespread IT outages triggered by a faulty CrowdStrike update have put software updates in the spotlight. Here’s why you shouldn’t dread them.




c

Building cyber-resilience: Lessons learned from the CrowdStrike incident

Organizations, including those that weren’t struck by the CrowdStrike incident, should resist the temptation to attribute the IT meltdown to exceptional circumstances




c

Phishing targeting Polish SMBs continues via ModiLoader

ESET researchers detected multiple, widespread phishing campaigns targeting SMBs in Poland during May 2024, distributing various malware families




c

Telegram for Android hit by a zero-day exploit – Week in security with Tony Anscombe

Attackers abusing the EvilVideo vulnerability could share malicious Android payloads via Telegram channels, groups, and chats, all while making them appear as legitimate multimedia files




c

The cyberthreat that drives businesses towards cyber risk insurance

Many smaller organizations are turning to cyber risk insurance, both to protect against the cost of a cyber incident and to use the extensive post-incident services that insurers provide




c

AI and automation reducing breach costs – Week in security with Tony Anscombe

Organizations that leveraged AI and automation in security prevention cut the cost of a data breach by $2.22 million compared to those that didn't deploy these technologies




c

Why tech-savvy leadership is key to cyber insurance readiness

Having knowledgeable leaders at the helm is crucial for protecting the organization and securing the best possible cyber insurance coverage




c

Top 6 Craigslist scams: Don’t fall for these tricks

Here’s how to spot and dodge scams when searching for stuff on the classified ads website that offers almost everything under the sun




c

Black Hat USA 2024: How cyber insurance is shaping cybersecurity strategies

Cyber insurance is not only a safety net, but it can also be a catalyst for advancing security practices and standards




c

Why scammers want your phone number

Your phone number is more than just a way to contact you – scammers can use it to target you with malicious messages and even exploit it to gain access to your bank account or steal corporate data




c

Black Hat USA 2024: All eyes on election security

In this high-stakes year for democracy, the importance of robust election safeguards and national cybersecurity strategies cannot be understated




c

Black Hat USA 2024 recap – Week in security with Tony Anscombe

Unsurprisingly, many discussions revolved around the implications of the CrowdStrike outage, including the lessons it may have offered for bad actors




c

Be careful what you pwish for – Phishing in PWA applications

ESET analysts dissect a novel phishing method tailored to Android and iOS users




c

The great location leak: Privacy risks in dating apps

What if your favorite dating, social media or gaming app revealed your exact coordinates to someone you’d rather keep at a distance?




c

NGate Android malware relays NFC traffic to steal cash

Android malware discovered by ESET Research relays NFC data from victims’ payment cards, via victims’ mobile phones, to the device of a perpetrator waiting at an ATM




c

How a BEC scam cost a company $60 million – Week in security with Tony Anscombe

Business email compromise (BEC) has once again proven to be a costly issue, with a company losing $60 million in a wire transfer fraud scheme




c

How regulatory standards and cyber insurance inform each other

Should the payment of a ransomware demand be illegal? Should it be regulated in some way? These questions are some examples of the legal minefield that cybersecurity teams must deal with




c

Exploring Android threats and ways to mitigate them | Unlocked 403 cybersecurity podcast (ep. 5)

The world of Android threats is quite vast and intriguing. In this episode, Becks and Lukáš demonstrate how easy it is to take over your phone, with some added tips on how to stay secure




c

Old devices, new dangers: The risks of unsupported IoT tech

In the digital graveyard, a new threat stirs: Out-of-support devices becoming thralls of malicious actors




c

PWA phishing on Android and iOS – Week in security with Tony Anscombe

Phishing using PWAs? ESET Research's latest discovery might just ruin some users' assumptions about their preferred platform's security




c

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

Demystifying CVE-2024-7262 and CVE-2024-7263




c

The key considerations for cyber insurance: A pragmatic approach

Would a more robust cybersecurity posture impact premium costs? Does the policy offer legal cover? These are some of the questions organizations should consider when reviewing their cyber insurance options




c

In plain sight: Malicious ads hiding in search results

Sometimes there’s more than just an enticing product offer hiding behind an ad




c

Stealing cash using NFC relay – Week in Security with Tony Anscombe

The discovery of the NGate malware by ESET Research is another example of how sophisticated Android threats have become




c

CosmicBeetle steps up: Probation period at RansomHub

CosmicBeetle, after improving its own ransomware, tries its luck as a RansomHub affiliate




c

ESET Research Podcast: HotPage

ESET researchers discuss HotPage, a recently discovered adware armed with a highest-privilege, yet vulnerable, Microsoft-signed driver




c

Bitcoin ATM scams skyrocket – Week in security with Tony Anscombe

The schemes disproportionately victimize senior citizens, as those aged 60 or over were more than three times as likely as younger adults to fall prey to the scams




c

6 common Geek Squad scams and how to defend against them

Learn about the main tactics used by scammers impersonating Best Buy’s tech support arm and how to avoid falling for their tricks




c

AI security bubble already springing leaks

Artificial intelligence is just a spoke in the wheel of security – an important spoke but, alas, only one




c

ESET Research Podcast: EvilVideo

ESET researchers discuss how they uncovered a zero-day Telegram for Android exploit that allowed attackers to send malicious files posing as videos




c

Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023

ESET Research has conducted a comprehensive technical analysis of Gamaredon’s toolset used to conduct its cyberespionage activities focused in Ukraine




c

CosmicBeetle joins the ranks of RansomHub affiliates – Week in security with Tony Anscombe

ESET researchers also find that CosmicBeetle attempts to exploit the notoriety of the LockBit ransomware gang to advance its own ends




c

Understanding cyber-incident disclosure

Proper disclosure of a cyber-incident can help shield your business from further financial and reputational damage, and cyber-insurers can step in to help




c

Influencing the influencers | Unlocked 403 cybersecurity podcast (ep. 6)

How do analyst relations professionals sort through the noise to help deliver the not-so-secret sauce for a company's success? We spoke with ESET's expert to find out.




c

Time to engage: How parents can help keep their children safe on Snapchat

Here’s what parents should know about Snapchat and why you should take some time to ensure your children can stay safe when using the app




c

FBI, CISA warning over false claims of hacked voter data – Week in security with Tony Anscombe

With just weeks to go before the US presidential election, the FBI and the CISA are warning about attempts to sow distrust in the electoral process




c

Don’t panic and other tips for staying safe from scareware

Keep your cool, arm yourself with the right knowledge, and other tips for staying unshaken by fraudsters’ scare tactics




c

Cybersecurity Awareness Month needs a radical overhaul – it needs legislation

Despite their benefits, awareness campaigns alone are not enough to encourage widespread adoption of cybersecurity best practices




c

Gamaredon's operations under the microscope – Week in security with Tony Anscombe

ESET research examines the group's malicious wares as used to spy on targets in Ukraine in the past two years




c

Separating the bee from the panda: CeranaKeeper making a beeline for Thailand

ESET Research details the tools and activities of a new China-aligned threat actor, CeranaKeeper, focusing on massive data exfiltration in Southeast Asia




c

Why system resilience should mainly be the job of the OS, not just third-party applications

Building efficient recovery options will drive ecosystem resilience