A new white paper from ESET uncovers the risks and opportunities of artificial intelligence for cyber-defenders

As the UK mulls new rules for ransomware disclosure, what would be the wider implications of such a move, how would cyber-insurance come into play, and how might cybercriminals respond?

Password leaks are increasingly common and figuring out whether the keys to your own kingdom have been exposed might be tricky – unless you know where to look

A facial recognition system misidentifies a woman in London as a shoplifter, igniting fresh concerns over the technology's accuracy and reliability

Ticketmaster seems to have experienced a data breach, with the ShinyHunters hacker group claiming to have exfiltrated 560 million customer data

The results of the 2024 European Cybersecurity Blogger Awards are in and the winner of the Best Cybersecurity Vendor Blog is... drumroll, please... WeLiveSecurity!

ESET researchers discovered Arid Viper espionage campaigns spreading trojanized apps to Android users in Egypt and Palestine

The I-SOON data leak confirms that this contractor is involved in cyberespionage for China, while Iran-aligned groups step up aggressive tactics following the Hamas-led attack on Israel in 2023

The spyware, called AridSpy by ESET, is distributed through websites that pose as various messaging apps, a job search app, and a Palestinian Civil Registry app

Understanding and preparing for the potential long-tail costs of data breaches is crucial for businesses that aim to mitigate the impact of security incidents

Why organizations of every size and industry should explore their cyber insurance options as a crucial component of their risk mitigation strategies

While AI can liberate us from tedious tasks and even eliminate human error, it's crucial to remember its weaknesses and the unique capabilities that humans bring to the table

Learn about the types of threats that 'topped the charts' and the kinds of techniques that bad actors leveraged most commonly in the first half of this year

Social media sites are designed to make their users come back for more. Do laws restricting children's exposure to addictive social media feeds have teeth or are they a political gimmick?

As security challenges loom large on the IoT landscape, how can we effectively counter the risks of integrating our physical and digital worlds?

Blanket bans on ransomware payments are a much-debated topic in cybersecurity and policy circles. What are the implications of outlawing the payments, and would the ban be effective?

Your humble phone number is more valuable than you may think. Here’s how it could fall into the wrong hands – and how you can help keep it out of the reach of fraudsters.

ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos

If a software update process fails, it can lead to catastrophic consequences, as seen today with widespread blue screens of death blamed on a bad update by CrowdStrike

A purported ad blocker marketed as a security solution leverages a Microsoft-signed driver that inadvertently exposes victims to dangerous threats

Attackers abusing the EvilVideo vulnerability could share malicious Android payloads via Telegram channels, groups, and chats, all while making them appear as legitimate multimedia files

Organizations that leveraged AI and automation in security prevention cut the cost of a data breach by $2.22 million compared to those that didn't deploy these technologies

Cyber insurance is not only a safety net, but it can also be a catalyst for advancing security practices and standards

In this high-stakes year for democracy, the importance of robust election safeguards and national cybersecurity strategies cannot be understated

Unsurprisingly, many discussions revolved around the implications of the CrowdStrike outage, including the lessons it may have offered for bad actors

Business email compromise (BEC) has once again proven to be a costly issue, with a company losing $60 million in a wire transfer fraud scheme

The world of Android threats is quite vast and intriguing. In this episode, Becks and Lukáš demonstrate how easy it is to take over your phone, with some added tips on how to stay secure

Phishing using PWAs? ESET Research's latest discovery might just ruin some users' assumptions about their preferred platform's security

Demystifying CVE-2024-7262 and CVE-2024-7263

The discovery of the NGate malware by ESET Research is another example of how sophisticated Android threats have become

The schemes disproportionately victimize senior citizens, as those aged 60 or over were more than three times as likely as younger adults to fall prey to the scams

Artificial intelligence is just a spoke in the wheel of security – an important spoke but, alas, only one

ESET researchers also find that CosmicBeetle attempts to exploit the notoriety of the LockBit ransomware gang to advance its own ends

How do analyst relations professionals sort through the noise to help deliver the not-so-secret sauce for a company's success? We spoke with ESET's expert to find out.

With just weeks to go before the US presidential election, the FBI and the CISA are warning about attempts to sow distrust in the electoral process

Despite their benefits, awareness campaigns alone are not enough to encourage widespread adoption of cybersecurity best practices

ESET research examines the group's malicious wares as used to spy on targets in Ukraine in the past two years

ESET Research shares new findings about Telekopye, a scam toolkit used to defraud people on online marketplaces, and newly on accommodation booking platforms

Attributing a cyberattack to a specific threat actor is a complex affair, as evidenced by new ESET research published this week

The world needs more cybersecurity professionals – here are three great ways to give you an ‘in’ to the ever-growing and rewarding security industry

ESET research dives deep into a series of attacks that leveraged bespoke toolsets to compromise air-gapped systems belonging to governmental and diplomatic entities

“Hey, wanna chat?” This innocent phrase can take on a sinister meaning when it comes from an adult to a child online – and even be the start of a predatory relationship

The average time it takes attackers to weaponize a vulnerability, either before or after a patch is released, shrank from 63 days in 2018-2019 to just five days last year

Election interference, American Water and the Internet Archive breaches, new cybersecurity laws, and more – October saw no shortage of impactful cybersecurity news stories

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2024 and Q3 2024

Will's pick this week is Random String Utility by Dan Couture. This is an oldie but a goodie. This submission is from 2012 but still works just fine in R2022b (another testament to the... read more >>

Jiro's Pick this week is Happy Pi Day by Zhaoxu Liu / slandarer. I'm a couple of days late, but I wanted to highlight this set of cool visualizations by Zhaoxu for Pi Day. It's amazing to see so... read more >>

The ruling by U.S. District Judge John Koeltl in Manhattan on Friday came in a closely watched lawsuit that tested the ability of Internet Archive to lend out the works of writers and publishers protected by U.S. copyright laws.

“Earlier, there used to be the largest companies who were there to solve the customers’ problems. But now there are hundreds of startups that are coming up. We need to make sure we work together with them and build an ecosystem with them. We share with them our issues, and they come back and build the products with us together. And then we help them scale,” he said.

The Telecom Regulatory Authority of India (TRAI) has recommended that linear set-top boxes (STBs) be included in the PLI scheme to promote local manufacturing in the television broadcasting sector. The TRAI has also suggested conducting periodic reviews of indigenous components, factoring in local components in determining localisation levels under the PLI scheme, and reviewing investment outlays required for MSME manufacturing for selected equipment.