CyberSecure Specialist

Martin Rees: Post-human intelligence – a cosmic perspective | Starmus highlights

WeLiveScience Take a moment to think beyond our current capabilities and consider what might come next in the grand story of evolution Tomáš Foltýn 03 Mar 2025 Martin Rees, a leading figure in contemporary astrophysics, blends scientific insight with philosophical depth as he challenges us to reflect on the evolving role of humans in space exploration and, indeed, on what might come next in the grand story of evolution. After opening with a brief look…

Read More

AI-driven deception: A new face of corporate fraud

Business Security Malicious use of AI is reshaping the fraud landscape, creating major new risks for businesses Phil Muncaster 10 Mar 2025  •  , 4 min. read Artificial intelligence (AI) is doing wonderful things for many businesses. It’s helping to automate repetitive tasks for efficiency and cost savings. It’s supercharging customer service and coding. And it’s helping to unearth insight to drive improved business decision-making. Way back in October 2023, Gartner estimated that 55% of…

Read More

Kids behaving badly online? Here’s what parents can do

Kids Online By taking time to understand and communicate the impact of undesirable online behavior, you can teach your kids an invaluable set of life lessons for a new digital age Phil Muncaster 05 Mar 2025  •  , 5 min. read There has always been a cultural gap between parents and their children. But arguably this divide has grown over the past decade or more as digital natives are born with no concept of a…

Read More

CISA Releases Guidance on Credential Risks Associated with Potential Legacy Oracle Cloud Compromise

CISA is aware of public reporting regarding potential unauthorized access to a legacy Oracle cloud environment. While the scope and impact remains unconfirmed, the nature of the reported activity presents potential risk to organizations and individuals, particularly where credential material may be exposed, reused across separate, unaffiliated systems, or embedded (i.e., hardcoded into scripts, applications, infrastructure templates, or automation tools). When credential material is embedded, it is difficult to discover and can enable long-term unauthorized…

Read More

Don’t let cybercriminals steal your Spotify account

Spotify boasts almost 700 million active users, including 265 million premium subscribers. As the world’s leading music streaming service, it’s hardly surprising that it also attracts all manner of bad actors who are eager to exploit its users. Spotify accounts represent valuable digital assets that can be monetized through multiple channels, including on the dark web and the shadowy corners of Telegram. While discounted compared to legitimate subscription costs, the going prices of hacked Spotify…

Read More

Attacks on the education sector are surging: How can cyber-defenders respond?

Business Security Academic institutions have a unique set of characteristics that makes them attractive to bad actors. What’s the right antidote to cyber-risk? Phil Muncaster 14 Apr 2025  •  , 5 min. read We all want the best possible education for our children. But even the best-laid plans can come unstuck when confronted with an agile, persistent and devious adversary. Nation state-aligned actors and cybercriminals represent one of the biggest threats to schools, colleges and…

Read More

When IT meets OT: Cybersecurity for the physical world

Critical Infrastructure While relatively rare, real-world incidents impacting operational technology highlight that organizations in critical infrastructure can’t afford to dismiss the OT threat Phil Muncaster 14 Mar 2025  •  , 4 min. read Amid all the high-profile data breaches and ransomware attacks on IT systems in recent years, the threat to business-critical operational technology (OT) is still often underestimated. Yet attacking tech systems that interface with the physical world is the quickest way to achieve…

Read More

Funding Expires for Key Cyber Vulnerability Database

A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit research and development organization MITRE warned today that its contract to maintain the Common Vulnerabilities and Exposures (CVE) program — which is traditionally funded each year by the Department of Homeland Security — expires on April 16. A letter from MITRE vice president Yosry Barsoum,…

Read More

AI’s biggest surprises of 2024 | Unlocked 403 cybersecurity podcast (S2E1)

Here’s what’s been hot on the AI scene over the past 12 months, how it’s changing the face of warfare, and how you can fight AI-powered scams 17 Mar 2025 The second season of the Unlocked 403 cybersecurity podcast kicks off with a familiar face – ESET Security Evangelist Ondrej Kubovič, who also appeared on the podcast’s inaugural episode. Picking up where they left off this time last year, Becks and Ondrej discuss what’s been…

Read More

Operation AkaiRyū: MirrorFace invites Europe to Expo 2025 and revives ANEL backdoor

In August 2024, ESET researchers detected cyberespionage activity carried out by the China-aligned MirrorFace advanced persistent threat (APT) group against a Central European diplomatic institute in relation to Expo 2025, which will be held in Osaka, Japan. Known primarily for its cyberespionage activities against organizations in Japan, to the best of our knowledge, this is the first time MirrorFace intended to infiltrate a European entity. The campaign, which we uncovered in Q2 and Q3 of…

Read More