Information

The attack involved the first recorded abuse of a security vulnerability in a Dell driver that was patched in May 2021 This week, the ESET Research team has published the results of their analysis of recent attacks carried out by the Lazarus APT group. Using spear-phishing emails that contained malicious Amazon-themed documents, the group targeted an employee of an aerospace company in the Netherlands and a political journalist in Belgium. Notably, one of the tools…

As each new smart home device may pose a privacy and security risk, do you know what to look out for before inviting a security camera into your home? Security cameras were once the preserve of the rich and famous. Now anyone can get their hands on one thanks to technological advances. The advent of the Internet of Things (IoT) has created a  major new market – for manufacturers of devices like connected doorbells and…

Next time you’re tempted to hold off on installing software updates, remember why these updates are necessary in the first place Technology enables us to do wonderful things. The PCs and mobile devices at the center of our digital world are an indispensable part of our personal and working lives. They offer us a gateway to social media, online banking, media streaming, instant messaging, fitness tracking and much else besides. Depending on your circumstances they…

by Paul Ducklin Cryptoguru Bruce Schneier (where crypto means cryptography, not the other thing!) just published an intriguing note on his blog entitled On the Randomness of Automatic Card Shufflers. If you’ve ever been to a casino, at least one in Nevada, you’ll know that the blackjack tables don’t take chances with customers known in the trade as card counters. That term is used to refer to players who have trained their memories to the…

by Paul Ducklin Apple’s latest collection of security updates has arrived, including the just-launched macOS 13 Ventura, which was accompanied by its own security bulletin listing a whopping 112 CVE-numbered security holes. Of those, we counted 27 arbitrary code execution holes, of which 12 allow rogue code to be injected right into the kernel itself, and one allows untrusted code to be run with system privileges. On top of that, there are two elevation-of-privilege (EoP)…

A view of the T2 2022 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts The past four months were the time of summer vacations for many of us in the northern hemisphere. It appears that some malware operators also took this time as an opportunity to possibly rest, refocus, and reanalyze their current procedures and activities. According to our telemetry, August was a vacation month…

Healthy habits that are instilled and nurtured at an early age bring lifelong benefits – the same applies to good cybersecurity habits It’s October, it’s Cybersecurity Awareness Month (CSAM), and with it the annual deluge of articles about phishing, passwords, protecting personal data and such like that will be hitting your inboxes very soon (if they have not already landed). The underlying message behind CSAM is the need to be cyber-vigilant and to educate the…

A look back on the key trends and developments that shaped the cyberthreat landscape from May to August of this year The ESET research team has just released its latest Threat Report, and in this week’s video, Tony summarizes the report’s main takeaways. What trends and developments shaped the threat landscape between May and August of this year? What were the top threats and what trended downwards? What else do the numbers say? What does…