Information

In this blogpost, ESET researchers provide an analysis of Spellbinder, a lateral movement tool for performing adversary-in-the-middle attacks, used by the China-aligned threat actor that we have named TheWizards. Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6 stateless address autoconfiguration (SLAAC) spoofing, to move laterally in the compromised network, intercepting packets and redirecting the traffic of legitimate Chinese software so that it downloads malicious updates from a server controlled by the attackers.  Key points in this…

Read More

From the near-demise of MITRE’s CVE program to a report showing that AI outperforms elite red teamers in spearphishing, April 2025 was another whirlwind month in cybersecurity 29 Apr 2025 The past month has seen no shortage of impactful and disconcerting cybersecurity news, including an eleventh-hour turnaround that averted the shutdown of MITRE’s CVE program to a report showing that AI outperforms red team experts in spearphishing. In this edition of the monthly roundup, ESET…

Read More

Mobile Security Your iPhone isn’t necessarily as invulnerable to security threats as you may think. Here are the key dangers to watch out for and how to harden your device against bad actors. Phil Muncaster 28 Apr 2025  •  , 6 min. read Chances are high that many people think, “it’s an iPhone, so I’m safe”. Apple’s control over its device and app ecosystem has indeed historically been tight, with its walled-garden approach providing fewer…

Read More

Social Media Look out for AI-generated ‘TikDocs’ who exploit the public’s trust in the medical profession to drive sales of sketchy supplements 25 Apr 2025  •  , 3 min. read Once confined to research labs, generative AI is now available to anyone – including those with ill intentions, who use AI tools not to spark creativity, but to fuel deception instead. Deepfake technology, which can craft remarkably lifelike videos, images and audio, is increasingly becoming…

Read More

The form and quiz-building tool is a popular vector for social engineering and malware. Here’s how to stay safe. Phil Muncaster 23 Apr 2025  •  , 5 min. read When Google enters a particular market, it often means bad news for the incumbents. So it was with Google Forms, the tech giant’s form and quiz-building tool that launched in 2008. According to one estimate, it now has a market share of nearly 50%. However, with…

Read More

Digital Security What practical AI attacks exist today? “More than zero” is the answer – and they’re getting better. Cameron Camp 22 Apr 2025  •  , 3 min. read It was bound to happen – LLM tech gone rogue was bound to be brought to bear on innocent targets, after loitering along a grey area between good and evil, embodying the technological paradox where good, solid technology can be re-purposed for the nefarious. Here’s how…

Read More