Information

20 Mar

EDR killers explained: Beyond the drivers

Information

In recent years, EDR killers have become one of the most commonly seen tools in modern ransomware intrusions: an attacker acquires high privileges, deploys such a tool to disrupt protection, and only then launches the encryptor. Besides the dominating Bring Your Own Vulnerable Driver (BYOVD) technique, we also see attackers frequently abusing legitimate anti-rootkit utilities or using driverless approaches to block the communication of endpoint detection and response (EDR) software or suspend it in place.…

Read More
19 Mar

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

Information, Insights

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets — named Aisuru, Kimwolf, JackSkid and Mossad — are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline. Image: Shutterstock, @Elzicon. The Justice…

Read More
15 Mar

Loblaw Data Breach Impacts Customer Information

Data Breaches, Information, News

Canadian retailer Loblaw has disclosed a data breach after threat actors gained access to customer information. Loblaw is one of Canada’s largest food and pharmacy retailers. It operates over 2,400 stores across Canada and owns brands such as Shoppers Drug Mart, No Frills, Real Canadian Superstore, and President’s Choice. In a brief data breach notice the company said it recently discovered that a “criminal third-party” accessed basic customer information such as names, email addresses, and…

Read More
14 Mar

Face value: What it takes to fool facial recognition

Information

ESET’s Jake Moore used smart glasses, deepfakes and face swaps to ‘hack’ widely-used facial recognition systems – and he’ll demo it all at RSAC 2026 Tomáš Foltýn 13 Mar 2026  •  , 2 min. read Facial recognition is increasingly embedded in everything from airport boarding gates to bank onboarding flows. The widely-held assumption is that a face is hard to fake and that matching a live face to a trusted source is a reliable identity…

Read More
13 Mar

Cyber fallout from the Iran war: What to have on your radar

Information

The war in Iran was less than 24 hours old when it produced a historic first: the deliberate targeting of commercial data centers. On March 1st, Iranian drones hit three Amazon Web Services (AWS) facilities in the United Arab Emirates and Bahrain, disrupting core cloud infrastructure and knocking out finance apps and enterprise tools not only across the Gulf, but also far away from the region. The attacks showed that physical distance from a conflict…

Read More
11 Mar

Sednit reloaded: Back in the trenches

Information

Since April 2024, Sednit’s advanced development team has reemerged with a modern toolkit centered on two paired implants, BeardShell and Covenant, each using a different cloud provider for resilience. This dual‑implant approach enabled long‑term surveillance of Ukrainian military personnel. Interestingly, these current toolsets show a direct code lineage to the group’s 2010‑era implants. Key points of this blogpost: ESET researchers traced the reactivation of Sednit’s advanced implant team to a 2024 case in Ukraine, where…

Read More
11 Mar

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

Information, Insights

A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker’s largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker’s main U.S. headquarters says the company is currently experiencing a building emergency. Based in Kalamazoo, Michigan, Stryker [NYSE:SYK] is…

Read More
10 Mar

Microsoft Patch Tuesday, March 2026 Edition

Information, Insights

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing “zero-day” flaws this month (compared to February’s five zero-day treat), but as usual some patches may deserve more rapid attention from organizations using Windows. Here are a few highlights from this month’s Patch Tuesday. Image: Shutterstock, @nwz. Two of the bugs Microsoft patched today were publicly disclosed previously. CVE-2026-21262 is a…

Read More
08 Mar

How AI Assistants are Moving the Security Goalposts

Information, Insights

AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker…

Read More
07 Mar

What cybersecurity actually does for your business

Information

Business Security The ability to continue operating safely in an unsafe environment where competitors cannot is a competitive advantage that is rarely measured or discussed Tomáš Foltýn 06 Mar 2026  •  , 5 min. read Cybersecurity is one of the few business functions where success is typically quiet. From the outside, it may even look uneventful. On the inside, however, it reflects a sequence of seemingly unremarkable processes and controls doing what they were designed…

Read More