Information

Business Security Blindly trusting your partners and suppliers on their security posture is not sustainable – it’s time to take control through effective supplier risk management Phil Muncaster 25 Jan 2024  •  , 5 min. read The world is built on supply chains. They are the connective tissue that facilitates global trade and prosperity. But these networks of overlapping and inter-related companies are increasingly complex and opaque. Most involve the supply of software and digital…

Video The previously unknown threat actor used the implant to target Chinese and Japanese companies, as well as individuals in China, Japan, and the UK 26 Jan 2024 This week, ESET researchers released their findings about an attack where a previously unknown threat actor deployed a sophisticated multistage implant, which ESET named NSPX30, through adversary-in-the-middle (AitM) attacks hijacking update requests from legitimate software such as Tencent QQ, WPS Office, and Sogou Pinyin. Blackwood, the name…

ESET researchers provide an analysis of an attack carried out by a previously undisclosed China-aligned threat actor we have named Blackwood, and that we believe has been operating since at least 2018. The attackers deliver a sophisticated implant, which we named NSPX30, through adversary-in-the-middle (AitM) attacks hijacking update requests from legitimate software. Key points in this blogpost: We discovered the NSPX30 implant being deployed via the update mechanisms of legitimate software such as Tencent QQ,…

Scams As AI-powered voice cloning turbocharges imposter scams, we sit down with ESET’s Jake Moore to discuss how to hang up on ‘hi-fi’ scam calls – and what the future holds for deepfake detection Cameron Camp 23 Jan 2024  •  , 4 min. read Would you fall for a faked call from your CEO asking you to wire money? As our colleague Jake Moore found out, you might. As computers with spare compute cycles get…

Video The job of a CISO is becoming increasingly stressful as cybersecurity chiefs face overwhelming workloads and growing concerns over personal liability for security failings 19 Jan 2024 The job of a chief information security officer (CISO) is becoming increasingly stressful, to the point that some security leaders are seeking out more peaceful career paths. Indeed, as many as 46 percent of CISOs are considering leaving cybersecurity, according to a recent survey. This comes as…

Scams Phone fraud takes a frightening twist as fraudsters can tap into AI to cause serious emotional and financial damage to the victims Phil Muncaster 18 Jan 2024  •  , 4 min. read It’s every parent’s worst nightmare. You get a call from an unknown number and on the other end of the line hear your child crying out for help. Then their ‘kidnapper’ comes on the line demanding a ransom or you will never…