Information

ESET researchers provide an analysis of an attack carried out by a previously undisclosed China-aligned threat actor we have named Blackwood, and that we believe has been operating since at least 2018. The attackers deliver a sophisticated implant, which we named NSPX30, through adversary-in-the-middle (AitM) attacks hijacking update requests from legitimate software. Key points in this blogpost: We discovered the NSPX30 implant being deployed via the update mechanisms of legitimate software such as Tencent QQ,…

Scams As AI-powered voice cloning turbocharges imposter scams, we sit down with ESET’s Jake Moore to discuss how to hang up on ‘hi-fi’ scam calls – and what the future holds for deepfake detection Cameron Camp 23 Jan 2024  •  , 4 min. read Would you fall for a faked call from your CEO asking you to wire money? As our colleague Jake Moore found out, you might. As computers with spare compute cycles get…

Video The job of a CISO is becoming increasingly stressful as cybersecurity chiefs face overwhelming workloads and growing concerns over personal liability for security failings 19 Jan 2024 The job of a chief information security officer (CISO) is becoming increasingly stressful, to the point that some security leaders are seeking out more peaceful career paths. Indeed, as many as 46 percent of CISOs are considering leaving cybersecurity, according to a recent survey. This comes as…

Scams Phone fraud takes a frightening twist as fraudsters can tap into AI to cause serious emotional and financial damage to the victims Phil Muncaster 18 Jan 2024  •  , 4 min. read It’s every parent’s worst nightmare. You get a call from an unknown number and on the other end of the line hear your child crying out for help. Then their ‘kidnapper’ comes on the line demanding a ransom or you will never…

Scams, Digital Security Here are some scams you may encounter on the shopping juggernaut, plus a few simple steps you can take to help safeguard your data while bagging that irresistible deal Phil Muncaster 17 Jan 2024  •  , 5 min. read If you’re on social media or use Google Shopping, the chances are you’ve been bombarded with adverts for Temu, a Chinese e-commerce marketplace that offers rock-bottom prices compared to equivalents in the West.…

Business Security By eliminating these mistakes and blind spots, your organization can take massive strides towards optimizing its use of cloud without exposing itself to cyber-risk Phil Muncaster 16 Jan 2024  •  , 5 min. read Cloud computing is an essential component of today’s digital landscape. IT infrastructure, platforms and software are more likely to be delivered today as a service (hence the acronyms IaaS, PaaS and SaaS, respectively) than in a traditional on-premises configuration.…

Business Security How wearing a ‘sock puppet’ can aid the collection of open source intelligence while insulating the ‘puppeteer’ from risks Mario Micucci 11 Jan 2024  •  , 4 min. read In the untold expanse of online information and communication, the ability to find the signal in the noise and discern the authenticity of data and its sources becomes increasingly critical. We’ve previously looked at the mechanics of open source intelligence (OSINT), the practice of…