Hackers could force locked iPhones to make contactless payments
Flaws in Apple Pay and Visa could allow criminals to make arbitrary contactless payments – no authentication needed, research finds
Archives - September 2021
ESET Threat Report T2 2021
A view of the T2 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
CISA and NSA release guidance for securing VPNs
What your organization should consider when it comes to choosing a VPN solution and hardening it against attacks
Google releases emergency fix to plug zero‑day hole in Chrome
The emergency release comes a mere three days after Google’s previous update that plugged another 19 security loopholes
Bug in macOS Finder allows remote code execution
While Apple did issue a patch for the vulnerability, it seems that the fix can be easily circumvented
FamousSparrow: A suspicious hotel guest
Yet another APT group that exploited the ProxyLogon vulnerability in March 2021
Plugging the holes: How to prevent corporate data leaks in the cloud
Misconfigurations of cloud resources can lead to various security incidents and ultimately cost your organization dearly. Here’s what you can do to prevent cloud configuration conundrums.
European police dismantle cybercrime ring with ties to Italian Mafia
The group used phishing, BEC and other types of attacks to swindle victims out of millions
Numando: Count once, code twice
The (probably) penultimate post in our occasional series demystifying Latin American banking trojans.
Microsoft Patch Tuesday fixes actively exploited zero‑day and 85 other flaws
The most recent Patch Tuesday includes a fix for the previously disclosed and actively exploited remote code execution flaw in MSHTML.
WhatsApp announces end‑to‑end encrypted backups
The Facebook-owned messaging service plans to roll out the feature to both iOS and Android users in the coming weeks.
What is a cyberattack surface and how can you reduce it?
Discover the best ways to mitigate your organization's attack surface, in order to maximize cybersecurity.
Beware of these 5 common scams you can encounter on Instagram
From cybercriminal evergreens like phishing to the verification badge scam, we look at the most common tactics fraudsters use to trick their victims
Victims duped out of US$1.8 million by BEC and romance scam ring
Elderly men and women were the main targets of the romance scams operated by the fraudsters.
Howard University suffers cyberattack, suspends online classes in aftermath
The university suffered a ransomware attack; however, there is no evidence so far of data being accessed or stolen.
ProtonMail forced to log user’s IP address after order from Swiss authorities
Following the incident the company has updated its website and privacy policy to clarify its legal obligations to users
BladeHawk group: Android espionage against Kurdish ethnic group
ESET researchers have investigated a mobile espionage campaign that targets the Kurdish ethnic group and has been active since at least March 2020
A parent’s guide to smartphone security
Smartphones are kids’ trusty companions both in- and outside the classroom, and as they return to their desks, we’ve prepared some handy tips on how to keep their devices secure.
Twitter introduces new feature to automatically block abusive behavior
Dubbed Safety Mode, the feature will temporarily block authors of offensive tweets from being able to contact or follow users.