ESET Research
Latest Articles
Hear no evil: Ultrasound attacks on voice assistants
How your voice assistant could do the bidding of a hacker – without you ever hearing a thing
7 tips for spotting a fake mobile app
Plus, 7 ways to tell that you downloaded a sketchy app and 7 tips for staying safe from mobile security threats in the future
API security in the spotlight – Week in security with Tony Anscombe
Given the reliance of today's digital world on APIs and the fact that attacks targeting them continue to rise sharply, API security cannot be an afterthought.
All eyes on APIs: Top 3 API security risks and how to mitigate them
As APIs are a favorite target for threat actors, the challenge of securing the glue that holds various software elements together is taking on increasing urgency
5 free OSINT tools for social media
A roundup of some of the handiest tools for the collection and analysis of publicly available data from Twitter, Facebook and other social media platforms
Tricks of the trade: How a cybercrime ring operated a multi‑level fraud scheme
A peek under the hood of a cybercrime operation and what you can do to avoid being an easy target for similar ploys
How an innocuous app morphed into a trojan – Week in security with Tony Anscombe
ESET research uncovers an Android app that initially had no harmful features but months later turned into a spying tool
Shedding light on AceCryptor and its operation
ESET researchers reveal details about a prevalent cryptor, operating as a cryptor-as-a-service used by tens of malware families
Digital security for the self‑employed: Staying safe without an IT team to help
Nobody wants to spend their time dealing with the fallout of a security incident instead of building up their business
Android app breaking bad: From legitimate screen recording to file exfiltration within a year
ESET researchers discover AhRat – a new Android RAT based on AhMyth – that exfiltrates files and records audio
The real cost of a free lunch – Week in security with Tony Anscombe
Don't download software from non-reputable websites and sketchy links – you might be in for more than you bargained for
Top 5 search engines for internet‑connected devices and services
A roundup of some of the handiest tools that security professionals can use to search for and monitor devices that are accessible from the internet
Meet “AI”, your new colleague: could it expose your company’s secrets?
Before rushing to embrace the LLM-powered hire, make sure your organization has safeguards in place to avoid putting its business and customer data at risk
You may not care where you download software from, but malware does
Why do people still download files from sketchy places and get compromised as a result?
Key findings from ESET’s new APT Activity Report – Week in security with Tony Anscombe
What have some of the world's most infamous advanced threat actors been up to and what might be the implications of their activities for your business?
Why you need parental control software – and 5 features to look for
Strike a balance between making the internet a safer place for your children and giving them the freedom to explore, learn and socialize
Turning on stealth mode: 5 simple strategies for staying under the radar online
Have your cake and eat it too – enjoy some of what the online world has to offer without always giving out your contact details
ESET APT Activity Report Q4 2022–Q1 2023
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2022 and Q1 2023
How the war in Ukraine has been a catalyst in private‑public collaborations
As the war shows no signs of ending and cyber-activity by states and criminal groups remains high, conversations around the cyber-resilience of critical infrastructure have never been more vital
APTs target MSP access to customer networks – Week in security with Tony Anscombe
The recent compromise of the networks of several companies via the abuse of a remote access tool used by MSPs exemplifies why state-aligned threat actors should be on the radars of IT service providers