ESET Research
Latest Articles
Scams targeting NFT investors – Week in security with Tony Anscombe
As with everything digital, there's someone, somewhere devising a method to steal the assets away from their rightful owners
Cybersecurity: A global problem that requires a global answer
New and exacerbated cyber-risks following Russia’s invasion of Ukraine are fueling a new urgency towards enhancing resilience
ESET Research Podcast: UEFI in crosshairs of ESPecter bootkit
Listen to Aryeh Goretsky, Martin Smolár, and Jean-Ian Boutin discuss what UEFI threats are capable of and what the ESPecter bootkit tells us about their evolution
5 reasons why GDPR was a milestone for data protection
The landmark regulation changed everyone’s mindset on how companies worldwide collect and use the personal data of EU citizens
Common NFT scams and how to avoid them
As NFTs exploded in popularity, scammers also jumped on the hype. Watch out for counterfeit NFTs, rug pulls, pump-and-dumps and other common scams plaguing the industry.
Cryptocurrency: secure or not? – Week in security with Tony Anscombe
When you hear the term ‘cryptocurrency’, does ‘secure’ also spring to mind? Here are some implications of the lack of sound security practices in the world of crypto.
Sandworm uses a new version of ArguePatch to attack targets in Ukraine
ESET researchers spot an updated version of the malware loader used in the Industroyer2 and CaddyWiper attacks
The flip side of the coin: Why crypto is catnip for criminals
Cybercriminals continue to mine for opportunities in the crypto space – here's what you should know about coin-mining hacks and crypto theft
Fake news – why do people believe it?
In the age of the perpetual news cycle and digital media, the risks that stem from the fake news problem are all too real
The downside of ‘debugging’ ransomware
The decision to release a ransomware decryptor involves a delicate balancing act between helping victims recover their data and alerting criminals to errors in their code
How to spot and avoid a phishing attack – Week in security with Tony Anscombe
Can you spot the tell-tale signs of a phishing attempt and check if an email that has landed in your inbox is legit?
10 reasons why we fall for scams
The ‘it won’t happen to me’ mindset leaves you unprepared – here are some common factors that put any of us at risk of online fraud
Opportunity out of crisis: Tapping the Great Resignation to close the cybersecurity skills gap
What can organizations do to capitalize on the current fluidity in the job market in order to bring fresh cybersecurity talent into the fold?
Common LinkedIn scams: Beware of phishing attacks and fake job offers
LinkedIn scammers attack when we may be at our most vulnerable – here’s what to look out for and how to avoid falling victim to fraud when using the platform
Defending against APT attacks – Week in security with Tony Anscombe
The conflict in Ukraine has highlighted the risks of cyberespionage attacks that typically involve Advanced Persistent Threat groups and often target organizations' most valuable data
There’s no sugarcoating it: That online sugar daddy may be a scammer
The bitter truth about how fraudsters dupe online daters in this new twist on romance fraud
3 most dangerous types of Android malware
Here's what you should know about some of the nastiest mobile malware around – from malicious software that takes phones and data hostage to RATs that allow hackers to control devices remotely
What’s behind the record‑high number of zero days?
Organizations need to get better at mitigating threats from unknown vulnerabilities, especially as both state-backed operatives and financially-motivated cybercriminals are increasing their activity
TA410 under the microscope – Week in security with Tony Anscombe
Here's what you should know about FlowingFrog, LookingFrog and JollyFrog, the three teams making up the TA410 espionage umbrella group
A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity
ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET.