5 free OSINT tools for social media
A roundup of some of the handiest tools for the collection and analysis of publicly available data from Twitter, Facebook and other social media platforms
The post 5 free OSINT tools for social media appeared first on WeLiveSecurity
Tricks of the trade: How a cybercrime ring operated a multi‑level fraud scheme
A peek under the hood of a cybercrime operation and what you can do to avoid being an easy target for similar ploys
The post Tricks of the trade: How a cybercrime ring operated a multi‑level fraud scheme appeared first...
How an innocuous app morphed into a trojan – Week in security with Tony Anscombe
ESET research uncovers an Android app that initially had no harmful features but months later turned into a spying tool
The post How an innocuous app morphed into a trojan – Week in security with Tony Anscombe appeared first on...
Shedding light on AceCryptor and its operation
ESET researchers reveal details about a prevalent cryptor, operating as a cryptor-as-a-service used by tens of malware families
The post Shedding light on AceCryptor and its operation appeared first on WeLiveSecurity
Digital security for the self‑employed: Staying safe without an IT team to help
Nobody wants to spend their time dealing with the fallout of a security incident instead of building up their business
The post Digital security for the self‑employed: Staying safe without an IT team to help appeared first on WeLiveSecurity
Android app breaking bad: From legitimate screen recording to file exfiltration within a year
ESET researchers discover AhRat – a new Android RAT based on AhMyth – that exfiltrates files and records audio
The post Android app breaking bad: From legitimate screen recording to file exfiltration within a year appeared first on WeLiveSecurity
The real cost of a free lunch – Week in security with Tony Anscombe
Don't download software from non-reputable websites and sketchy links – you might be in for more than you bargained for
The post The real cost of a free lunch – Week in security with Tony Anscombe appeared first on...
5 useful search engines for internet‑connected devices and services
A roundup of some of the handiest tools that security professionals can use to search for and monitor devices that are accessible from the internet
The post 5 useful search engines for internet‑connected devices and services appeared first on WeLiveSecurity
Meet “AI”, your new colleague: could it expose your company’s secrets?
Before rushing to embrace the LLM-powered “hire”, make sure your organization has safeguards in place to avoid putting its business and customer data at risk
The post Meet “AI”, your new colleague: could it expose your company’s secrets? appeared first...
You may not care where you download software from, but malware does
Why do people still download files from sketchy places and get compromised as a result?
The post You may not care where you download software from, but malware does appeared first on WeLiveSecurity
Key findings from ESET’s new APT Activity Report – Week in security with Tony Anscombe
What have some of the world's most infamous advanced threat actors been up to and what might be the implications of their activities for your business?
The post Key findings from ESET’s new APT Activity Report – Week in security...
Why you need parental control software – and 5 features to look for
Strike a balance between making the internet a safer place for your children and giving them the freedom to explore, learn and socialize
The post Why you need parental control software – and 5 features to look for appeared first...
Turning on stealth mode: 5 simple strategies for staying under the radar online
Have your cake and eat it too – enjoy some of what the online world has to offer without always giving out your contact details
The post Turning on stealth mode: 5 simple strategies for staying under the radar online...
ESET APT Activity Report Q4 2022–Q1 2023
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2022 and Q1 2023
The post ESET APT Activity Report Q4 2022–Q1 2023 appeared first on WeLiveSecurity
How the war in Ukraine has been a catalyst in private‑public collaborations
As the war shows no signs of ending and cyber-activity by states and criminal groups remains high, conversations around the cyber-resilience of critical infrastructure have never been more vital
The post How the war in Ukraine has been a catalyst...
Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2023-28771 (CVSS score: 9.8), the issue relates to a command injection flaw impacting...
Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites
WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that’s installed on over five million sites.
The vulnerability, which was unearthed during an internal security audit, resides in an API present in the plugin since version 2.0,...
Dark Pink cyber-spies add info stealers to their arsenal, notch up more victims
Not to be confused with K-Pop sensation BLACKPINK, gang pops military, govt and education orgs Dark Pink, a suspected nation-state-sponsored cyber-espionage group, has expanded its list of targeted organizations, both geographically and by sector, and has carried out at...
Feds, you’ll need a warrant for that cellphone border search
Here's a story with a twist A federal district judge has ruled that authorities must obtain a warrant to search an American citizen's cellphone at the border, barring exigent circumstances.…
Smashing Security podcast #324: .ZIP domains, AI lies, and did social media inflame a riot?
height="315" class="aligncenter size-full wp-image-292324" />
ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"?
All this and...
