In Memoriam: John McAfee

In Memoriam: John McAfee

What was it like to work for, and be friends with, the larger-than-life technology entrepreneur back when he helped shape the computer security industry? Editor’s note: The views expressed in this article are solely those of the author and do not necessarily reflect the views of WeLiveSecurity and ESET. This is probably not the first…
Microsoft takes down large‑scale BEC operation

Microsoft takes down large‑scale BEC operation

The fraudsters ran their campaigns from the cloud and used phishing attacks and email forwarding rules to steal financial information Microsoft has shut down a sprawling Business Email Compromise (BEC) operation that had its infrastructure hosted in several web services. Using these cloud-based assets, the threat actors infiltrated hundreds of mailboxes across multiple organizations and…
OSINT 101: What is open source intelligence and how is it used?

OSINT 101: What is open source intelligence and how is it used?

OSINT can be used by anyone, both for good and bad ends – here’s how defenders can use it to keep ahead of attackers The cybersecurity industry often gets obsessed with technology: the latest exploits, hacking tools and threat hunting software. In reality, a lot comes down to people. It’s people who develop malware, people…
Most health apps engage in unhealthy data‑harvesting habits

Most health apps engage in unhealthy data‑harvesting habits

Most medical and fitness apps in Google Play have tracking capabilities enabled and their data collection practices aren’t transparent As many as 88 percent of almost 21,000 mobile health (mHealth) applications that are accessible on the Google Play Store from Australia include code that can access and even share users’ personal data with third parties,…
5 essential things to do before ransomware strikes

5 essential things to do before ransomware strikes

By failing to prepare you are preparing to fail – here’s what you can do today to minimize the impact of a potential ransomware attack in the future While more concerted efforts from various anti-ransomware groups continue to bring pressure to bear on ransomware operators, successful attacks are still making the headlines. It’s not just…
State‑sponsored or financially motivated: Is there any difference anymore?

State‑sponsored or financially motivated: Is there any difference anymore?

What does the increasingly fuzzy line between traditional cybercrime and attacks attributed to state-backed groups mean for the future of the threat landscape? Governments have always conducted offensive cyber-operations. But over the past few years, campaigns have seemed to grow in audacity and volume. The headlines scream about “state-sponsored” or “nation state” raids targeting everything…
How to tell if a website is safe

How to tell if a website is safe

It can be difficult to tell a legitimate website apart from an unsafe one – follow these steps to identify and protect yourself from bad websites You probably visit tens, if not hundreds, of websites daily. You read a news article here, check your social media there, then you watch a TV show on a…
Google fixes actively exploited Chrome zero‑day

Google fixes actively exploited Chrome zero‑day

The latest Chrome update patches a bumper crop of security flaws across the browser’s desktop versions Google has rolled out an update for its Chrome web browser to fix a bunch of security flaws, including a zero-day vulnerability that is known to be actively exploited by threat actors. The bugs affect the Windows, macOS, and…
Tracking ransomware cryptocurrency payments: What now for Bitcoin?

Tracking ransomware cryptocurrency payments: What now for Bitcoin?

Should we expect cybercriminals to ditch the pseudonymous cryptocurrency for other forms of payment that may be better at throwing law enforcement off the scent? Earlier this week, the Department of Justice announced it seized around $2.3 million worth of bitcoin (BTC 63.7) collected in the BTC 75 payment for Colonial Pipeline ransomware. Does this…
Vishing: What is it and how do I avoid getting scammed?

Vishing: What is it and how do I avoid getting scammed?

How do vishing scams work, how do they impact businesses and individuals, and how can you protect yourself, your family and your business? We’ve all heard of phishing, the tried-and-tested email scam that spoofs authoritative sources to trick recipients into handing over sensitive information or downloading malware. Well, vishing is its voice call equivalent. It’s…