Yelp Sucks

OSINT can be used by anyone, both for good and bad ends – here’s how defenders can use it to keep ahead of attackers The cybersecurity industry often gets obsessed with technology: the latest exploits, hacking tools and threat hunting software. In reality, a lot comes down to people. It’s people who develop malware, people…

Most medical and fitness apps in Google Play have tracking capabilities enabled and their data collection practices aren’t transparent As many as 88 percent of almost 21,000 mobile health (mHealth) applications that are accessible on the Google Play Store from Australia include code that can access and even share users’ personal data with third parties,…

By failing to prepare you are preparing to fail – here’s what you can do today to minimize the impact of a potential ransomware attack in the future While more concerted efforts from various anti-ransomware groups continue to bring pressure to bear on ransomware operators, successful attacks are still making the headlines. It’s not just…

What does the increasingly fuzzy line between traditional cybercrime and attacks attributed to state-backed groups mean for the future of the threat landscape? Governments have always conducted offensive cyber-operations. But over the past few years, campaigns have seemed to grow in audacity and volume. The headlines scream about “state-sponsored” or “nation state” raids targeting everything…

It can be difficult to tell a legitimate website apart from an unsafe one – follow these steps to identify and protect yourself from bad websites You probably visit tens, if not hundreds, of websites daily. You read a news article here, check your social media there, then you watch a TV show on a…

The latest Chrome update patches a bumper crop of security flaws across the browser’s desktop versions Google has rolled out an update for its Chrome web browser to fix a bunch of security flaws, including a zero-day vulnerability that is known to be actively exploited by threat actors. The bugs affect the Windows, macOS, and…

Should we expect cybercriminals to ditch the pseudonymous cryptocurrency for other forms of payment that may be better at throwing law enforcement off the scent? Earlier this week, the Department of Justice announced it seized around $2.3 million worth of bitcoin (BTC 63.7) collected in the BTC 75 payment for Colonial Pipeline ransomware. Does this…

How do vishing scams work, how do they impact businesses and individuals, and how can you protect yourself, your family and your business? We’ve all heard of phishing, the tried-and-tested email scam that spoofs authoritative sources to trick recipients into handing over sensitive information or downloading malware. Well, vishing is its voice call equivalent. It’s…

A view of the T 1 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts During the first four months of this year, the COVID-19 pandemic was still the number one news topic around the world; however, it became notably less prominent in the threat landscape.…

ESET researchers discover a new campaign that evolved from the Quarian backdoor Executive summary An APT group that we are calling BackdoorDiplomacy, due to the main vertical of its victims, has been targeting Ministries of Foreign Affairs and telecommunication companies in Africa and the Middle East since at least 2017. For initial infection vectors, the…