Hello.

ESET researchers discover another iteration of NGate malware, this time possibly developed with the assistance of AI. ESET Research has discovered a new variant of the NGate malware family that abuses a legitimate Android application called HandyPay, instead of the previously leveraged NFCGate tool. The threat actors took the app, which is used to relay NFC data, and patched it with malicious code that appears to have been AI-generated. As with previous iterations of NGate, t

ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian governmental institutions. ESET researchers have discovered a previously undocumented China-aligned APT group that we named GopherWhisper. The group wields a wide array of tools mostly written in Go, using injectors and loaders to deploy and execute various backdoors in its arsenal. In the observed campaign, the threat actors targeted a governmental entity in Mon

A breach claims the systems as well as the confidence that was, in retrospect, a major vulnerability There’s a bit of a pattern in the history of organizational failures that repeats too often to be a coincidence: A system runs smoothly for a long stretch, causing everyone to grow confident in it. Almost invariably, this also quietly erodes the vigilance that kept the system running smoothly in the first place. And then the system fails – at the precise moment when everyone i

An attack is what you see, but a business operation is what you're up against In March 2024, an affiliate of the BlackCat ransomware gang took to a cybercrime forum with a complaint . They’d carried out the attack on Change Healthcare – one of the largest healthcare data breaches in U.S. history – but never got their cut of the $22 million ransom payment . BlackCat’s operators had taken the money and vanished, putting up a fake FBI seizure notice on their leak site to cover t

Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse. Stop reacting on autopilot. Receiving a data breach notice may have once been a rare event. With data breaches hitting record numbers, however, these notifications are no longer as surprising as they once were. In the US alone, there were 3,322 such breaches reported last year, resulting in nearly 280 million notices being emailed to victims. In Europe, daily incidents grew by 2

Silver Fox is back in Japan, spoofing tax and HR emails timed to the one season when no one thinks twice about opening them. Japan has entered its annual tax filing and organizational change season, a period when companies generate a high volume of legitimate financial and HR‑related communications. A threat actor known as Silver Fox is actively exploiting this busy period by conducting a targeted spearphishing campaign against Japanese manufacturers and other businesses. The

When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle. In the realm of cybercrime, change is arguably the only constant. While cyber-extortion as a broader category of crime has proved its staying power, ransomware – its arguably most damaging ‘flavor’ – doesn’t live or die on encryption alone. The playbook of ‘yore’ largely involved locking files or systems and demanding payment for a decryption key,

Fraudsters often target the accounts of the deceased or their grieving relatives. Here’s how to keep the scammers at bay. Can you imagine all of the things you’ll leave behind when your time is finally up? Heirlooms? Property? Other ‘tangibles’? Now just have a think about all of the digital assets you’re likely to leave for loved ones to manage. Email accounts, shared photos, passwords, playlists, social media profiles and smart devices. The difference is that these may be c

If you’ve been the victim of fraud, you’re likely already a lead on a ‘sucker list’ – and if you’re not careful, your ordeal may be about to get worse. The worst thing you can do after falling victim to fraud is let your guard down. Online scammers only care about one thing: making money, so when new opportunities arise to do just that, they take them. It doesn’t matter if it involves re-victimizing someone who has already been defrauded, raising false hopes and exploiting th

What you do – and how fast – after an account is compromised often matters more than it may seem Cybercriminals go after people’s personal information across every kind of online platform, including WhatsApp , Instagram , LinkedIn , Roblox , YouTube and Spotify , not to mention finance apps. No online account is off the table. If one of your own accounts falls victim, the first priority is to avoid losing your cool and act immediately – the faster you move, the more of the