Hello.

NOTE: The views and opinions expressed in this blog post are those of ESET and do not necessarily reflect the views or positions of the MITRE Corporation. The hidden treasure in the latest MITRE ATT&CK® Enterprise Evaluation is in the summaries and data deep-dives, not in headlines from vendors with high sales intent, under pressure to “sell” Detection & Response. As a result, even astute readers may miss the forest for the trees, seeing only individual performances and yet-t

Identity is effectively the new network boundary. It must be protected at all costs. What do M&S and Co-op Group have in common? Aside from being among the UK’s most recognizable high street retailers, they were both recently the victims of a major ransomware breach. They were also both targeted by vishing attacks that elicited corporate passwords , providing their extorters with a critical foothold in the network. These identity-related breaches cost the two retailers over £

The discovery of PromptLock shows how malicious use of AI models could supercharge ransomware and other threats ESET researchers have discovered what they called "the first known AI-powered ransomware". The malware, which ESET has named PromptLock, has the ability to exfiltrate, encrypt and possibly even destroy data, though this last functionality appears not to have been implemented in the malware yet. While PromptLock was not spotted in actual attacks and is instead though

How top-tier managed detection and response (MDR) can help organizations stay ahead of increasingly agile and determined adversaries.   How long does it take for threat actors to move from initial access to lateral movement? Days? Hours? Unfortunately, the answer for many organizations is increasingly “minutes.” In fact, at 48 minutes, the average breakout time in 2024 was 22% shorter than the previous year, according to one report . Adding to the concerns is another figure f

AI deepfakes used for sextortion highlight a growing problem with consumer privacy — but are we ready to forgo our online comforts for...

Professional services ensure success for their clients, but what about their own livelihoods? Their access is their bane, as threat...

Restricting end-to-end encryption on a single-country basis would not only be absurdly difficult to enforce, but it would also fail to...

Let’s set the record straight and see why encryption is the cornerstone of company security. For businesses, encryption is more than...

With the evolution of threats, the definition of essential security is changing, and advanced tools are needed. The evolution of...

Security for local servers remains a critical aspect of an organization’s overall cybersecurity strategy. Despite the popularity of...