WhatsApp flaw used to install spyware by simply calling the target
A security vulnerability in the popular Facebook-owned end-to-end encrypted messaging app WhatsApp allowed attackers to install spyware on smartphones without any user …
Researchers discover highly stealthy Microsoft Exchange backdoor
An extremely stealthy Microsoft Exchange backdoor can read, modify or block emails going through the compromised mail server and even compose and send new emails. LightNeuron …
ESET and Chronicle provide validation on security incidents and alerts within Backstory
ESET, a global leader in cybersecurity, announced it has partnered with Chronicle, an Alphabet company, to provide essential validation on security incidents and alerts within …
Businesses have cybersecurity best practice guidelines but fail in practice
Almost 70% of companies have cybersecurity best practice guidelines in place but neglect to take the necessary steps to secure their business. A staggering 44% of businesses …
Critical FaceTime bug turns iPhones, Macs into eavesdropping tools
A shocking and easily exploitable FaceTime bug allows people to listen in on other users of Apple devices by simply calling them through the service. The bug apparently …
773 million records exposed in massive data breach
Someone has compiled a massive collection of email addresses and plain text passwords, apparently from 2000+ hacked databases, and has made the trove freely available for …
Android Trojan steals money from victims’ PayPal account
ESET researchers have unearthed a new Android Trojan that tricks users into logging into PayPal, then takes over and mimics the user’s clicks to send money to the attacker’s …
Old and new OpenSSH backdoors threaten Linux servers
OpenSSH, a suite of networking software that allows secure communications over an unsecured network, is the most common tool for system administrators to manage rented Linux …
VestaCP users warned about possible server compromise
Unknown attackers have compromised the official distribution of the VestaCP hosting control panel solution to harvest server IPs and admin credentials. That information was …
GreyEnergy group targeting critical infrastructure with espionage
ESET has uncovered details of a successor to the BlackEnergy APT group. Named GreyEnergy by ESET, this threat actor focuses on espionage and reconnaissance, quite possibly in …
Researchers link Industroyer to NotPetya
ESET researchers believe they have found evidence that the TeleBots APT was behind the December 2016 attacks against the Ukraine energy sector that resulted in blackouts …
LoJax: First-ever UEFI rootkit detected in a cyberattack
ESET researchers have discovered a cyberattack that used a UEFI rootkit to establish a presence on the victims’ computers. Dubbed LoJax, this rootkit was part of a campaign …
Featured news
Resources
Don't miss
- Quantifying cyber risk strategies to resonate with CFOs and boards
- Top 5 threats keeping CISOs up at night in 2025
- CISOs, are your medical devices secure? Attackers are watching closely
- Cybersecurity classics: 10 books that shaped the industry
- NIST selects HQC as backup algorithm for post-quantum encryption