WeLiveSecurity

Notorious APT group Turla collaborates with Gamaredon, both FSB-associated groups, to compromise high‑profile targets in Ukraine

Long known to be a sweet spot for cybercriminals, small businesses are more likely to be victimized by ransomware than large enterprises

HybridPetya is the fourth publicly known real or proof-of-concept bootkit with UEFI Secure Boot bypass functionality

UEFI copycat of Petya/NotPetya exploiting CVE-2024-7344 discovered on VirusTotal

As bad actors often simply waltz through companies’ digital front doors with a key, here’s how to keep your own door locked tight

Given the serious financial and reputational risks of incidents that grind business to a halt, organizations need to prioritize a prevention-first cybersecurity strategy

As the attack surface expands and the threat landscape grows more complex, it’s time to consider whether your data protection strategy is fit for purpose

ESET researchers have identified a new threat actor targeting Windows servers with a passive C++ backdoor and a malicious IIS module that manipulates Google search results

From Meta shutting down millions of WhatsApp accounts linked to scam centers all the way to attacks at water facilities in Europe, August 2025 saw no shortage of impactful cybersecurity news

Cyberbullying is a fact of life in our digital-centric society, but there are ways to push back

The discovery of PromptLock shows how malicious use of AI models could supercharge ransomware and other threats

Separating truth from fiction is the first step towards making better parenting decisions. Let’s puncture some of the most common misconceptions about online harassment.

How top-tier managed detection and response (MDR) can help organizations stay ahead of increasingly agile and determined adversaries

Can you tell the difference between legitimate marketing and deepfake scam ads? It’s not always as easy as you may think.

Does your business truly understand its dependencies, and how to mitigate the risks posed by an attack on them?

Digital natives are comfortable with technology, but may be more exposed to online scams and other threats than they think

The attacks used spearphishing campaigns to target financial, manufacturing, defense, and logistics companies in Europe and Canada, ESET research finds

ESET Research discovered a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents; the weaponized archives exploited a path traversal flaw to compromise their targets

A sky-high premium may not always reflect your company’s security posture

Is your phone suddenly flooded with aggressive ads, slowing down performance or leading to unusual app behavior? Here’s what to do.

Who’s to blame when the AI tool managing a company’s compliance status gets it wrong?

Success in cybersecurity is when nothing happens, plus other standout themes from two of the event’s keynotes

Threat actors are embracing ClickFix, ransomware gangs are turning on each other – toppling even the leaders – and law enforcement is disrupting one infostealer after another

Here’s what you need to know about the inner workings of modern spyware and how to stay away from apps that know too much

Restricting end-to-end encryption on a single-country basis would not only be absurdly difficult to enforce, but it would also fail to deter criminal activity

Here’s a look at cybersecurity stories that moved the needle, raised the alarm, or offered vital lessons in July 2025

Not all browser add-ons are handy helpers – some may contain far more than you have bargained for

The ToolShell bugs are being exploited by cybercriminals and APT groups alike, with the US on the receiving end of 13 percent of all attacks

ESET Research has been monitoring attacks involving the recently discovered ToolShell zero-day vulnerabilities

Before rushing to prove that you’re not a robot, be wary of deceptive human verification pages as an increasingly popular vector for delivering malware