Hello.

The contemporary smartphone is no longer a mere communication utility. It has evolved into a primary financial terminal, our decentralized workplace, and the literal repository of digital identities. These devices are carried with an intimacy we accord no other technology, treating them as trusted extensions of our daily lives. There was a time when cybersecurity was primarily an organizational concern. It belonged to IT departments, security teams, and large enterprises ta

Digital transformation is reshaping how governments deliver services to citizens. As operations move to the cloud, automated portals, and interconnected networks, public service efficiency reaches unprecedented heights. However, this shift expands the digital attack surface. To support this evolving reality, ESET Nigeria recently concluded a comprehensive Cybersecurity Capacity Building and Optimization Programme for staff of Lagos State Government Ministries, Departments, an

Many manufacturing plants depend on OT systems that stay in service for many years. That long run can hide significant cybersecurity risks. In a manufacturing plant built around uptime, a machine that has run the same physical process for years with barely a hiccup earns something less commonly discussed than a track record of throughput: institutional trust. Over time, such quiet reliability has a way of making a certain kind of scrutiny feel unnecessary, to the point that t

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced stealthiness ESET researchers have discovered two as-yet undocumented Windows variants of SprySOCKS, a previously Linux-only backdoor reportedly used by FishMonger, the group believed to be operated by a Chinese contractor named I‑SOON. While we initially discovered the malware samples on VirusTotal, ESET telemetry shows real activity between 2023 and 2024, w

A phishing kit subverting Microsoft’s legitimate authentication flow lets attackers break into accounts without stealing passwords or creating fake login pages Much has been written about how the days of phishing emails laden with broken grammar and crude design are numbered, largely thanks to AI. Meanwhile, EvilTokens offers a somewhat different example of how far the phishing craft has moved. EvilTokens is a phishing-as-a-service (PhaaS) kit built to compromise Microsoft 36

A shift in operational pattern of the infamous Vietnam-aligned APT group Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations while placing increasing emphasis on domestic espionage. We identified two distinct campaigns involving the SPECTRALVIPER backdoor: a supply-chain attack targeting stock investors in Vietnam and a prolonged e

A company that's expecting a cyberattack but hasn’t actively prepared for it risks making the hardest decisions at the worst possible moment “Fix the roof while the sun is shining.” – proverb Cybersecurity has a familiar way of saying the storm will come: “a breach is a matter of when, not if.” While the industry’s sternest maxim has probably never been more true, it sometimes feels as though it’s also lost some of its edge over the years. While everyone agrees that there cou

Every organisation gets audited. The question is who does the auditing. There’s one cognitive bias that we humans are prone to, and it lies at the centre of some of the challenges that cybersecurity professionals face every day. It’s known as the normalcy bias – what Dr. Lauren Braithwaite defines as “our tendency to underestimate the possibility of disaster and believe that life will continue as normal, even in the face of significant threats or crises.” It's why people hesi

Your child’s first data breach may happen before they’ve even opened a bank account. Here’s how to keep their digital life safe. When we talk about cybersecurity and digital safety in the context of our children, it’s often framed in one of two ways. Either it’s about inappropriate or unsafe content – of the sort that COPPA is meant to regulate in the US. Or it’s about managing the psychological and social impacts of excessive screen time. But there’s an elephant in the room.

Using chatbots for medical advice could elicit hallucinations and even expose you to security and privacy risks. Here’s what’s at stake and how to stay safe. For better or worse, chatbots are changing the way we think, learn and perceive the world around us. This kind of disruption is manifest in many areas of life, but perhaps one of the most sensitive and often concerning is the growing use of generative AI (GenAI) tools for healthcare. Alongside a number of freely availabl