A Slippery Slope: Beware of Winter Olympics Scams and Other Cyberthreats
Cybercriminals are gearing up for the Milano‑Cortina 2026 Winter Olympics, exploiting the event’s global visibility with a surge of phishing, fake ticket sites, malicious streaming platforms, and counterfeit apps. Past Games have seen state‑aligned actors deploy wiper malware and hacktivists leverage the spotlight for political messages, underscoring the Olympics’ appeal to threat actors. This year, scammers are also employing AI‑generated deepfakes, QR‑code phishing, and SEO poisoning to lure fans and volunteers into credential theft and financial fraud. Organizers and users are urged to stick to official channels and adopt robust security hygiene to mitigate these risks.
This Month in Security with Tony Anscombe – January 2026 Edition
In January 2026, ESET’s Tony Anscombe highlighted four major security incidents: Nike faced a ransomware claim involving 1.4 TB of data, cyber‑fraud surpassed ransomware as CEOs’ top concern, unsecured Zendesk support systems powered a massive spam campaign, and ServiceNow patched the...
DynoWiper Update: Technical Analysis and Attribution
ESET researchers identified a new data‑wiping malware, DynoWiper, used against a Polish energy company in December 2025. Technical analysis attributes the campaign to the Russian‑aligned Sandworm group with medium confidence, noting similarities to the previously observed ZOV wiper. The malware deployed...
Love? Actually: Fake Dating App Used as Lure in Targeted Spyware Campaign in Pakistan
ESET has uncovered a sophisticated Android spyware campaign that uses a fake dating app, GhostChat, to lure Pakistani users through romance‑scam tactics. The app presents locked female profiles with hard‑coded unlock codes, creating an illusion of exclusive access before installing...
Drowning in Spam or Scam Emails? Here’s Probably Why
Inbox overload of spam and scam messages is often traced to multiple technical and human factors. Recent data breaches, botnet‑driven campaigns, and lax email authentication expose addresses to malicious actors. Compromised accounts and aggressive marketing lists amplify the volume. Experts...
Common Apple Pay Scams, and How to Stay Safe
Apple Pay processes trillions of transactions annually, yet scammers exploit its popularity through social‑engineering tricks and NFC‑based malware. The most common frauds include phishing, marketplace overpayment, fake receipts, unsolicited payments, and public‑Wi‑Fi credential harvesting. Researchers observed a near‑doubling of NFC‑abusing...
Old Habits Die Hard: 2025’s Most Common Passwords Were as Predictable as Ever
In 2025, the password "123456" again topped global lists, accounting for a quarter of the 1,000 most‑used passwords and appearing across all age cohorts. NordPass and Comparitech data show numeric‑only passwords dominate, while the US and UK see "admin" and...
Is It Time for Internet Services to Adopt Identity Verification?
Australia has enacted a law prohibiting anyone under 16 from holding a social‑media account, forcing platforms to purge non‑compliant profiles. The move positions the country as a global test case for age‑based bans and sparks a broader debate on mandatory...
Your Personal Information Is on the Dark Web. What Happens Next?
A surge in data breaches and cyber‑crime tools has flooded the dark web with personal and financial information, with 1,732 incidents reported in the first half of 2025 alone. Threat actors leverage infostealer malware, AI‑generated phishing, and supply‑chain attacks to...
Credential Stuffing: What It Is and How to Protect Yourself
Credential stuffing exploits reused passwords by feeding leaked username‑password pairs into login forms across services. The technique surged as data breaches and infostealer malware supply vast credential caches, with 62% of Americans admitting frequent reuse. High‑profile incidents—35,000 PayPal accounts in...
This Month in Security with Tony Anscombe – December 2025 Edition
Tony Anscombe, ESET’s chief security evangelist, recaps the year’s most consequential cyber events in his December 2025 roundup. He highlights that U.S. organizations paid more than $2.1 billion in ransomware ransom from 2022‑2024, a figure FinCEN says only scratches the surface. The...
A Brush with Online Fraud: What Are Brushing Scams and How Do I Stay Safe?
Global e‑commerce sales are set to surpass $6.4 trillion in 2025, fueling intense competition on marketplace review systems. Brushing scams exploit this pressure by sending low‑value items to random addresses, then posting fabricated 5‑star reviews to inflate product rankings. Victims often...
LongNosedGoblin Tries to Sniff Out Governmental Affairs in Southeast Asia and Japan
ESET has identified a previously unknown China‑aligned advanced persistent threat (APT) group, dubbed LongNosedGoblin, targeting governmental entities in Southeast Asia and Japan. The group’s hallmark is the abuse of Windows Group Policy to distribute a suite of custom C#/.NET tools,...
ESET Threat Report H2 2025
The second half of 2025 saw AI‑driven malware become operational, highlighted by PromptLock, the first known AI‑generated ransomware. Lumma Stealer’s presence faded dramatically, with detections dropping 86% after its May disruption. CloudEyE (GuLoader) exploded in prevalence, increasing thirty‑fold and serving...
Black Hat Europe 2025: Was that Device Designed to Be on the Internet at All?
At Black Hat Europe 2025, Zero Science Lab highlighted a building‑management system used in over 1,000 global facilities that runs on an 18‑year‑old, publicly‑exposed software platform riddled with vulnerabilities. The talk traced the problem to a series of acquisitions that left security...
Black Hat Europe 2025: Reputation Matters – Even in the Ransomware Economy
At Black Hat Europe 2025, Max Smeets dissected LockBit’s ransomware‑as‑a‑service operation, revealing 194 affiliates and 80 successful ransom payments between 2022‑2024. He argued that reputation drives both victim and attacker behavior: companies that pay attract more media scrutiny, while ransomware...
Locks, SOCs and a Cat in a Box: What Schrödinger Can Teach Us About Cybersecurity
The article likens an organization’s unseen breach risk to Schrödinger’s cat, arguing that without active visibility a firm exists in a dual breached‑or‑not state. Recent high‑profile attacks by Scattered Spider on Marks & Spencer and Jaguar Land Rover illustrate long...
Seeking Symmetry During ATT&CK® Season: How to Harness Today’s Diverse Analyst and Tester Landscape to Paint a Security Masterpiece
The article maps the sprawling landscape of endpoint‑security analyst reports—from Gartner and Forrester market quadrants to AV‑Comparatives labs and MITRE ATT&CK Evaluations—showing how security leaders can stitch them together into a coherent picture. It likens the process to an artist’s...
The Big Catch: How Whaling Attacks Target Top Executives
Whaling attacks—spear‑phishing campaigns aimed at C‑suite leaders—are delivering multi‑million‑dollar losses, exemplified by a $8.7 million fraud that crippled Levitas Capital. Executives’ privileged access, time pressure, and public visibility make them prime targets for business‑email‑compromise schemes. The rise of generative AI now...