Weekly Update 404
Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. What a week! The…
Security
How can a Bitcoin wallet get scammed?
Cryptocurrency is the latest and very alluring online interest for cybercriminals to attempt to hack. While Bitcoin is the most…
How did someone hijack my TikTok profile and scam others?
Just as any social media platform, personal profiles on TikTok can be hacked and then used to try to scam…
ESET Research Podcast: APT Activity Report Q4 2023–Q1 2024
The I-SOON data leak confirms that this contractor is involved in cyberespionage for China, while Iran-aligned groups step up aggressive…
How Arid Viper spies on Android users in the Middle East – Week in security with Tony Anscombe
The spyware, called AridSpy by ESET, is distributed through websites that pose as various messaging apps, a job search app,…
Adobe Critical Security Updates June 2024
In June 2024, Adobe released security updates addressing 13 critical vulnerabilities in software like Experience Manager, Adobe Commerce, Photoshop, etc.…
Friday Squid Blogging: Squid Cartoon
Squid humor. As usual, you can also use this squid post to talk about the security stories in the news…
Demo of AES GCM Misuse Problems
This is really neat demo of the security problems arising from reusing nonces with a symmetric cipher in GCM mode.
The Story of Mis-Tech: Ep 1: Hit with a Cyberattack and Panic Ensues
The security room of Mis-Tech was silent. John, the CISO, was keeping a cool face while freaking out inside. “Where…
Arid Viper poisons Android apps with AridSpy
ESET researchers discovered Arid Viper espionage campaigns spreading trojanized apps to Android users in Egypt and Palestine