News

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

I'm pleased to welcome the first new government onto Have I Been Pwned for 2021, Portugal. The Portuguese CSIRT, CERT.PT, now has full and free access to query their government domains across the entire scope of data in HIBP.

This is now the 12th government onboarded to HIBP and

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

I honestly don't know where my time goes. I get up, have great plans for all the things I want to do then next minute, the day is gone. There's probably some hints in the range of different things I'm speaking about this week and the book is certainly now

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

I seem to have spread myself across a whole heap of different things this week which is fine (it's all stuff I love doing), but it has made for rather a "varied" video. I'm talking (somewhat vaguely) about the book I'm working on, how Facebook has nuked all news in

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

As I progressively make my house smarter and smarter, I find I keep butting against the intersection of where smart stuff meets dumb stuff. Take light globes, for example, the simplest circuit you can imagine. Pass a current through it, light goes on. Kill the current, light goes off. We

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

This week has seen a lot of my time go on an all-new project. One I'm really excited about and is completely different to everything I've done before; I expect I'll be able to talk about that in the coming weeks and it shouldn't be too much longer before it's

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

This week's update comes to you amongst the noisy backdrop of the garden being literally chopped up by high pressure hose (which I think my beautiful Rhode Broadcaster mic successfully excluded). As I say in the intro, it appears the horticulture industry is a little like the software one where

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

For about the last decade, a huge proportion of my interactions with people has been remote and across different cultures and time zones. Initially this was in my previous life at Pfizer due to the regional nature of my role and over the last six years, it's been as an

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

Well, it kinda feels like we're back to the new normal that is 2021. I'm home, the kids are back at school and we're all still getting breached. We're breached so much that even when we're not breached but someone says we're breached, it genuinely looks like we're breached. Ok,

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

I had this idea out of nowhere the other day that I should have a visual display somewhere in my office showing how many active Have I Been Pwned (HIBP) subscribers I presently have. Why? I'm not sure exactly, it just seemed like a good idea at the time. Perhaps

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

I'm back into a normal home routine and it's business as usual again. You know, stuff like data breaches, new tech toys and having your genitalia locked in an vulnerable IoT device and held for ransom. Just normal stuff like that 😳

References

1. Turing Tumble is a really neat game for

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

A little bit of a change of pace this week with the video being solely on the events unfolding around removing content, people and even entire platforms from the internet. These are significant events in history, regardless of your political persuasion, and they're likely to have a very long-lasting impact

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

And we're finally home. After 8,441km of driving finished off by a comfy flight home whilst the car catches a ride on a carrier, we're done. I talk about why we didn't finish the drive in the latter part of this week's video (basically boiled down to border uncertainties

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

It's a new year! With lots of breaches to discuss already ☹ Ok, so these may not be 2021 breaches but I betcha that by next week's update there'll be brand new ones from the new year to discuss. I managed to get enough connectivity in the middle of the Australian

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

Well that's Christmas down for another year, and a rather different one it was for so many of us around the world. I'm pumping this post out very quickly (a couple of days after recording) whilst midway along a very long drive. I'll share more about that on my New

Presently sponsored by: MEGA - The world's largest provider of zero-knowledge E2EE cloud storage plus chat. Join 200m others who enjoy privacy - try MEGA for free.

I'm live again! Well, I was live having found enough connectivity in Port Douglas to go back to streaming. I'll still be here next week too and will plan on doing a Christmas morning stream from the same location. I talk a bunch about the trip and what I'm seeing

While the trackers in LastPass’ Android app don’t collect any personal data, the news may not sit well with some privacy-minded users

The post Popular password manager in the spotlight over web trackers appeared first on WeLiveSecurity

Privacy bug in Brave browser – Clubhouse audio streamed to external website – Protecting children from cyberbullying in COVID-19 era

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

Neither clinical research into the coronavirus nor any patient data were affected by the incident

The post Oxford University COVID‑19 lab hacked appeared first on WeLiveSecurity

As screen time has increased, so has the risk of cyberbullying. What you can do to help protect your children from online harassment?

The post Safeguarding children against cyberbullying in the age of COVID‑19 appeared first on WeLiveSecurity

A snapshot of some of the ways ESET makes an impact supporting the well-being of people, communities and the environment

The post Championing worthy causes: How ESET gives a helping hand appeared first on WeLiveSecurity

Two new tools will warn users about the risks of searching for and sharing content that exploits children, including the potential legal consequences of doing so

The post Facebook ramps up fight against child abuse content appeared first on WeLiveSecurity

People who use devices running Android 9 or newer will be alerted if their login credentials have been stolen

The post Google’s Password Checkup tool rolling out to Android devices appeared first on WeLiveSecurity

The incident raises concerns about the privacy and security of conversations taking place on the platform

The post Clubhouse chats streamed to third‑party website appeared first on WeLiveSecurity

A bug in the ad blocking component of Brave’s Tor feature caused the browser to leak users' DNS queries

The post Brave browser’s Tor mode exposed users’ dark web activity appeared first on WeLiveSecurity

Avoid COVID-19 vaccine fraud and hoaxes – Romance scams cause record-high losses – Exaramel in the spotlight after attacks in France

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

Both hacktivists and extortionists have used telephony denial-of-service attacks as a way to further their goals

The post TDoS attacks could cost lives, warns FBI appeared first on WeLiveSecurity

The first instance of malicious code native to Apple Silicon M1 Macs emerged a month after the release of devices equipped with the company’s in-house CPUs

The post Malware authors already taking aim at Apple M1 Macs appeared first on WeLiveSecurity

The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool

The post Attacks targeting IT firms stir concern, controversy appeared first on WeLiveSecurity

As dating apps experience a boom amid COVID-19, losses to romance scams soar too

The post Romance scams in 2020: Breaking hearts, wallets – and records appeared first on WeLiveSecurity

The vaccination push provides a vital shot in the arm for the world’s battle against the pandemic, but it's also a topic ripe for exploitation by fraudsters and purveyors of misinformation

The post Beware of COVID‑19 vaccine scams and misinformation appeared first on WeLiveSecurity

High-severity and critical bugs disclosed in 2020 outnumber the sum total of vulnerabilities reported in 2010

The post Record‑high number of vulnerabilities reported in 2020 appeared first on WeLiveSecurity

ESET's Q4 2020 threat report is out – How smart sex toys can ruin your privacy – Protecting water supply systems

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

While you’re living out your fantasies, your internet-enabled sex toy may be setting you up for a privacy nightmare

The post Fifty shades of vulnerable: How to play it safe with your smart sex toy appeared first on WeLiveSecurity

What can municipalities do to better protect their water supply systems?

The post Protecting the water supply – hacker edition appeared first on WeLiveSecurity

This month’s relatively humble bundle of security updates fixes 56 vulnerabilities, including a zero-day bug and 11 flaws rated as critical

The post Microsoft patches actively exploited Windows kernel flaw appeared first on WeLiveSecurity

While the incursion was thwarted in time, cyberattacks targeting critical infrastructure are a major cause for concern

The post Hacker attempts to poison Florida city’s water supply appeared first on WeLiveSecurity

A view of the Q4 2020 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

The post ESET Threat Report Q4 2020 appeared first on WeLiveSecurity

ESET unearths a supply-chain attack against an Android emulator for PC and Mac – ESET research into malware targeting HPC clusters – How to prevent at least some zero-days

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

Vendors should fix the root cause of a vulnerability, rather than block just one path to triggering it, says Google

The post Google: Better patching could have prevented 1 in 4 zero‑days last year appeared first on WeLiveSecurity

Sharing your thoughts or photos for the world to see is now as easy as pushing a button, but even a seemingly harmless post may come back to haunt you

The post Facebook etiquette: Behaviors you should avoid appeared first on WeLiveSecurity

The US Federal Trade Commission received 1.4 million reports of identity theft last year, double the number from 2019

The post Identity theft spikes amid pandemic appeared first on WeLiveSecurity

ESET researchers publish a white paper about unique multiplatform malware they’ve named Kobalos

The post Kobalos – A complex Linux threat to high performance computing infrastructure appeared first on WeLiveSecurity

ESET researchers uncover a supply-chain attack used in a cyberespionage operation targeting online‑gaming communities in Asia

The post Operation NightScout: Supply‑chain attack targets online gaming in Asia appeared first on WeLiveSecurity

Law enforcement disrupts Emotet – Wormable Android malware spreading via WhatsApp – Three iOS zero-day bugs squashed

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

The law enforcement action is one of the most significant operations against cybercriminal enterprises ever

The post Emotet botnet disrupted in global operation appeared first on WeLiveSecurity

As schools and students continue to contend with the very real cyber-risks of virtual classrooms, we share some advice for protecting children’s data and privacy

The post Data Privacy Day: Top tips for safe remote learning appeared first on WeLiveSecurity

The company emits emergency updates to fix bugs affecting devices ranging from iPhones to Apple Watches

The post Apple patches three iOS zero‑days under attack appeared first on WeLiveSecurity

“Download This application and Win Mobile Phone”, reads the message attempting to trick users into downloading a fake Huawei app

The post Wormable Android malware spreads via WhatsApp messages appeared first on WeLiveSecurity

ESET research analyzes the Vadokrist banking trojan – Beware smishing scams – WhatsApp postpones privacy policy changes

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

Here’s how to spot scams where criminals use deceptive text messages to hook and reel in their marks

The post Why do we fall for SMS phishing scams so easily? appeared first on WeLiveSecurity

Another in our occasional series demystifying Latin American banking trojans

The post Vadokrist: A wolf in sheep’s clothing appeared first on WeLiveSecurity

Security flaws in a widely used DNS software package could allow attackers to send users to malicious websites or to remotely hijack their devices

The post DNSpooq bugs expose millions of devices to DNS cache poisoning appeared first on WeLiveSecurity

Criminals coax employees into handing over their access credentials and use the login data to burrow deep into corporate networks

The post FBI warns of voice phishing attacks stealing corporate credentials appeared first on WeLiveSecurity

Millions of people flock to Signal and Telegram as WhatsApp scrambles to assuage users' concerns

The post WhatsApp delays privacy policy update after confusion, backlash appeared first on WeLiveSecurity

ESET research dissects targeted malware attacks in Colombia – What parents hope to get out of parental controls – Privacy risks of new mesh Wi-Fi routers

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

Nobody said parenting was easy, but in the digital age it comes with a whole slew of new challenges. How do parents view the role of parental monitoring in children's online safety?

The post What’s your attitude to parental controls? appeared first on WeLiveSecurity

Your ‘networked computer on wheels’ has a privacy problem – when it comes to your data, you may not really be in the driver’s seat

The post CES 2021: Car spying – your insurance company is watching you appeared first on WeLiveSecurity

The documents related to COVID-19 vaccine and medications were stolen from the EU's medicines agency last month

The post Hackers leak stolen COVID‑19 vaccine documents appeared first on WeLiveSecurity

New mesh Wi-Fi routers may be the answer to your wireless signal woes, but how about your privacy and security?

The post CES 2021: Router swarms invade your home (and know where you are) appeared first on WeLiveSecurity

ESET researchers uncover attacks targeting Colombian government institutions and private companies, especially from the energy and metallurgical industries

The post Operation Spalax: Targeted malware attacks in Colombia appeared first on WeLiveSecurity

Fraudsters are quick to exploit current events for their own gain, but many schemes do the rounds regardless of what’s making the news. Here are 5 common scams you should look out for.

The post 5 common scams and how to avoid them appeared first on WeLiveSecurity

Watch out for a new PayPal smishing campaign – Employee login credentials up for sale – WhatsApp to share more data with Facebook

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

Successful exploitation of some of these flaws could allow attackers to take control of vulnerable systems

The post Chrome, Firefox updates fix severe security bugs appeared first on WeLiveSecurity

Many users have until February 8 to accept the new rules – or else lose access to the app

The post WhatsApp updates privacy policy to enable sharing more data with Facebook appeared first on WeLiveSecurity

It’s hardly fun and games for top gaming companies and their customers as half a million employee credentials turn up for sale on the dark web

The post Stolen employee credentials put leading gaming firms at risk appeared first on WeLiveSecurity