WeLiveSecurity

Move fast and save things: A quick guide to recovering a hacked account

When an online account is compromised, the first few minutes may determine how bad the incident ultimately gets.
WeLiveSecurity

EDR killers explained: Beyond the drivers

ESET researchers dive deeper into the EDR killer ecosystem, disclosing how attackers abuse vulnerable drivers.
WeLiveSecurity

Cyber fallout from the Iran war: What to have on your radar

The cybersecurity implications of the war in the Middle East extend far beyond the region. Here’s where to focus your defenses.
WeLiveSecurity

Sednit reloaded: Back in the trenches

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.
WeLiveSecurity

Award-winning news, views, and insight from the ESET security community

ESET’s Jake Moore used smart glasses, deepfakes and face swaps to ‘hack’ widely-used facial recognition systems – and he'll demo it all at RSAC 2026 The cybersecurity implications of the war in the ...
WeLiveSecurity

Tips & advice

ESET’s Jake Moore used smart glasses, deepfakes and face swaps to ‘hack’ widely-used facial recognition systems – and he'll demo it all at RSAC 2026 Start using a new app and you’ll often be asked to ...
WeLiveSecurity

Fake or Fake: Keeping up with OceanLotus decoys

Following OceanLotus’ activities is taking a tour in the world of deception. This group is known to lure victims by forging appealing documents to entice potential victims into executing the group’s ...
WeLiveSecurity

No “Game over” for the Winnti Group

In February 2020, we discovered a new, modular backdoor, which we named PipeMon. Persisting as a Print Processor, it was used by the Winnti Group against several video gaming companies that are based ...
WeLiveSecurity

DeceptiveDevelopment targets freelance developers

Cybercriminals have been known to approach their targets under the guise of company recruiters, enticing them with fake employment offers. After all, what better time to strike than when the potential ...
WeLiveSecurity

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new malware on the same system, none of ...
WeLiveSecurity

Danabot: Analyzing a fallen empire

As announced by the US Department of Justice – the FBI and US DoD’s Defense Criminal Investigative Service (DCIS) have managed to disrupt the infrastructure of the notorious infostealer, Danabot. ESET ...
WeLiveSecurity

UEFI threats moving to the ESP: Introducing ESPecter bootkit

ESET researchers have analyzed a previously undocumented, real-world UEFI bootkit that persists on the EFI System Partition (ESP). The bootkit, which we’ve named ESPecter, can bypass Windows Driver ...