Confidentiality, integrity and availability (the CIA triad) is a security model that guides information security policies within organizations. To avoid confusion with the Central Intelligence Agency, the model is also referred to as the AIC triad. There is a debate whether or not the… Read More "What is the CIA Triad?"
In July 2024, ESET Research noticed suspicious activity on the system of a trade group in the United States that operates in the financial sector. While helping the affected entity remediate the compromise, we made an unexpected discovery in the… Read More "You will always remember this as the day you finally caught FamousSparrow"
When ChatGPT, a generative AI chatbot developed by OpenAI, was introduced in November 2022, the digital world changed forever. Endless questions and even more speculation surrounded the release, and most industries, including cybersecurity, were divided on the tool’s value. The… Read More "The Future of Cybersecurity: ChatGPT For Risk Management?"
ESET researchers take a look back at the significant changes in the ransomware ecosystem in 2024 and focus on the newly emerged and currently dominating ransomware-as-a-service (RaaS) gang, RansomHub. We share previously unpublished insights into RansomHub’s affiliate structure and uncover… Read More "Shifting the sands of RansomHub’s EDRKillShifter"
Supply chain attacks are on the rise, yet few businesses are equipped to face this threat. This could be due to a growing despondency towards cybersecurity in light of the SolarWinds attack. If the US Government network – one of… Read More "Assume Breach Mentality vs. Supply Chain Attacks in 2025"
Once thought to be dormant, the China-aligned group has also been observed using the privately-sold ShadowPad backdoor for the first time 27 Mar 2025 The FamousSparrow APT group has infiltrated a trade group in the financial sector in the United… Read More "FamousSparrow resurfaces to spy on targets in the US, Latin America"
.png?w=1140&resize=1140,855&ssl=1 "What is the InfoSec Registered Assessors Program (IRAP)?")
The Information Security Registered Assessors Program is a cybersecurity initiative created by the Australian Cyber Security Centre (ACSC), a subsidiary of the Australian Signals Directorate (ASD). IRAP assessments utilize cybersecurity standards set by the Australian Government Information Security Manual (ISM)… Read More "What is the InfoSec Registered Assessors Program (IRAP)?"
ESET researchers also examine the growing threat posed by tools that ransomware affiliates deploy in an attempt to disrupt EDR security solutions 27 Mar 2025 ESET research has released a deep-dive analysis of changes in the ransomware ecosystem in 2024,… Read More "RansomHub affiliates linked to rival RaaS providers"
Cybercriminals choose their targets based on two conditions – maximum impact and maximum profit. Financial institutions perfectly meet these conditions because they store highly valuable data, and their digital transformation efforts are creating greater opportunities for cyber attackers to access… Read More "10 Biggest Data Breaches in Finance"
Security awareness training doesn’t have to be a snoozefest – games and stories can help instill ‘sticky’ habits that will kick in when a danger is near 28 Mar 2025 • , 5 min. read Let me preface this with… Read More "How to get the most out of cybersecurity training"
