WeLiveSecurity

WeLiveSecurity je redakční kanál společnosti ESET pro internetové bezpečnostní zprávy, zobrazení a přehledy pokrývající nejnovější průlomové informace spolu s videonávody a podcasty. Cílem je uspokojit všechny úrovně dovedností - od bojem zocelených kodérů až po lidi, kteří hledají rady, jak efektivně zabezpečit svá data.

OceanLotus: From external espionage to domestic targeting

A shift in operational pattern of the infamous Vietnam-aligned APT group

11. 6. 2026

Unpacking SMB cyber-readiness – and what makes or breaks it

A company that's expecting a cyberattack but hasn’t actively prepared for it risks making the hardest decisions at the worst possible moment

10. 6. 2026

Cybercriminals: the 'auditors' you never hired

Every organisation gets audited. The question is who does the auditing.

9. 6. 2026

Lessons for life: Why children’s data is a long-term identity risk

Your child’s first data breach may happen before they’ve even opened a bank account. Here’s how to keep their digital life safe.

3. 6. 2026

This month in security with Tony Anscombe – May 2026 edition

In this roundup, Tony looks at attacks against Polish water treatment facilities, how AI-directed attacks failed in Mexico, and what Google believes is the first AI-generated zero-day exploit

29. 5. 2026

ESET APT Activity Report Q4 2025–Q1 2026

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2025 and Q1 2026

28. 5. 2026

What to consider before asking an AI chatbot for health advice

Using chatbots for medical advice could elicit hallucinations and even expose you to security and privacy risks. Here’s what’s at stake and how to stay safe.

27. 5. 2026

BTMOB: A stealthy RAT burrowing deep into Android devices

The malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise

26. 5. 2026

Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise

Watch out for bogus World Cup websites that mimic official ticket and merchandise flows to steal money and personal data

22. 5. 2026

Webworm: New burrowing techniques

ESET researchers describe new tools and techniques that the Webworm APT group recently added to its arsenal

20. 5. 2026

The quest for greater tech independence

A complete decoupling from US technology is neither realistic nor necessary, but the changing environment does require nations and companies to reassess their relationships and dependencies

19. 5. 2026

Why geopolitical turmoil is a gift for scammers, and how to stay safe

Conflict is a boon for opportunistic fraudsters. Look out for their ploys.

15. 5. 2026

FrostyNeighbor: Fresh mischief and digital shenanigans

ESET researchers uncovered new activities attributed to FrostyNeighbor, updating its compromise chain to support the group’s continual cyberespionage operations

14. 5. 2026

Eyes wide open: How to mitigate the security and privacy risks of smart glasses

Smart glasses allow anyone to track and record the world around them. That could put your data and the privacy of those nearby at risk.

11. 5. 2026

Fake call logs, real payments: How CallPhantom tricks Android users

ESET researchers uncovered fraudulent apps on Google Play that claim to provide the call history “for any number” and had been downloaded more than seven million times before being taken down

7. 5. 2026

Fixing the password problem is as easy as 123456

How come it’s still possible to ‘secure’ an online account with a six-digit string?

7. 5. 2026

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via backdoor-laced Windows and Android games

5. 5. 2026

This month in security with Tony Anscombe – April 2026 edition

Warnings about helpdesk impersonation scams and Iran-linked hackers targeting critical sectors in the US, plus the most damaging scams of 2025 - here's some of what made the headlines this month

30. 4. 2026

The calm before the ransom: What you see is not all there is

A breach claims the systems as well as the confidence that was, in retrospect, a major vulnerability

24. 4. 2026

GopherWhisper: A burrow full of malware

ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian governmental institutions

23. 4. 2026

New NGate variant hides in a trojanized NFC payment app

ESET researchers discover another iteration of NGate malware, this time possibly developed with the assistance of AI

21. 4. 2026

What the ransom note won’t say

An attack is what you see, but a business operation is what you’re up against

20. 4. 2026

That data breach alert might be a trap

Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse. Stop reacting on autopilot.

17. 4. 2026

Supply chain dependencies: Have you checked your blind spot?

Your biggest risk may be a vendor you trust. How can SMBs map their third-party blind spots and build operational resilience?

16. 4. 2026

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

If you’ve been a victim of fraud, you’re likely already a lead on a ‘sucker list’ – and if you’re not careful, your ordeal may be about to get worse.

10. 4. 2026

As breakout time accelerates, prevention-first cybersecurity takes center stage

Threat actors are using AI to supercharge tried-and-tested TTPs. When attacks move this fast, cyber-defenders need to rethink their own strategy.

7. 4. 2026

Digital assets after death: Managing risks to your loved one’s digital estate

Fraudsters often target the accounts of the deceased or their grieving relatives. Here’s how to keep the scammers at bay.

1. 4. 2026

This month in security with Tony Anscombe – March 2026 edition

The past four weeks have seen a slew of new cybersecurity wake-up calls that showed why every organization needs a well-thought-out cyber-resilience plan

31. 3. 2026

RSAC 2026 wrap-up – Week in security with Tony Anscombe

This year, AI agents took the center stage – as a defensive capability, but more pressingly as a risk many organizations haven't caught up with

27. 3. 2026

A cunning predator: How Silver Fox preys on Japanese firms this tax season

Silver Fox is back in Japan, spoofing tax and HR emails timed to the one season when no one thinks twice about opening them

27. 3. 2026

Virtual machines, virtually everywhere – and with real security gaps

Cloud VMs offer unmatched speed, scale and flexibility – all of which could eventually count for little if they’re left to fend for themselves

25. 3. 2026

Cloud workload security: Mind the gaps

As IT infrastructure expands, visibility and control often lag behind – until an incident forces a reckoning

24. 3. 2026

Move fast and save things: A quick guide to recovering a hacked account

What you do – and how fast – after an account is compromised often matters more than it may seem

20. 3. 2026

EDR killers explained: Beyond the drivers

ESET researchers dive deeper into the EDR killer ecosystem, disclosing how attackers abuse vulnerable drivers

19. 3. 2026

Face value: What it takes to fool facial recognition

ESET’s Jake Moore used smart glasses, deepfakes and face swaps to ‘hack’ widely-used facial recognition systems – and he'll demo it all at RSAC 2026

13. 3. 2026

Cyber fallout from the Iran war: What to have on your radar

The cybersecurity implications of the war in the Middle East extend far beyond the region. Here’s where to focus your defenses.

12. 3. 2026

Sednit reloaded: Back in the trenches

The resurgence of one of Russia’s most notorious APT groups

10. 3. 2026

What cybersecurity actually does for your business

The ability to continue operating safely in an unsafe environment where competitors cannot is a competitive advantage that is rarely measured or discussed

6. 3. 2026

How SMBs use threat research and MDR to build a defensive edge

We speak to Director of ESET Threat Research Jean-Ian Boutin about where solutions that blend advanced technology with human expertise provide the most practical value for businesses

5. 3. 2026

Protecting education: How MDR can tip the balance in favor of schools

The education sector is notoriously short on cash, but rich in assets for threat actors to target. How can managed detection and response (MDR) help learning institutions regain the initiative?

4. 3. 2026

This month in security with Tony Anscombe – February 2026 edition

In this roundup, Tony looks at how opportunistic threat actors are taking advantage of weak authentication, unmanaged exposure, and popular AI tools

28. 2. 2026

Mobile app permissions (still) matter more than you may think

Start using a new app and you’ll often be asked to grant it permissions. But blindly accepting them could expose you to serious privacy and security risks.

27. 2. 2026

Faking it on the phone: How to tell if a voice call is AI or not

Can you believe your ears? Increasingly, the answer is no. Here’s what’s at stake for your business, and how to beat the deepfakers.

23. 2. 2026

PromptSpy ushers in the era of Android threats using GenAI

ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow

19. 2. 2026

Is Poshmark safe? How to buy and sell without getting scammed

Like any other marketplace, the social commerce platform has its share of red flags. It pays to know what to look for so you can shop or sell without headaches.

19. 2. 2026

Is it OK to let your children post selfies online?

When it comes to our children’s digital lives, prohibition rarely works. It’s our responsibility to help them build a healthy relationship with tech.

17. 2. 2026

Naming and shaming: How ransomware groups tighten the screws on victims

When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle

12. 2. 2026

Taxing times: Top IRS scams to look out for in 2026

It’s time to file your tax return. And cybercriminals are lurking to make an already stressful period even more edgy.

10. 2. 2026

OfferUp scammers are out in force: Here’s what you should know

The mobile marketplace app has a growing number of users, but not all of them are genuine. Watch out for these common scams.

4. 2. 2026

A slippery slope: Beware of Winter Olympics scams and other cyberthreats

It’s snow joke – sporting events are a big draw for cybercriminals. Make sure you’re not on the losing side by following these best practices.

2. 2. 2026

This month in security with Tony Anscombe – January 2026 edition

The trends from January offer useful clues about the risks and priorities that security teams are likely to contend with throughout the year

30. 1. 2026

DynoWiper update: Technical analysis and attribution

ESET researchers present technical details on a recent data destruction incident affecting a company in Poland’s energy sector

30. 1. 2026

Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan

ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation

28. 1. 2026

Drowning in spam or scam emails? Here’s probably why

Has your inbox recently been deluged with unwanted and even outright malicious messages? Here are 10 possible reasons – and how to stem the tide.

27. 1. 2026

ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025

The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper

23. 1. 2026

Children and chatbots: What parents should know

As children turn to AI chatbots for answers, advice, and companionship, questions emerge about their safety, privacy, and emotional development

23. 1. 2026

Common Apple Pay scams, and how to stay safe

Here’s how the most common scams targeting Apple Pay users work and what you can do to stay one step ahead

22. 1. 2026

Old habits die hard: 2025’s most common passwords were as predictable as ever

Once again, data shows an uncomfortable truth: the habit of choosing eminently hackable passwords is alive and well

20. 1. 2026

Why LinkedIn is a hunting ground for threat actors – and how to protect yourself

The business social networking site is a vast, publicly accessible database of corporate information. Don’t believe everyone on the site is who they say they are.

16. 1. 2026

Is it time for internet services to adopt identity verification?

Should verified identities become the standard online? Australia’s social media ban for under-16s shows why the question matters.

14. 1. 2026

Your personal information is on the dark web. What happens next?

If your data is on the dark web, it’s probably only a matter of time before it’s abused for fraud or account hijacking. Here’s what to do.

13. 1. 2026

Credential stuffing: What it is and how to protect yourself

Reusing passwords may feel like a harmless shortcut – until a single breach opens the door to multiple accounts

8. 1. 2026

This month in security with Tony Anscombe – December 2025 edition

As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this year

29. 12. 2025

A brush with online fraud: What are brushing scams and how do I stay safe?

Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to follow.

23. 12. 2025

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

A comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of mass exploitation

22. 12. 2025

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions

18. 12. 2025

ESET Threat Report H2 2025

A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

16. 12. 2025

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found

12. 12. 2025

Black Hat Europe 2025: Reputation matters – even in the ransomware economy

Being seen as reliable is good for ‘business’ and ransomware groups care about 'brand reputation' just as much as their victims

11. 12. 2025

Locks, SOCs and a cat in a box: What Schrödinger can teach us about cybersecurity

If you don’t look inside your environment, you can’t know its true state – and attackers count on that

11. 12. 2025

Seeking symmetry during ATT&CK® season: How to harness today’s diverse analyst and tester landscape to paint a security masterpiece

Interpreting the vast cybersecurity vendor landscape through the lens of industry analysts and testing authorities can immensely enhance your cyber-resilience.

10. 12. 2025

The big catch: How whaling attacks target top executives

Is your organization’s senior leadership vulnerable to a cyber-harpooning? Learn how to keep them safe.

9. 12. 2025

Phishing, privileges and passwords: Why identity is critical to improving cybersecurity posture

Identity is effectively the new network boundary. It must be protected at all costs.

4. 12. 2025

MuddyWater: Snakes by the riverbank

MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook

2. 12. 2025

Oversharing is not caring: What’s at stake if your employees post too much online

From LinkedIn to X, GitHub to Instagram, there are plenty of opportunities to share work-related information. But posting could also get your company into trouble.

1. 12. 2025

This month in security with Tony Anscombe – November 2025 edition

Data exposure by top AI companies, the Akira ransomware haul, Operation Endgame against major malware families, and more of this month's cybersecurity news

28. 11. 2025

What parents should know to protect their children from doxxing

Online disagreements among young people can easily spiral out of control. Parents need to understand what’s at stake.

27. 11. 2025

Influencers in the crosshairs: How cybercriminals are targeting content creators

Social media influencers can provide reach and trust for scams and malware distribution. Robust account protection is key to stopping the fraudsters.

25. 11. 2025

MDR is the answer – now, what’s the question?

Why your business needs the best-of-breed combination of technology and human expertise

24. 11. 2025

The OSINT advantage: Find your weak spots before attackers do

Here’s how open-source intelligence helps trace your digital footprint and uncover your weak points, plus a few essential tools to connect the dots

20. 11. 2025

PlushDaemon compromises network devices for adversary-in-the-middle attacks

ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks

19. 11. 2025

What if your romantic AI chatbot can’t keep a secret?

Does your chatbot know too much? Here's why you should think twice before you tell your AI companion everything.

17. 11. 2025

How password managers can be hacked – and how to stay safe

Look no further to learn how cybercriminals could try to crack your vault and how you can keep your logins safe

13. 11. 2025

Why shadow AI could be your biggest security blind spot

From unintentional data leakage to buggy code, here’s why you should care about unsanctioned AI use in your company

11. 11. 2025

In memoriam: David Harley

Former colleagues and friends remember the cybersecurity researcher, author, and mentor whose work bridged the human and technical sides of security

7. 11. 2025

The who, where, and how of APT attacks in Q2 2025–Q3 2025

ESET Chief Security Evangelist Tony Anscombe highlights some of the key findings from the latest issue of the ESET APT Activity Report

7. 11. 2025

ESET APT Activity Report Q2 2025–Q3 2025

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2025 and Q3 2025

6. 11. 2025

Sharing is scaring: The WhatsApp scam you didn’t see coming

How a fast-growing scam is tricking WhatsApp users into revealing their most sensitive financial and other data

5. 11. 2025

How social engineering works | Unlocked 403 cybersecurity podcast (S2E6)

Think you could never fall for an online scam? Think again. Here's how scammers could exploit psychology to deceive you – and what you can do to stay one step ahead

4. 11. 2025

Ground zero: 5 things to do after discovering a cyberattack

When every minute counts, preparation and precision can mean the difference between disruption and disaster

3. 11. 2025

This month in security with Tony Anscombe – October 2025 edition

From the end of Windows 10 support to scams on TikTok and state-aligned hackers wielding AI, October's headlines offer a glimpse of what's shaping cybersecurity right now

31. 10. 2025

Fraud prevention: How to help older family members avoid scams

Families that combine open communication with effective behavioral and technical safeguards can cut the risk dramatically

30. 10. 2025

Cybersecurity Awareness Month 2025: When seeing isn't believing

Deepfakes are blurring the line between real and fake and fraudsters are cashing in, using synthetic media for all manner of scams

29. 10. 2025

Recruitment red flags: Can you spot a spy posing as a job seeker?

Here’s what to know about a recent spin on an insider threat – fake North Korean IT workers infiltrating western firms

28. 10. 2025

How MDR can give MSPs the edge in a competitive market

With cybersecurity talent in short supply and threats evolving fast, managed detection and response is emerging as a strategic necessity for MSPs

27. 10. 2025

Cybersecurity Awareness Month 2025: Cyber-risk thrives in the shadows

Shadow IT leaves organizations exposed to cyberattacks and raises the risk of data loss and compliance failures

24. 10. 2025

Gotta fly: Lazarus targets the UAV sector

ESET research analyzes a recent instance of the Operation DreamJob cyberespionage campaign conducted by Lazarus, a North Korea-aligned APT group

23. 10. 2025

SnakeStealer: How it preys on personal data – and how you can protect yourself

Here’s what to know about the malware with an insatiable appetite for valuable data, so much so that it tops this year's infostealer detection charts

22. 10. 2025

Cybersecurity Awareness Month 2025: Building resilience against ransomware

Ransomware rages on and no organization is too small to be targeted by cyber-extortionists. How can your business protect itself against the threat?

20. 10. 2025

Minecraft mods: Should you 'hack' your game?

Some Minecraft mods don’t help build worlds – they break them. Here’s how malware can masquerade as a Minecraft mod.

16. 10. 2025

Sledujte nás na Facebooku