Smart tech gifts: How to keep your kids and family safe

Cyberthreats can take the fun out of connected gadgets – here’s how to make sure your children enjoy the tech without putting themselves or their family at risk

This Holiday season, you may have treated your kids to a smart gadget. But have you also remembered to set up the shiny new device for them and make sure they use it safely? By taking a couple of easy and sensible steps now, you can save yourself a lot of headache further down the road. Here are some simple but important actions you should take and so help ensure your children get the most out of their gadgets and stay safe in the process.

Watch the video to learn:

why you need to understand the device’s features and how they can be used – and abused how software vulnerabilities come into play and how you can patch the security holes how to prevent unauthorized access to the device why the features your children don’t need should be turned off why you should read the privacy policy

Happy holidays!

To learn more about more dangers faced by children online as well as about how technology can help, head over to Safer Kids Online.

7 ways malware can get into your device

You know that malware is bad, but are you also aware of the various common ways in which it can infiltrate your devices?

Malware has been one of the most common threats that netizens face daily. However, although you have heard about the various types of malware you can encounter, chances are you don’t know how these malicious programs are able to infest your devices.

While knowing what types of threats exist is the first step towards protecting yourself and your devices, the next and arguably more important step is to know how threat actors try to sneak these malicious pieces of code into your computers, smartphones, and tablets. To help you combat these threats, we look at some of the most common methods and tactics used to tricking netizens into downloading malware and compromising their data and security.

Phishing and malspam emails

While usually the main objective of phishing emails is to wheedle sensitive information out of you such as your access credentials to various services, your card verification code (last three digits on the backside of your payment card), PIN code, or other personally identifiable information (PII) by masquerading as a trusted institution, they may contain attachments or links that will lead to your device getting infested with malware.

Therefore, it’s always prudent to not just skim over your emails but read them thoroughly. More often than not you’ll notice dead giveaways that you’re dealing with a scam. Telltale signs usually include spelling mistakes, evoking a sense of urgency, requesting personal information, or the email originating from a suspicious domain.

Fraudulent websites

To trick victims into downloading malicious apps, cybercriminals like to spoof websites of famous brands or organizations. The scammers create fraudulent webpages masquerading as the real deal, with the domain name resembling the domain of the organization being spoofed as closely as possible, with some subtle differences here and there, such as adding a letter or symbol or even a whole word. The websites will be malware-laced and will try to dupe the target into clicking on links that will download malware into their devices.

To avoid getting your device infested with malware by visiting one of these websites, always search for the official domain by typing it into a search engine or by typing it manually into the address bar. It bears repeating that a proper security solution will also protect you from most threats and will also block you from accessing known malicious websites.

USB flash drives

External storage devices are a popular form of storing and transferring files; however, they do carry a number of risks. For example, threat actors like to use the “lost” flash-drive social engineering strategy, to dupe unwitting good Samaritans into plugging a compromised thumb drive into their computers. Once an afflicted drive is plugged in and opened your device can get infested with a keylogger or ransomware.

Alternatively, if you aren’t careful about how you handle your flash drive, your computer may get infested by cross-contamination. To mitigate the chances of contaminating your PC you should use a reputable and up-to-date endpoint security solution that will scan an external media plugged into your device and warn you if it contains anything suspicious.

P2P sharing and torrents

While over the years peer-to-peer sharing and torrents have gained a reputation for being a place to illegally download software, games, and media, they have been used by developers as an easy way to disseminate their open-source software or musicians to spread their songs. However, they are also infamous for being abused by black hats who inject the shared files with malicious code. Most recently, ESET researchers uncovered cybercriminals misusing the BitTorrent protocol and Tor network to spread KryptoCibule, a multitasking multicurrency cryptostealer.

To minimize the risk of being compromised, you should use a reputable Virtual Private Network (VPN) to encrypt your traffic and keep it safe from prying eyes. You should also use an up-to-date security solution that can protect you from most threats including viruses or malware that may be a part of the files you’re trying to torrent.

Compromised software

Although it may not happen often, software being directly compromised by threat actors isn’t a rare occurrence. One prominent example of an application’s security being compromised was the case of CCleaner. In these attacks, the black hats inject the malware directly into the application, which is then used to spread the malware when unsuspecting users download the app.

Since CCleaner is a trusted application, it wouldn’t have occurred to a user to overly scrutinize it. However, you should be careful when downloading any type of software even the one you trust. You also can’t go wrong by using a reputable security solution and don’t forget to patch and update your apps regularly, security patches usually deal with any vulnerabilities or loopholes found in the affected apps.


Some websites are often riddled with various ads that pop up whenever you click on any section of the webpage or can even appear immediately whenever you access certain websites. While the aim of these ads is to generally generate revenue for these sites, sometimes they are laced with various types of malware and by clicking on these ads or adware, you may involuntarily download it onto your device. Some ads even use scare tactics telling users that their device has been compromised and only their solution can clean it up, however, that is almost never the case.

A sizeable amount of the adware can be avoided by using trusted ad-blocking extensions on your browser, which will, as the name suggests, block ads from appearing on the website you’re visiting. Another thing you can do is avoid suspicious websites that use such advertisements altogether.

Fake apps

The last item on this list deals with fake mobile applications. These apps usually masquerade as the real thing and try to dupe users into downloading them into their devices, thereby compromising them. They can take on the guise of anything, posing as fitness-tracking toolscryptocurrency apps, or even COVID-19 tracing apps. However,

Cybersecurity Advent calendar: Stay aware, stay safe!

When it comes to holiday gifts, surprise and wonder are always welcome. When it comes to protecting your security, however, you don’t want to leave anything to chance.

Jingle bells are ringing, kids are getting as excited as ever as they look at the Christmas tree with anticipation, and depending on where you live, a blanket of snow might cover the city streets. The Holidays are here, and while we are getting ready to celebrate (virtually) with our loved ones, it is also a season to reflect on our actions and make resolutions for the upcoming year. Here’s some inspiration for simple actions that will greatly bolster your security and privacy.

Educate yourself about cybersecurity and privacy protection

If you are a frequent reader of this blog, it is not your first rodeo when it comes to cybersecurity. As you certainly know, it is quintessential for you to protect your devices and personally identifiable information (PII) from ever-evolving threats. The first step to protect yourself is to educate yourself regarding privacy and security threats and protection. And who knows, while learning more about cybersecurity, maybe you will find your future career?

Learn how to spot phishing attempts and test yourself with free online quizzes and exercises
Training yourself, your team members and your family about cybersecurity is important. But you must be able to transfer this theoretical knowledge to practice. Once you know how to identify phishing attempts, it would be best to test yourself by doing quizzes using gamification to add fun and challenge and combine learning with pleasure. Would you catch the phish? Why not take the test!

Magical thinking might be comforting, but the truth is, even with the best security awareness training and procedures, there still is a risk that your organization will face a cybersecurity incident at some point whether as the primary target of the attack or as a customer whose personal information was stolen.

As the saying goes, better safe than sorry. Taking time to think logically and deliberately about your assets, before you face any security incident, can help you determine what steps your organization need to take to prevent and react to any incidents. Plan the steps to take if your organization faces an incident, and how you would inform your employees, clients, partners and the authorities, in this case. You should also periodically review everyone’s steps in case of an incident. After all, you probably test your evacuation plan in case of fire; the same can be done with your cybersecurity incident response plan!

Talk to your kids and your all loved ones about social media privacy and online safety

If you are a parent of young kids or teenagers, you may already be wondering how best to have a conversation with them regarding privacy, cybersecurity and their social media usage. It might be a tricky question indeed, but a major aspect of cybersecurity is making everyone in your family aware of the risks associated with networking and social media usage.

First of all, make sure you are aware of the platforms used by your child them and their friends. You need to know the basics of these, so that you can know their characteristics, limitations, safety features and risks. Familiarize yourself with the platforms your kids are using or want to use.

Plenty of resources are available to help you, including our section on social media. For example, this article is a good introduction and present some key elements your children should know about before they use social media.

Use security software

You probably have some security software installed on your devices. But do you know what kind of protection it offers? From antiphishing to antimalware and from antispam to firewall and device theft protection, there are many different ways how a comprehensive security suite can protect you. Use security software that is produced by a reputable company and includes multiple protective layers. Also, make sure the product is patched and up-to-date.

By the way, do you know if all your devices are protected and when your solution is due for renewal? Take a look!

Make sure your team has received a security training

Obviously cybercriminals often target businesses as well. From phishing campaigns to ransomware attacks and data theft and breaches, businesses of all sizes and from all industries have plenty of reason to take cybersecurity seriously.

In cybersecurity, an organization is never stronger than its weakest link. This is why providing cybersecurity awareness training too all team-members is essential. Many resources are available to help you, including many free training guides and tools (for example, ESET’s free cybersecurity awareness training).

Stay informed about threats and vulnerabilities with regular updates from reliable sources

Our most recent reports all confirm that cyberthreats are constantly evolving. From Europe to California and elsewhere, legislation protecting privacy and security too are ever changing. This is enough of a reason to follow security news. Stay informed about the latest vulnerabilities, patches, and steps to protect yourself and your loved ones.

There are several trustworthy sources for cybersecurity information, including from renowned experts such as those at ESET. Regularly visit those sites to stay informed. One easy resolution for you would be to subscribe to our weekly newsletter to get the most important cybersecurity news, directly in your mailbox!

This ends our Cybersecurity Advent calendar series – the previous three articles are available below. We wish you all the best for the Holiday and a great and safe 2021!

Cybersecurity Advent calendar: Let Santa in, keep hackers out!
Cybersecurity Advent calendar: Tips for buying gifts and not receiving coal
Cybersecurity Advent calendar: Stay close to one another… Safely!

Week in security with Tony Anscombe

Supply‑chain attack against a certification authority in Southeast Asia. Holiday online… Safely! Scammers targeting PayPal users. Week in security with Tony Anscombe

ESET researchers have uncovered Operation SignSight, a supply-chain attack on the website of a government in Southeast Asia.
This year, many of us will be celebrating Christmas with our loved ones virtually; however, we should not underestimate the value of securing our online communication. Tips to stay close (virtually), safely. What are some common ploys targeting PayPal users? Here is what you should watch out for when using the popular payment service.
All this – and more – on

Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia

ESET researchers have uncovered a supply-chain attack on the website of a government in Southeast Asia.

The post Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia appeared first on WeLiveSecurity

Cybersecurity Advent calendar: Stay close to one another… Safely!

This year, many of us will be celebrating Christmas with our loved ones virtually, however we shouldn’t underestimate the value of securing our online communication.

In the run-up to Christmas, many of us are probably already making plans on how to spend it with loved ones, such as planning various get-togethers with colleagues, friends and significant others before we each head out to our families’ homes. However, in most places traditional Christmas plans have had to be put on hold due to the pandemic raging outside and, in an effort to be responsible, all of us will have to find other ways to celebrate and socialize together.

Although we are fortunate enough to have technology that helps us connect in these trying times, online communication platforms, be it social media, video calls, or online dating applications, still carry risks if not used properly. So, here are some quick tips to stay close and safe online while connecting with other people.

Whether you are in a work meeting or sharing good times with your loved ones, secure your access to Zoom or videoconferencing platforms.

One of the main ways we can stay connected with our friends and family to celebrate Christmas during these trying times while keeping our distance is using the various online video communication platforms such as Zoom. Since the beginning of the pandemic, these platforms have enjoyed a surge in popularity and hence have also become a target of cybercriminals. To remain safe during your online calls be sure to audit your Zoom security settings when setting up your Zoom meeting, or you can refer to our tips for secure videoconferencing in general.

Think twice before sharing any personal info on social media. Or anything really. Think audience, content, impact.

While keeping up with your family and friends from a distance is easier in the digital age, it also carries a certain amount of risk; you have to be mindful of what you’re sharing and with whom. When is the last time you’ve audited your list of friends on Facebook, do you really know all of them? Maybe you want to upload a photo Christmas greeting with your kid, but have you considered all the information a photo can hold? The details in the photo or the metadata could reveal the location where it was taken. Those are all risks you may want to consider before you post.

Your friend created a new social media account? Double-check with them that this is not a doppelgänger.

Cloning social media accounts is a common tactic used by scammers to defraud people. The premise is that the cybercriminal will basically copy their target’s whole profile and start contacting the target’s friend list. The doppelgänger will claim that cybercriminals have compromised their social media account and even gained access to their bank accounts and cleaned them out and will ask for money. So if you see any claims that a friend has a whole new account that is a copy of their regular one, check in with them through another channel to see if it’s not a cloning attack.

Only download apps – whether to play, get in touch with others, or anything in between – from an official app store, and regularly update your apps.

If you’re planning to download any new apps to your device, be they messaging platforms or games to pass the time, the best thing you could do is to download them from your platform’s official app store. While alternative or unofficial stores may offer applications for less or sometimes for free you might be opening yourself to possible avenues of attack since apps on such stores aren’t curated nor do they pass rigorous approval processes. This could lead you to download malicious apps that could do a world of harm.

If you are dating online, beware of romance scams.

While online dating was popular before COVID-19 hit, the pandemic has made it one of the few options for meeting people while social distancing, but it does carry its own set of risks. If you meet someone on a dating platform there are a number of things you should keep an eye out for. If your potential new flame tries to move the conversation out of the confines of the app to another messaging platform, or they are quick to profess their love, or even start asking for money you should immediately start being suspicious lest they break your heart and your bank account . You should also look out for fake photos (which can be checked through reverse image search).

Online gaming scams are prevalent too. If the offer seems wrong or too good to be true, double-check.

Online gaming is a good way to pass the quarantine while remaining in touch with your friends. However, this favorite pastime is also a favored target for fraudsters who use various scams to trick avid gamers. For example, if you’d like to get an in-game item quickly but you don’t have the patience to grind for it, some games offer in-game purchases as a shortcut, but it may cost more than you’re willing to pay. So, scammers often try to trick gamers by offering “amazing deals”, which will leave you both without money and the item you wanted to purchase. Therefore, if you want to buy something stick with the game’s official store.

Look out for cyberbullying, whether it affects you as a victim or a bystander (and it goes without saying, but don’t be a bully).

Although most people associate cyberbullying with kids, adults can be victims too. If you are ever a victim or a witness of such an incident you should never remain silent and speak up. Luckily, online platforms are aware that cyberbullying is a perennial problem and have adopted tools that allow users to report any such behavior. So, the next time that you see anything like that happen, you can use the tools provided by social media and other platforms and report abusers so that they may get punished

Medical scans of millions of patients exposed online

Other leaked data included a range of personal information such as names, addresses and personal healthcare information.

Over 45 million medical imaging files including x-rays and CT scans have been found sitting on internet-facing unprotected servers and accessible for anyone to view. 

The discovery of the leaked data from hospitals and medical centers from around the world was the result of CybelAngel’s research team’s six-month-long investigation into Network Attached Storage (NAS) and Digital Imaging and Communications in Medicine (DICOM). The investigation uncovered millions of unique images stored on more than 2,140 unprotected servers located across 67 countries including the United States, the United Kingdom and Germany, among others.   

However, to make matters worse some images included dozens of lines of metadata per record disclosing Personally Identifiable Information (PII) such as names, birth dates, addresses, and personal healthcare information indicating patient’s height, weight, and even diagnosis. 

The sum of all the data could allow threat actors with malicious intent to create a comprehensive portrait of their potential targets. This could lead to the affected patients becoming victims of identity theft, phishing, extortion, financial and other types of fraud. Alternatively, cybercriminals could also sell the data on dark web marketplaces 

“This is a concerning discovery and proves that more stringent security processes must be put in place to protect how sensitive medical data is shared and stored by healthcare professionals. A balance between security and accessibility is imperative to prevent leaks from becoming a major data breach,” said David Sygula a Senior Cybersecurity Analyst at Cybel Angel. 

Since some of the medical institutions are located in the European Union (EU), they are subject to the EU’s General Data Protection Regulation, which means that the failure to secure patients’ sensitive data could lead to penalties and legal actions. 

Misconfigured and unsecured internet-facing databases can hardly be considered an uncommon occurrence. The investigation may bring echoes of a similar incident we reported on earlier this year which involved sensitive plastic surgery photos being exposed online.

Week in security with Tony Anscombe

ESET researchers discovered that chat software called Able Desktop, part of a business management suite popular in Mongolia was used to deliver the HyperBro backdoor (commonly used by LuckyMouse), the Korplug RAT , and a RAT called Tmanger. A Q&A with security researcher Alejandro Hernández, who has unearthed a long list of vulnerabilities in leading online trading platforms that may expose their users to a host of security and privacy

ESET researchers discovered that chat software called Able Desktop, part of a business management suite popular in Mongolia was used to deliver the HyperBro backdoor (commonly used by LuckyMouse), the Korplug RAT , and a RAT called Tmanger.
A Q&A with security researcher Alejandro Hernández, who has unearthed a long list of vulnerabilities in leading online trading platforms that may expose their users to a host of security and privacy risks.
The IRS announced that all U.S. taxpayers would be able to enroll in its Identity Protection PIN program starting mid-January. That program was previously only available to specific users.
All this – and more – on

Cybersecurity Advent calendar: Tips for buying gifts and not receiving coal

While shopping for the perfect presents, be on the lookout for naughty cybercriminals trying to ruin your Christmas cheer by tricking you out of both gifts and money

The post Cybersecurity Advent calendar: Tips for buying gifts and not receiving coal appeared first on WeLiveSecurity

Operation StealthyTrident: corporate software under attack

LuckyMouse, TA428, HyperBro, Tmanger and ShadowPad linked in Mongolian supply-chain attack

The post Operation StealthyTrident: corporate software under attack appeared first on WeLiveSecurity