Why geopolitical turmoil is a gift for scammers, and how to stay safe Digital Security Conflict is a boon for opportunistic fraudsters. Phil Muncaster 15 May 2026 5 min. read It didn’t take long for tensions in the Middle East to spill over into the cyber domain .

This month in security with Tony Anscombe – April 2026 edition Video Warnings about helpdesk impersonation scams and Iran-linked hackers targeting critical sectors in the US, plus the most damaging scams of 2025 - here's some of what made the headlines this month Editor 30 Apr 2026 With April coming to a close, it's time for ESET Chief Security Evangelist Tony Anscombe to look back at some of the top cybersecurity stories that made the news this month. Tony also offers insights that the they may hold for your own cyber-defenses. Here's some of what caught Tony's attention this month: Microsoft has issued a warning about helpdesk impersonation scams where bad actors increasingly misuse external Microsoft Teams collaboration to trick users into granting them remote access.

This month in security with Tony Anscombe – March 2026 edition Video The past four weeks have seen a slew of new cybersecurity wake-up calls that showed why every organization needs a well-thought-out cyber-resilience plan Editor 31 Mar 2026 As March 2026 draws to a close, ESET Chief Security Evangelist Tony Anscombe looks at some of the top cybersecurity stories that made the news this month and offers insights that they may hold for your cyber-defenses. Here's Tony's rundown of some of what stood out most over the four or so weeks: The medtech giant Stryker fell victim to a cyberattack that was claimed by the Iran-linked Handala hacktivist group and reportedly wiped “over 200,000 systems, servers, and mobile devices” and stole 50 terabytes of data, Research by the Google Threat Intelligence Group has found that suspected data theft was present in no fewer than 77% of ransomware attacks in 2025 (up from 57% the year prior) and that attackers are increasingly relying on built-in Windows utilities, Starting in May, Instagram will stop encrypting private messages between users, A Europol-led operation has taken down the Tycoon 2FA phishing platform that up to the middle of 2025 accounted for 62% of all phishing attempts blocked by Microsoft, What are some of the lessons businesses should take away from these news stories? Watch the video to learn more and be sure to check out the February 2026 edition of Tony's monthly security news roundup, as well as his highlights from the RSAC 2026 conference that wrapped up just a few days ago.

RSAC 2026 wrap-up – Week in security with Tony Anscombe Video This year, AI agents took the center stage – as a defensive capability, but more pressingly as a risk many organizations haven't caught up with Editor 27 Mar 2026 That's a wrap on the RSAC™ 2026 Conference . For its 35th edition, the conference drew the usual mix of security practitioners, researchers and vendors. Predictably, AI agents dominated much of the conversation – as a defensive capability, but more pressingly as a risk that many organizations have yet to fully think through.

Face value: What it takes to fool facial recognition Privacy ESET’s Jake Moore used smart glasses, deepfakes and face swaps to ‘hack’ widely-used facial recognition systems – and he'll demo it all at RSAC 2026 Tomáš Foltýn 13 Mar 2026 2 min. read Facial recognition is increasingly embedded in everything from airport boarding gates to bank onboarding flows. The widely-held assumption is that a face is hard to fake and that matching a live face to a trusted source is a reliable identity signal.

This month in security with Tony Anscombe – February 2026 edition Video In this roundup, Tony looks at how opportunistic threat actors are taking advantage of weak authentication, unmanaged exposure, and popular AI tools Editor 28 Feb 2026 With the second month of 2026 (almost) behind us, it's time for ESET Chief Security Evangelist Tony Anscombe to look at cybersecurity stories that moved the needle and offered vital lessons over the past four weeks. Here's Tony's rundown of some of what stood out in February 2026: Threat actors misused commercial generative AI tools to compromise more than 600 FortiGate devices located in 55 countries. Rather than specific vulnerabilities, the attacks exploited exposed management ports and weak credentials without two-factor authentication, according to Amazon Threat Intelligence .

Mobile app permissions (still) matter more than you may think Mobile Security Start using a new app and you’ll often be asked to grant it permissions. But blindly accepting them could expose you to serious privacy and security risks. Phil Muncaster 27 Feb 2026 5 min.

Faking it on the phone: How to tell if a voice call is AI or not Scams Can you believe your ears? Increasingly, the answer is no. Here’s what’s at stake for your business, and how to beat the deepfakers.

How to buy and sell without getting scammed Scams Like any other marketplace, the social commerce platform has its share of red flags. It pays to know what to look for so you can shop or sell without headaches. Phil Muncaster 19 Feb 2026 5 min.

Is it OK to let your children post selfies online? Kids Online When it comes to our children’s digital lives, prohibition rarely works. It’s our responsibility to help them build a healthy relationship with tech.

Taxing times: Top IRS scams to look out for in 2026 Scams It’s time to file your tax return. And cybercriminals are lurking to make an already stressful period even more edgy. Phil Muncaster 10 Feb 2026 5 min.

OfferUp scammers are out in force: Here’s what you should know Scams The mobile marketplace app has a growing number of users, but not all of them are genuine. Watch out for these common scams. Phil Muncaster 04 Feb 2026 6 min.

Children and chatbots: What parents should know Kids Online As children turn to AI chatbots for answers, advice, and companionship, questions emerge about their safety, privacy, and emotional development Phil Muncaster 23 Jan 2026 4 min. read AI chatbots have become a big part of all of our lives since they burst onto the scene more than three years ago. ChatGPT, for example, says it has around 700 million weekly active users, many of whom are “young people.” A UK study from July 2025 found that nearly two-thirds (64%) of children use such tools.

Common Apple Pay scams, and how to stay safe Scams Here’s how the most common scams targeting Apple Pay users work and what you can do to stay one step ahead Phil Muncaster 22 Jan 2026 6 min. read Apple Pay is clearly a hit with consumers. According to estimates , it had hundreds of millions of global users and processed trillions of payments in 2025 alone.

This month in security with Tony Anscombe – December 2025 edition Video As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this year Editor 29 Dec 2025 As we close out 2025, it's time for ESET Chief Security Evangelist Tony Anscombe to review some of the main cybersecurity stories from both the final month of the year and 2025 as a whole. Among the stories that caught Tony's eye are: U.S.-based organizations paid more than $2.1 billion in ransom payments to ransomware gangs from 2022 to 2024, according to the US Financial Crimes Enforcement Network (FinCEN). While staggering, this figure is still just the tip of the iceberg.

Black Hat Europe 2025: Was that device designed to be on the internet at all? Business Security Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found Tony Anscombe 12 Dec 2025 3 min. read “ A City of a Thousand Zero Days ” is the partial title of a talk at Black Hat Europe 2025.

Seeking symmetry during ATT&CK® season: How to harness today’s diverse analyst and tester landscape to paint a security masterpiece Business Security Interpreting the vast cybersecurity vendor landscape through the lens of industry analysts and testing authorities can immensely enhance your cyber-resilience. Márk Szabó James Shepperd Ben Tudor 10 Dec 2025 7 min. read Skip to the next paragraph if your eyes glaze over at the long, long titles of industry reports: the AV-Comparatives Endpoint Prevention and Response Comparative Report 2025, MITRE ATT&CK Evaluations Enterprise 2025, or the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms.

This month in security with Tony Anscombe – November 2025 edition Video Data exposure by top AI companies, the Akira ransomware haul, Operation Endgame against major malware families, and more of this month's cybersecurity news Editor 28 Nov 2025 November 2025 is almost behind us, and it's time for ESET Chief Security Evangelist Tony Anscombe to look at cybersecurity stories that raised the alarms, moved the needle or offered vital lessons over the past 30 or so days. Here's some of what caught Tony's eye this month: many of the world's largest Ai companies inadvertently leak their secrets such as API keys, tokens, and sensitive credentials in their GitHub repositories, according to cloud security giant Wiz , the Akira ransomware group has netted $244 million from its malicious activities, according to a joint advisory from government agencies in the US, France, Germany, and the Netherlands, why X's new location feature is a cause for concern , Australia's ban on social media for children under 16 will be enforced, a coordinated law enforcement operation led by Europol and Eurojust disrupted several prolific malware families, including the Rhadamanthys infostealer, Don't forget to check out the October 2025 edition of Tony's monthly security news roundup for more news and insights.. Connect with us on  Facebook , X ,  LinkedIn  and  Instagram .

What parents should know to protect their children from doxxing Kids Online Online disagreements among young people can easily spiral out of control. Parents need to understand what’s at stake. Phil Muncaster 27 Nov 2025 5 min.

What if your romantic AI chatbot can’t keep a secret? Privacy Does your chatbot know too much? Here's why you should think twice before you tell your AI companion everything.

In memoriam: David Harley Digital Security Former colleagues and friends remember the cybersecurity researcher, author, and mentor whose work bridged the human and technical sides of security Editor 07 Nov 2025 7 min. read The cybersecurity community lost one of its luminaries with the passing of David Harley last week, at the age of 76. Despite being a self-described late entrant to IT, David went on to forge a long and distinguished career in cybersecurity that stretched from the early days of computer viruses until the age of modern ransomware and included a tenure as ESET Senior Research Fellow until his retirement in 2018.

The who, where, and how of APT attacks in Q2 2025–Q3 2025 Video ESET Chief Security Evangelist Tony Anscombe highlights some of the key findings from the latest issue of the ESET APT Activity Report Editor 07 Nov 2025 Yesterday, the ESET research team released the latest issue of its APT Activity Report  that summarizes and contextualizes the cyber-operations of some of the world's most notorious state-aligned hacking groups from April to September 2025. The report documents how the groups targeted entities across sectors and geographies in an attempt to burrow deep into both government and corporate systems and siphon off intelligence, disrupt infrastructure or generate revenue. One notable finding is that the notorious Russia-aligned group Sandworm deployed several data wipers against Ukraine's grain sector in what can be seen as an attempt to harm (not just) the Ukrainian economy.

Sharing is scaring: The WhatsApp screen-sharing scam you didn’t see coming Scams Sharing is scaring: The WhatsApp scam you didn’t see coming How a fast-growing scam is tricking WhatsApp users into revealing their most sensitive financial and other data Christian Ali Bravo 05 Nov 2025 4 min. read Scams and other threats that are doing the rounds on messaging apps like WhatsApp are a stark reminder of how easily even trusted platforms can be weaponized against us. One deceptive tactic that has gained traction recently involves tricking people into sharing their phone screens during a WhatsApp video call.

How social engineering really works | Unlocked 403 cybersecurity podcast (S2E6) Video How social engineering works | Unlocked 403 cybersecurity podcast (S2E6) Think you could never fall for an online scam? Here's how scammers could exploit psychology to deceive you – and what you can do to stay one step ahead Editor 04 Nov 2025 Why do people fall for scams even when they should know better? It’s a question that says more about human nature than about technology.

This month in security with Tony Anscombe – October 2025 edition Video From the end of Windows 10 support to scams on TikTok and state-aligned hackers wielding AI, October's headlines offer a glimpse of what's shaping cybersecurity right now Editor 31 Oct 2025 As October 2025 draws to a close, ESET Chief Security Evangelist Tony Anscombe reviews some of the top cybersecurity stories that made the news over the course of the month and offers insights that they may hold for your own cyber-defenses. Windows 10 reached the end of support on October 14 th of this year. As Windows 10 PCs no longer receive security updates automatically, what are your options if you or your business still uses Windows 10?

Cybersecurity Awareness Month 2025: When seeing isn't believing Video Deepfakes are blurring the line between real and fake and fraudsters are cashing in, using synthetic media for all manner of scams Editor 29 Oct 2025 Can you tell what’s real online? It's become increasingly difficult as advances in AI and deepfake technology can help anyone create eerily convincing videos, images, and audio. Scammers waste no time cashing in, using AI-powered media for all manner of scams.

Recruitment red flags: Can you spot a spy posing as a job seeker? Business Security Here’s what to know about a recent spin on an insider threat – fake North Korean IT workers infiltrating western firms Phil Muncaster 28 Oct 2025 5 min. read Back in July 2024, cybersecurity vendor KnowBe4 began to observe suspicious activity linked to a new hire.

Cybersecurity Awareness Month 2025: Cyber risk thrives in the shadows Video Cybersecurity Awareness Month 2025: Cyber-risk thrives in the shadows Shadow IT leaves organizations exposed to cyberattacks and raises the risk of data loss and compliance failures Editor 24 Oct 2025 In the remote and hybrid work era, employee use of unsanctioned hardware and software (known as shadow IT ) has become an acute problem that results in security gaps along with potential data loss and compliance issues. The stakes grow further as employees increasingly use generative AI tools for productivity and convenience while their employers lose control over how sensitive corporate data is stored or shared. Watch the video with ESET Chief Security Evangelist  Tony Anscombe to learn how IT teams can get a grip on the problem.

Cybersecurity Awareness Month 2025: Building resilience against ransomware Video Ransomware rages on and no organization is too small to be targeted by cyber-extortionists. How can your business protect itself against the threat? Editor 20 Oct 2025 According to Verizon's 2025 Data Breach Investigations Report (DBIR), no less than 44 percent of breaches last year involved ransomware, highlighting the enduring threat that this form of cyber-extortion poses for organizations of all sizes.

How Uber seems to know where you are – even with restricted location permissions Privacy Is the ride-hailing app secretly tracking you? Not really, but this iOS feature may make it feel that way. Tony Anscombe 09 Oct 2025 3 min.

Cybersecurity Awareness Month 2025: Passwords alone are not enough Video Never rely on just a password, however strong it may be. Multi-factor authentication is essential for anyone who wants to protect their online accounts from intruders. Editor 08 Oct 2025 October is Cybersecurity Awareness Month, a good time to pause and reflect on how you protect your digital world and your online accounts in particular.

The case for cybersecurity: Why successful businesses are built on protection Business Security Company leaders need to recognize the gravity of cyber risk, turn awareness into action, and put security front and center Phil Muncaster 07 Oct 2025 5 min. read These are nervy times for many business leaders. Persistently high interest rates, geopolitical tensions, supply chain disruption and abrupt changes to trade policies have created a new climate of uncertainty.

Cybersecurity Awareness Month 2025: Knowledge is power Video We're kicking off the month with a focus on the human element: the first line of defense, but also the path of least resistance for many cybercriminals Editor 01 Oct 2025 October is Cybersecurity Awareness Month and what better way to open it than with a reminder that the human element is the first and crucial line of defense against all manner of cyberthreats. Cybercriminals are adept at targeting not just technical flaws, but also take advantage of our susceptibility to various social engineering tricks . Unsurprisingly, then, human error remains a key factor facilitating security incidents.

This month in security with Tony Anscombe – September 2025 edition Video The past 30 days have seen no shortage of new threats and incidents that brought into sharp relief the need for well-thought-out cyber-resilience plans Editor 29 Sep 2025 As September 2025 comes to a close, ESET Chief Security Evangelist Tony Anscombe reviews a selection of the top cybersecurity stories that have made the headlines over the past 30 days and offers insights that they hold for your own cyber-defenses. So what were some of the key cybersecurity stories of September 2025? some of Europe's biggest airports experienced disruptions after a ransomware attack knocked out automated passenger processing systems provided by Collins Aerospace, Jaguar Land Rover (JLR), the UK's largest car manufacturer, has announced that its global operations will remain closed until at least October 1 st following a cyberattack on its IT systems in August, hundreds of npm (Node Package Manager) packages have been compromised in a supply-chain attack; the incident affecting what is the world's largest JavaScript component registry has also prompted an alert from the US Cybersecurity and Infrastructure Agency (CISA), threat actors are impersonating known brands, including LastPass , in a widespread campaign aimed at compromising macOS users with information-stealing malware , Don't forget to check out the August 2025 edition of Tony's monthly security news roundup for more insights.