Podcasts about ESET

Eén op de drie kinderen praat online met vreemden. Op straat zou je in paniek raken, online haalt iedereen z’n schouders op. Astrid Oosenbrug zit aan tafel, en ze draagt een complete garderobe aan petten: medeoprichter van DIVD, CEO van DIVD Academy, interim-directeur bij HackShield en Public Affairs & CSR Officer bij ESET. We beginnen bij HackShield, de gratis game die kinderen van 8 tot 12 tot Cyber Hero opleidt, en belanden al snel bij Roblox. Randal bekent dat hij zichzelf binnen een half uur betrapte terwijl hij stiekem naar zolder liep om zijn eigen poppetje op de loopband te laten farmen. Hoe houd je jong hackerstalent op het goede pad? Bij de DIVD Academy gaat dat over ethiek: je kunt aantonen dat je in een systeem zit, maar je past geen cijfers aan. Astrid legt uit waarom Victor met maga2020! wel mocht inloggen maar verder niets aanraakte, hoe moneymuling werkt, en waarom het datalek bij Clinical Diagnostics voor sommige vrouwen letterlijk levensbedreigend is. Plus: meidenhuizen, dark patterns en het eindeloze kat-en-muis-spel om schermtijd. Over Astrid Oosenbrug Astrid Oosenbrug is medeoprichter van DIVD (Dutch Institute for Vulnerability Disclosure, bekend van onder meer de Kaseya-zaak in 2021) en medeoprichter en CEO van DIVD Academy. Ze is interim-directeur bij HackShield en doet Public Affairs & CSR bij antivirusbedrijf ESET. Van 2012 tot 2017 was ze Tweede Kamerlid voor de PvdA en gold ze als het meest digitale Kamerlid; tot juni 2025 was ze bijna zeven jaar voorzitter van COC Nederland. Ze keert in deze aflevering terug om twee lijnen te verbinden: kinderen veilig en ethisch leren omgaan met internet, en de strijd voor een veiliger en eerlijker net. LinkedIn: https://www.linkedin.com/in/astridoosenbrug/ Website: https://www.divd.nl/who-we-are/team/people/astrid-oosenbrug/ Sponsor: Red de AI Wet Kim van Sparrentak neemt het op tegen de techbro’s om duidelijke regels te maken voor kunstmatige intelligentie. Red de AI Wet besluiter je hier.In deze aflevering 0:00:00 Het meest digitale Kamerlid en een waslijst aan petten0:02:18 HackShield uitgelegd: gamen om Cyber Hero te worden (8-12 jaar)0:05:48 Roblox als verslavingsmachine, en Randal die zichzelf betrapt0:09:06 Dark patterns: waarom zelfs het klikgeluid is uitgedacht0:11:14 Meidenhuizen: gezellig, met een zieke wereld eronder0:13:39 Eén op de drie kinderen praat online met vreemden0:17:26 Kat-en-muis met schermtijd: de Word-truc en de Unix-computer0:25:32 Interim-directeur bij HackShield: governance en de stekker eruit0:28:46 Een onbetrouwbare overheid en de preventieparadox0:32:13 Gedrogeerd en gefilmd: 80.000 Nederlandse IP-adressen0:35:21 Waar meld je het als je per ongeluk klikt?0:46:31 DIVD Academy: van digitaal belletje trekken tot ethisch hacken0:58:39 Rebootcamp met de politie en ronselen via Discord0:59:55 Werkt een social-mediaverbod voor jongeren?1:06:33 Trumps wachtwoord en de grens van responsible disclosure1:08:09 Vraag Arnoud Wokker: moet programmeren en AI een schoolvak worden?1:13:28 Moneymuling: hoe kinderen ongemerkt witwassers worden1:21:02 Clinical Diagnostics: als een datalek levensbedreigend wordt Genoemd in deze aflevering HackShield Future Cyber Heroes, gratis game cyberweerbaarheid voor 8-12 jaar DIVD, vrijwilligers die kwetsbaarheden opsporen en melden DIVD Academy: The Ethical Hacker, gratis online hackcursus Offlimits, meldpunt online misbruik (voorheen Helpwanted) ATKM, autoriteit om kinderporno en terreurmateriaal te melden Stichting Cyberbrein, Henk van Ee begeleidt jonge cyberbreinen Effectevaluatie HackShield (Saxion), onafhankelijk onderzoek naar het lespakket Datalek Clinical Diagnostics, achtergrond bij het bevolkingsonderzoek-lek Tips van de tafel Astrid Oosenbrug: zet bij games als Roblox de chatfunctie uit; kies waar mogelijk voor “alleen mensen die je kent”. Astrid Oosenbrug: per ongeluk op iets verkeerds geklikt? Meld het laagdrempelig bij Offlimits of de ATKM in plaats van het weg te klikken. Randal Peelen: maak schermtijdafspraken samen mét je kind en leg uit waaróm, in plaats van alleen te verbieden, want een verbod lossen ze creatief op. Jurian Ubachs: spreek elkaar aan op gedrag dat niet oké is, ook bij een grap; wacht niet tot het slachtoffer dat zelf moet doen.See omnystudio.com/listener for privacy information.

Can businesses still rely on cybersecurity strategies that were designed for a very different threat environment? In this episode of Tech Talks Daily, I speak with Matt Knell from ESET about why many managed service providers and businesses are being forced to rethink what effective cybersecurity looks like in 2026. As cybercriminals become faster, more sophisticated, and increasingly powered by AI, many of the approaches that once provided reassurance are struggling to keep pace. Matt shares why the idea of "good enough" security is becoming increasingly difficult to defend. While endpoint protection remains an important part of any security strategy, he explains why technology alone is no longer enough. Organizations must continually review, update, and strengthen their defenses rather than assuming that yesterday's protections will be sufficient tomorrow. Our conversation explores the lasting impact of ransomware and the lessons businesses continue to learn from high-profile incidents. From major retailers to global manufacturers, attacks are creating operational disruption, financial losses, and reputational damage on a scale that few organizations would have imagined a decade ago. We also discuss one of the industry's most persistent challenges: the cybersecurity skills gap. Finding experienced security professionals remains difficult, while retaining talent has become equally challenging. Matt explains how managed detection and response services are helping MSPs extend their capabilities without having to build and maintain large security operations teams. AI naturally plays a major role in the discussion. While cybersecurity vendors use AI to improve threat detection and response, attackers are also leveraging the technology to accelerate and sophisticate phishing campaigns, social engineering, and other forms of cybercrime. Matt explains why businesses must remain realistic about both opportunities and risks. Another theme throughout the episode is the growing expectation that cybersecurity should be treated as a business issue rather than purely an IT concern. Regulations, cyber insurance requirements, supply chain scrutiny, and customer expectations are all increasing pressure on organizations to demonstrate stronger security practices and greater resilience. We also discuss ESET PRIVATE and why more organizations are seeking security services tailored to their specific operational needs. Rather than relying on a standard package, many businesses are looking for solutions that align with their industry requirements, compliance obligations, risk profile, and long-term objectives. Finally, Matt reflects on the conversations emerging from ESET's recent partner conference and shares his perspective on the topics shaping cybersecurity priorities for the coming year. AI, resilience, compliance, and business education continue to dominate discussions as organizations look for practical ways to strengthen their defenses. If you're an MSP, IT leader, business owner, or anyone responsible for protecting digital operations, this episode offers a timely look at the challenges facing organizations today and the steps many are taking to prepare for what comes next. Is your organization still relying on security strategies designed for yesterday's threats, or have you adapted to today's cyber risks?

The June holidays have begun and many parents are likely going through a familiar challenge — managing their children's screen time. But for Gen Alpha, the digital world isn't just a place to pass the time. It's where they learn, play, socialise and increasingly, shape their understanding of the world. Today's children are navigating an online landscape that is vastly different from anything previous generations experienced. However, the use of technology also comes with plenty of risks. On The Agenda, Hongbin Jeong speaks to Pamela Ong, Country Manager, Singapore and Asia at ESET to learn how parents can protect their children from the online dangers, And whether is it still only about limiting our children’s screen time in today’s setting.See omnystudio.com/listener for privacy information.

Originally recorded: Friday May 22, 2026In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.GitHub has confirmed that roughly 3,800 internal repositories were accessed in a supply chain compromise tied to the hacking group TeamPCP.China-aligned threat actor Webworm has shifted its targeting focus from Asia to Europe, according to new research published by ESET.Researchers uncovered a previously undocumented Microsoft 365 account takeover panel that integrates directly with Evilginx Pro infrastructure to streamline token theft and post-compromise operations.European and North American law enforcement agencies announced the dismantling of “First VPN,” a VPN service allegedly built to support cybercriminal activity including ransomware operations, data theft, scanning, and denial-of-service attacks.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Ronald, Marco en Jelle zijn terug met een aflevering over criminelen, Cloudflare, consultants en piepers. Dave Maasland verkoopt ESET Nederland aan het Slowaakse moederbedrijf ESET, Ronald duikt in het Follow the Money-interview met TIB-voorzitter Annemieke Zwanenveld over de nieuwe Wiv, toetsing, CTIVD/TIB-samenvoeging, witte jassen en Palantir. Daarna Jelle's human-interest ransomwareverhaal: The Gentlemen RaaS werd zelf gehackt via de hostinglaag achter hun Rocket.Chat, waardoor Check Point kon meekijken in interne chats, payouts, AI-assisted coding en het kantoortje achter ransomware. Marco sluit af met Google Threat Intelligence over Chinese phishing-as-a-service: betere lokalisatie, RCS/iMessage en AI als contextversneller. Daarna het hoofdverhaal: Cloudflare heeft via Anthropic's Project Glasswing Mythos op meer dan 50 repositories losgelaten. Marco legt uit waarom dat niet neerkomt op "druk op knop, vind zero-days", maar op exploit-chain construction, proof generation, signal-to-noise en vooral: een hele vulnerability-research-harness met recon, hunt, validate, gapfill, dedupe, trace en report. Geen magische silver bullet, wel een duidelijke versnelling voor wie de workflow eromheen bouwt. Jelle pakt vervolgens McKinsey Lilli en BCG X erbij. CodeWall liet zien hoe interne AI-platforms zelf attack surface worden: publieke API-documentatie, endpoints zonder authenticatie, SQL-injectie, IDOR, miljoenen chats en files, system prompts, workspaces, modelconfiguraties en complete datawarehouses. Het echte verhaal: organisaties stoppen hun kennislaag, documenten, prompts en besluitvorming steeds meer in platforms. Wie daarin zit, zit bijna in het geheugen van de organisatie. Ronald en Marco sluiten af met het Mossad-pieperverhaal. Naar aanleiding van een nieuw Hebreeuws boek en een interview in The Jerusalem Post lopen ze door hoe de Hezbollah-pagers en walkie-talkies als supply-chain-operatie zouden zijn opgebouwd: techniek, infiltratie, Gold Apollo, BAC Consulting, Iraanse argwaan en de spanning tussen "ongelooflijk knap" en "hier zijn mensen door gestorven". *Bronnen* - Tweakers, "Slowaakse ESET koopt Nederlandse ESET": https://tweakers.net/nieuws/248036/slowaakse-eset-koopt-nederlandse-eset.html - ESET press release: https://www.eset.com/us/about/newsroom/company/eset-market-expansion-europe-asia/ - Follow the Money, "Geheime diensten gebruiken onafhankelijke experts om publiek debat te sturen": https://www.ftm.nl/artikelen/geheime-diensten-zetten-onafhankelijke-experts-in - Check Point Research, "When the Ransomware Gang Gets Hacked": https://blog.checkpoint.com/research/when-the-ransomware-gang-gets-hacked-what-the-gentlemen-leak-reveals-about-modern-ransomware-risk/ - Cloudflare Blog, Grant Bourzikas, "Project Glasswing: what Mythos showed us": https://blog.cloudflare.com/cyber-frontier-models/ - Anthropic, Project Glasswing: https://www.anthropic.com/glasswing - CodeWall, "How We Hacked McKinsey's AI Platform": https://codewall.ai/blog/how-we-hacked-mckinseys-ai-platform - CodeWall, "How We Hacked BCG's Data Warehouse": https://codewall.ai/blog/how-we-hacked-bcgs-data-warehouse-3-17-trillion-rows-zero-authentication - The Jerusalem Post, "Inside Israel's secret operation to turn Hezbollah's beepers into bombs": https://www.jpost.com/israel-news/defense-news/article-896890

llan Juma, Lead Cyber Security Engineer at ESET spoke to Clarence about significant security and privacy risks that smart glasses are creating. Views and News with Clarence Ford is the mid-morning show on CapeTalk. This 3-hour long programme shares and reflects a broad array of perspectives. It is inspirational, passionate and positive. Host Clarence Ford’s gentle curiosity and dapper demeanour leave listeners feeling motivated and empowered. Known for his love of jazz and golf, Clarrie covers a range of themes including relationships, heritage and philosophy. Popular segments include Barbs’ Wire at 9:30am (Mon-Thurs) and The Naked Scientist at 9:30 on Fridays. Thank you for listening to a podcast from Views & News with Clarence Ford Listen live on Primedia+ weekdays between 09:00 and 12:00 (SA Time) to Views and News with Clarence Ford broadcast on CapeTalk https://buff.ly/NnFM3Nk For more from the show go to https://buff.ly/erjiQj2 or find all the catch-up podcasts here https://buff.ly/BdpaXRn Subscribe to the CapeTalk Daily and Weekly Newsletters https://buff.ly/sbvVZD5 Follow us on social media: CapeTalk on Facebook: https://www.facebook.com/CapeTalk CapeTalk on TikTok: https://www.tiktok.com/@capetalk CapeTalk on Instagram: https://www.instagram.com/ CapeTalk on X: https://x.com/CapeTalk CapeTalk on YouTube: https://www.youtube.com/@CapeTalk567See omnystudio.com/listener for privacy information.

Depuis ses 12 ans, Andie Ella filme des vidéos dans sa chambre.Passionnée de maquillage, elle apprend seule sur YouTube, elle rêve de devenir maquilleuse.Elle part à 15 ans de chez elle et commence très jeune à construire sa vie à sa manière.Pendant des années, elle partage son quotidien en ligne jusqu'à créer une communauté ultra fidèle qui aujourd'hui réunit 1 million de personnes.Mais dans ses vidéos, un détail revient sans cesse : son matcha.À force de voir ses abonnés lui demander où trouver un bon matcha, elle décide de créer sa propre marque. son objectif, changer l'image du matcha en France.Le lancement est fulgurant. Ruptures de stock, croissance rapide, équipe qui s'agrandit… En quelques années, Milia Matcha devient bien plus qu'une marque d'influenceuse mais un empire.Dans cet épisode, tu découvriras :Ses débuts sur YouTube à seulement 12 ansPourquoi elle a quitté l'école très jeuneLes coulisses du lancement de Milia MatchaSon hypercroissance en seulement quelques annéesEt comment elle construit aujourd'hui une marque qui la dépasse complètement//////////////////////////////////////////////////////////////////////////////////// 

Agentic AI was the theme that pulled away from the pack at RSAC Conference 2026. Tony Anscombe of ESET makes the case that once AI shifts from being directed by humans to operating with its own objectives and logic, the security surface changes with it, and organizations are being forced to rethink what they protect and how. At the show, ESET announced two products that meet that moment head on. The ESET AI Skills Checker is a free-to-use tool coming to market. ESET AI Protection looks inside AI sessions on the endpoint, flagging sensitive data leakage, malicious links returned by AI systems, and suspicious behavior, and surfacing it all inside normal cybersecurity operations for investigation, blocking, or detection. Tony closes with a reminder worth keeping. His first RSA was in 1998, and the technology he worked on then (sandboxing, dynamic code, remote windowing, encryption, authentication) mirrors a lot of what walks the RSAC Conference floor today. The packaging evolves, the core principles do not. Build forward, but do not lose sight of what the past already proved. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES Learn more about ESET: https://www.eset.com ESET AI Skills Checker and ESET AI Protection: https://www.eset.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, agentic AI, AI security, RSAC Conference 2026, threat intelligence, MDR, EDR, endpoint security, AI Skills Checker, AI Protection, cybersecurity community, multifactor authentication, cybersecurity evolution Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Microsoft confirms active exploitation of two Defender flaws. Europol dismantles a VPN service tied to ransomware gangs. A nine-year-old Linux kernel bug exposes SSH keys and password hashes. Cisco patches a critical Secure Workload vulnerability, while Drupal fixes a highly critical SQL injection flaw. Android malware quietly signs victims up for premium SMS scams. Webworm upgrades its espionage toolkit with Discord and Microsoft Graph backdoors. Plus, China and Russia deepen cooperation on AI, cybersecurity, and satellite systems. Our guest is Jake Moore, Global Cybersecurity Advisor for ESET, sharing a glimpse into his Infosecurity Europe keynote "The Deepfake Interview." Greg doesn't even work here anymore… Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Maria Varmazis speaks with Jake Moore, Keynote speaker for the upcoming Infosecurity Europe conference and Global Cybersecurity Advisor for ESET, getting a glimpse into his session "The Deepfake Interview: Breaking In From the Inside." This interview is part of our partnership with Infosecurity Europe.  Selected Reading Microsoft Defender vulnerabilities exploited in the wild (Help Net Security) Europol Seizes First VPN Used by Ransomware Gangs, Arrests Administrator (Hackread) Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes (Infosecurity Magazine) Cisco Patches Critical Vulnerability in Secure Workload (SecurityWeek) Android Malware Spotted Subscribing Victims to Paid Services Without Consent (Hackread) Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking (SecurityWeek) Webworm: New burrowing techniques (We Live Security) Xi and Putin pledge closer cooperation on AI, cyberspace and satellite systems (The Record) Zombie user account let hackers control the city's water (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Zabudnite na osamelých hackerov v tmavých pivniciach z akčných filmov. Dnešný kybernetický zločin funguje ako vysoko organizovaná IT korporácia s jasnou hierarchiou a prepracovaným marketingom. Ich najčastejším a najobľúbenejším terčom sa pritom prekvapivo stali malé a stredné podniky na Slovensku.Útočníci si z napádania menších firiem vytvorili lukratívny ekosystém. Prečo sú práve slovenské malé podniky dokonalým cieľom? Majú dostatok cenných dát aj peňazí, no chýbajú im špecializované oddelenia kyberbezpečnosti. Hackeri už nerosielajú zle preložené spamy, ale dokonale vizuálne napodobňujú reálne inštitúcie, ako je napríklad Západoslovenská energetika (ZSE). Stačí jediné kliknutie na zdanlivo nevinné tlačidlo v maily s faktúrou a útočníci získajú prístup do firemnej siete, ktorý môžu na čiernom trhu predať ransomvérovým gangom za tisíce eur.O tom, ako táto digitálna mafia funguje a kedy presne treba byť v práci najviac v strehu, sa v podcaste SHARE rozprával Maroš Žofčin so špecialistom na digitálnu bezpečnosť Ondrejom Kubovičom a výskumníkom malvéru Jakubom Kaločom zo spoločnosti Eset.Podcast vznikol v spolupráci so spoločnosťou Eset.Pripravte sa na budúcnosť s knihou od redaktorov Živé.sk „Umelá inteligencia: Pripravte sa na budúcnosť“. Teraz ju máme aj v elektronickej verzii. Nájdete ju na obchod.aktuality.sk.TIP: https://zive.aktuality.sk/clanok/0RfdZVW/nahliadnite-do-buducnosti-vydavame-knihu-o-umelej-inteligencii/V podcaste sa dozviete aj o týchto témach:Prečo sú malé a stredné slovenské podniky zlatou baňou pre kyberzločincov.Prečo útočné e-maily prichádzajú najčastejšie presne medzi 9:00 a 10:00 alebo po druhej poobede.Ako rozoznať podvrhnutú faktúru, ktorá vizuálne do detailu kopíruje reálne slovenské firmy.Ako funguje biznis model, kde si „operátori“ prenajímajú škodlivý kód takzvaným „partnerom“.Odstrašujúci prípad firmy CloudEye, ktorá predávala malvér pod zámienkou ochranného programu.Prečo hackerom v skutočnosti nejde o zaplatenie falošného nedoplatku z faktúry, ale o prihlasovacie údaje.Podcast SHARE pripravuje magazín Živé.sk.

Exciting conversation alert!

New research and cybersecurity experts are warning that even strong passwords are no longer enough to protect your accounts, as hacking methods evolve and people juggle dozens of logins across their daily lives. Tony Anscombe is the Chief Security Evangelist at ESET, a global cybersecurity firm. He spoke to Andrew Carter about how to protect your passwords.

Today’s headline news for Canadian IT solution providers: HPE unifies distribution model: Hewlett Packard Enterprise announced a major shift in its distribution strategy, naming Ingram Micro and TD SYNNEX as its two global distributors. The move transitions HPE to a unified distribution model designed to deliver greater consistency and operational support for partners worldwide, accelerating enablement across the vendor’s networking, cloud, and AI portfolios. N-able names new innovation and AI chiefs: Managed services software provider N-able has expanded its executive leadership team, announcing the appointments of Robert Johnston as Chief Innovation Officer and Nicole Reineke as Chief AI Officer. The new roles are intended to reinforce the company’s focus on business resilience and embed advanced AI automation directly into its platform ecosystem. HYCU turns backup data into security intelligence: Data resilience vendor HYCU launched HYCU aiR, an AI-native solution that transforms backup data into actionable security intelligence, allowing MSPs to run rapid security posture checks across a prospect’s environment. By reading backup data as a security intelligence layer, partners can deliver overlapping intelligence as a natural extension of backup contracts. CIRA prepares sovereign channel platform: The Canadian Internet Registration Authority will officially unveil a new channel-based cybersecurity platform for MSPs at the upcoming ChannelNEXT event in Toronto. The move provides Canadian IT providers with a homegrown, sovereign option for DNS firewalling and cybersecurity awareness training. Object First launches backup monitoring cloud: Object First has launched a new cloud platform designed to help partners monitor and manage distributed data backups across their client environments. Plugable names CRO to build B2B channel: Peripherals maker Plugable has expanded its B2B strategy with the appointment of Matthew Dargis as Chief Revenue Officer. Dargis is tasked with building out a new field sales organization to capture enterprise market share. Keeper Security updates MSP program: Keeper Security has introduced its 2026 MSP Partner Program, rolling out a new tiered discount structure based on annualized revenue. MTech Cyber launches SMB assessment tool: Montreal-based MTech Cyber has released a new assessment platform, Can104.com, to help IT providers validate security protections for small business clients. Read Full Transcript Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Friday, May 15, and here’s what’s happening in the channel today. Hewlett Packard Enterprise announced a major shift in its distribution strategy yesterday, naming Ingram Micro and TD SYNNEX as its two global distributors. The move transitions HPE to a unified distribution model designed to deliver greater consistency and operational support for partners worldwide. According to the vendor, this structure will be anchored by these two global leaders but complemented by regional and specialist distributors to maximize partner capabilities. The change signals a streamlined approach to enablement, with HPE expecting the unified model to drive additional investments in partner resources across its full portfolio. This includes helping distributors build deeper expertise in high-demand areas like networking, cloud, and AI. For Canadian IT solution providers, a simplified global distribution tier could mean more predictable engagements, faster quoting, and improved access to cross-sell opportunities, particularly within the HPE Networking portfolio, as priorities evolve across different customer sizes and industries. Managed services software provider N-able has expanded its executive leadership team, announcing the appointments of Robert Johnston as Chief Innovation Officer and Nicole Reineke as Chief AI Officer. The dual appointments highlight a strategic pivot toward embedding artificial intelligence and advanced automation directly into the company’s platform ecosystem. N-able noted the new roles are intended to reinforce the company’s focus on business resilience and innovation as IT providers face increasingly complex cyber and operational challenges. Designating a dedicated Chief AI Officer is a notable step in the MSP software space, signaling that AI is moving from a roadmap feature to a core architectural priority. IT solution providers running their practices on N-able can expect a more aggressive rollout of AI-driven capabilities designed to streamline technician workflows and improve automated threat response. Data resilience vendor HYCU launched HYCU aiR yesterday, an AI-native solution that transforms backup data into actionable security and compliance intelligence. Rather than relying on point solutions for data security posture management or insider risk, aiR allows organizations to query their existing backup data across dozens of SaaS applications to identify sensitive data exposure, identity drift, and unmonitored AI agent activity. For managed service providers, this alters the backup conversation. Partners can use the platform to run rapid assessments across a prospect’s environment, identifying compliance exposures within days. According to the company, midmarket customers are often priced out of standalone security tools that cover a fraction of the estate. By reading backup data as a security intelligence layer across more than 100 workloads, partners can deliver overlapping intelligence as a natural extension of backup contracts, providing a tangible way to govern shadow AI and secure data pipelines. In Brief – The Canadian Internet Registration Authority will unveil a new channel-based cybersecurity platform for MSPs at the ChannelNEXT event in Toronto later this month. Object First has launched a new cloud platform designed to help partners monitor and manage distributed data backups. Peripherals maker Plugable has expanded its B2B strategy with the appointment of Matthew Dargis as Chief Revenue Officer to build out a new field sales organization. Keeper Security has introduced its 2026 MSP Partner Program with a new tier-based discount structure tied to annualized global revenue. Montreal-based managed service provider MTech Cyber has released an assessment platform designed to help IT providers validate security protections for small business clients. Full details and links in the show notes or the blog post. Later today on In The Channel, we’ll feature a conversation with Lenovo’s global partner ecosystem head Jeff Taylor and Canada channel chief Craig Taylor on the vendor’s massive incentive consolidation and the shift to services-led revenue. And if you haven’t heard it yet, on yesterday’s episode of In The Channel, we sat down with ESET’s Cameron Tousley and Pedro Kertzman to discuss why cyber threat intelligence belongs in the MSP practice. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening. Have a great day.

Today’s headline news for Canadian IT solution providers: Acronis has launched Cyber Frame, a new hyperconverged infrastructure (HCI) and infrastructure-as-a-service (IaaS) platform built specifically for managed service providers. The platform allows MSPs to build and deliver infrastructure services with native integration into Acronis’ cyber protection and remote monitoring and management (RMM) tools. Acronis says it is designed to give service providers an alternative to legacy virtualization and hyperscaler cost pressures, offering better margin control and options for both fully hosted and partner-hosted deployments. Citrix has introduced Citrix Platform Flex, a new persona-based secure access model intended to help organizations move away from static, one-size-fits-all IT delivery. The new platform is built to align IT resources more closely with evolving business needs, delivering secure access, managed services, and observability with more flexible and predictable pricing. It acknowledges that different worker profiles require vastly different access parameters in a modern hybrid environment. Upwind has launched its new AI Agentic Pack, adding agent-driven capabilities to its cloud security platform. The tools are designed to help security teams investigate threats, validate active exposures, and prioritize remediation, leaning into the growing industry trend of using autonomous agents to compress the window between threat discovery and response. Nerdio vice president of MSP sales Will Ominsky warned in a Redmond Channel Partner interview today that MSPs who figure out how to monetize AI by the end of 2026 will grab massive market share. He noted that partners who only experiment with AI internally—without building client-facing, revenue-generating AI practices—will be left behind in the coming wave of SMB adoption. Boomi and Red Hat have announced a strategic collaboration to deliver an integrated stack for deploying agentic AI at scale. The partnership combines Boomi’s Agentstudio with Red Hat AI, providing organizations with a framework to orchestrate AI workflows securely without losing control of their data governance or allowing cloud consumption costs to spiral. The U.S. Department of Homeland Security is reportedly scrutinizing Instructure after a massive ransomware attack disrupted its Canvas online learning platform. The breach highlights the growing vulnerability of critical SaaS infrastructure and the widespread supply chain impact when platforms are targeted during peak usage periods, such as university finals week. Canadian cybersecurity provider Plurilock has announced CAD $1.13 million in new critical services contracts. The wins reflect continued momentum for the AI-native security firm as it expands its footprint across both public and private sector environments, capitalizing on the growing need for identity-centric security. [powerpresss] Read Full Transcript Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Thursday, May 14, 2026, and here’s what’s happening in the channel today. Acronis has launched Cyber Frame, a new hyperconverged infrastructure and infrastructure-as-a-service platform built specifically for managed service providers. The launch comes at a critical time for the channel, as many service providers are actively seeking alternatives to legacy virtualization platforms following recent industry shakeups and pricing model changes. Cyber Frame allows MSPs to build and deliver infrastructure services with native, seamless integration into Acronis’ existing cyber protection and remote monitoring and management tools. Rather than dealing with the unpredictable costs of hyperscale public clouds or the complexity of managing disparate vendor stacks, MSPs can use Cyber Frame to consolidate their service delivery. Acronis says the platform is designed to give service providers significantly better margin control and simplified management. It offers flexible deployment options, allowing partners to choose between a fully hosted model managed by Acronis, or a partner-hosted deployment running on the MSP’s own hardware in their local data center. By combining compute, storage, networking, and security into a single unified platform, Acronis is positioning Cyber Frame as a way for MSPs to scale their infrastructure offerings profitably while maintaining the tight security posture that modern SMB clients demand. Citrix has introduced Citrix Platform Flex, a new persona-based secure access model intended to help organizations move away from static, one-size-fits-all IT delivery. In today’s hybrid work environment, the access requirements for a call center employee, a traveling executive, and a remote software engineer are vastly different. Citrix built Platform Flex to recognize these distinctions, allowing IT teams to align resources, security controls, and application delivery specifically to the varying needs of different worker profiles. The new platform delivers secure application access, managed services, and comprehensive observability under a model designed for more flexible and predictable pricing. By shifting away from rigid licensing structures that often force companies to over-provision resources for basic users, Citrix aims to help enterprises optimize their cloud and infrastructure spending. Platform Flex also incorporates advanced analytics and security policies that adapt in real-time based on user behavior and location. For channel partners, this persona-driven approach provides a clear framework to help enterprise customers rationalize their IT investments, simplify the management of distributed workforces, and ensure that security protocols do not impede productivity for end users who require high-performance access to specialized applications. Upwind has launched its new AI Agentic Pack, adding autonomous, agent-driven capabilities to its cloud security platform. As cloud environments grow increasingly complex and security operations centers face unprecedented alert fatigue, the cybersecurity industry is rapidly shifting toward agentic AI to help manage the load. Upwind’s new tools are specifically designed to help security teams autonomously investigate threats, validate whether theoretical vulnerabilities are actually exposed to active exploitation, and prioritize remediation efforts based on real-world risk. Instead of simply generating more alerts for human analysts to sift through, the Agentic Pack leverages artificial intelligence to actively investigate the root cause of an incident, map the attack path across cloud infrastructure, and propose actionable fixes. This launch leans heavily into the growing necessity of using autonomous agents to drastically compress the window between threat discovery and response. With malicious actors utilizing AI to accelerate their attacks, defenders require matching speed to counter them. For managed security service providers, Upwind’s agentic capabilities offer a pathway to scale their operations, handle a higher volume of telemetry without adding headcount, and provide faster threat containment for their clients. In brief: Nerdio vice president of MSP sales Will Ominsky warned in a Redmond Channel Partner interview today that MSPs who figure out how to monetize AI by the end of 2026 will grab massive market share.  Boomi and Red Hat have announced a strategic collaboration to deliver an integrated stack for deploying agentic AI at scale.  The U.S. Department of Homeland Security is reportedly scrutinizing Instructure after a massive ransomware attack disrupted its Canvas online learning platform.  And Canadian cybersecurity provider Plurilock has announced 1.13 million dollars in new critical services contracts.  Later today on in the channel, we’re talking eCrime Reports and Threat Intelligence with Camerous Tousley and Pedro Kertzman of ESET. And if you missed it yesterday, check out my conversation with Auvik’s Steve Petryschuk on the gap between MSPs’ expectation around AI, and the reality they have realized to date. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening. Have a great day.

Cameron Tousley, director of MSP channels for ESET North America For most MSPs, the quarterly client conversation looks something like this: here are the alerts we handled, here is your uptime number, here is a dashboard of things we blocked. Useful, certainly – but not exactly the stuff of trusted advisor relationships. Cameron Tousley, director of MSP channels for ESET North America, has a phrase for the upgrade: move from statistical talks to threat briefings. In this episode of In The Channel, he and Pedro Kertzman, threat intelligence specialist at ESET, join host Robert Dutt to explain what that actually looks like in practice – and why the window for MSPs to make that transition may be narrowing. Pedro Kertzman, threat intelligence specialist at ESET The occasion is ESET’s eCrime Reports, a threat intelligence offering that tracks cybercriminal activity at the affiliate level – the individuals buying malware-as-a-service and executing the actual attacks. Kertzman explains why that granularity matters: affiliates signal tactical shifts before attacks scale, giving security-forward MSPs a genuine early-warning advantage. Tousley adds the client conversation layer: knowing that a specific threat group is targeting your customer’s vertical via a specific attack method is a meaningfully different conversation than “we blocked 4,000 threats this month.” There’s also an uncomfortable wrinkle for MSPs specifically: as Pedro notes, affiliates increasingly exploit MSP tooling itself as a vector – compromising credentials to access managed environments quietly, hitting dozens of small clients while staying well below the radar of law enforcement attention focused on high-profile infrastructure targets. For the smaller MSP without a dedicated analyst, the entry point is more accessible than it sounds. Indicators of compromise can be automated directly into client firewalls without a full threat intelligence platform. WeLiveSecurity and the live threat feed built into ESET Protect offer a low-barrier starting point for shops that are earlier in their security maturity journey. Tousley’s closing frame is the one worth sitting with: the Canadian MSP market is being reshaped by consolidation at a pace that isn’t slowing. The independents that survive will be the ones having more sophisticated conversations with their clients. Evolve or sell. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and your host for the show. Cyber Threat Intelligence, CTI, has long been framed as an enterprise discipline. Dedicated team, security operations center, analysts who live in the data. But the threat landscape doesn’t really respect that boundary anymore. The tooling is getting more accessible, the attacks are getting more targeted at smaller organizations, and as we’ve talked about on the show before, the MSP stack itself has become a threat vector. So the question for the typical Canadian MSP isn’t really “Is threat intelligence relevant to me?” It’s “What do I actually do with it?” To dig into that, I sat down with two people from ESET. Cameron Tousley is director of MSP channels for ESET North America, and he lives squarely in the business conversation around what MSPs need to grow and differentiate. Pedro Kertzman is ESET’s resident CTI subject matter expert, and I’ll note that Pedro usually sits on the other side of the interview chair as the host of his own podcast on threat intelligence. So this was a bit of a role reversal for him. We talked about ESET’s eCrime reports, the idea of tracking cyber criminal activity at the affiliate level rather than just the group level, what proactive threat intelligence actually looks like for a 15-person MSP shop, and what Cameron described as the “evolve or sell” reality facing the MSP market right now. Let’s get right into it. Cameron, Pedro, thanks for joining us. I appreciate it. Cameron Tousley: Thanks for having us. Pedro Kertzman: Great to be here. Robert Dutt: Before we get into what ESET is specifically bringing to market, Cameron, can you give our listeners a sense for where the threat intelligence conversation is right now in the channel? Is this still primarily an enterprise kind of discussion or has something really shifted in terms of how MSPs and MSSPs are thinking about and talking about CTI? Cameron Tousley: I think that the market is evolving as a whole, no matter if you’re in the SMB segment or enterprise. I mean, it’s evolving everywhere. The beautiful thing is technology is getting cheaper, it’s getting more accessible. People are able with the advent of AI to kind of do more with less staff and things like that, and then allow their staff to kind of become more specialized. Enter in the topic of CTI. I just think that there’s an appetite from certain, and probably more evolving larger MSPs, to start incorporating more for their clients. I think they’ve always probably wanted to educate them, but it’s always that, “Hey man, just make sure I have uptime and the help desk is active when I need it.” And that’s the conversation. Fast forward to now and it’s becoming a little bit more relevant to want to consume CTI. So I’ll kind of start there and I’ll take a pause. I don’t know if Pedro’s got any other comments on that. Pedro Kertzman: No, I 100% agree. I think the threat landscape now with the maturity of the CTI offerings, MSPs can see that the things they’re trying to protect their customers against are more clearly explained and delivered in a way that they can see through CTI offerings now. So I think it’s just a natural evolution within the cybersecurity space to start leveraging that expertise as well. Robert Dutt: Without getting too far into pure positioning, how would you characterize what differentiates your approach to threat intelligence, sort of at the methodology level? What’s the philosophy behind how you’re researching and tracking threats and what you’re bringing to market with this CTI package? Cameron Tousley: Yeah, I’d say first off, our reach. We’re a global company. We have a product line, yeah, but we have 11 threat intel centers and those are also R&D centers too. So it’s a wealth of knowledge. Then we have researchers outside of that that are just remote, and so our tentacles are everywhere and that means something for somebody choosing a cybersecurity vendor or a platform because our researchers, they’re looking at a bunch of different avenues. They’re looking at the major threat acting groups. We have an offering we’ll talk about here in a few minutes, that centers on tracking affiliates because malicious activity, malware-as-a-service, is just like MSPs provide a service. So if I’m an affiliate—and I’ll define that real quick, an affiliate being the people that are buying the malware service and then going and distributing it and causing zero-day attacks—those are affiliates. So the real key part is what they do, not necessarily always the major malware-as-a-service group because that’s just one large avenue, but then you can’t predict what your customers are going to go and do on the black market. So yeah, I think we have a really exciting offering on our threat intelligence called eCrime and it comes in a feed and reports and it’s amazing. It really centers on the affiliate level and that is going to help get the conversations to be more quality with customers. It’s going to help an MSP who provides more, let’s call it reactive security at best, generalized services—which no knock against them, that’s just the model—and that’s going to help propel them into the more proactive security and having more quality cybersecurity-forward conversations with their customers of all sizes. Robert Dutt: Let’s delve a little bit more into that. Can you walk me through a scenario, even hypothetical or composite, where that affiliate-level insight would practically change the outcome for an MSP or one of their customers? How does this show up for an MSP basically? Pedro Kertzman: Yeah. So basically, I’ll take a step back a little bit just to explain how this threat ecosystem works. So the affiliates will be the ones really on the end of the line bringing that malware they got from a quote-unquote threat actor market or affiliate programs, more technically speaking per se, but they will be the ones delivering or sending that payload forward to whatever companies that they are trying to attack. So knowing how these guys work is basically going to give the companies, and the MSPs of course working for their security, the ability to stop the attack in the early stages, because the affiliates will be the ones trying to break in, acquire through whatever methods—credentials stolen or compromised credentials. So they are responsible, quote-unquote, within these affiliate programs to get the foot inside the door. So if you’re knowledgeable about how they act, what kind of techniques they use to get that foot in, you’re basically stopping the attacks before they actually become super massive, widespread attacks or super dangerous attacks. It’s kind of the proactive security instead of the reactive security. Cameron Tousley: Yeah, that’s a good comment. And then I’ll just throw one more little thing on that. I was talking about the conversations you can have with your clients, everything Pedro said, plus it’s like, you could have a specific conversation about, “Hey, this is what we blocked this month, but these are the threat acting groups, and here are the patterns, here’s the kind of malware that’s out there right now. By the way, you’re in the healthcare vertical, this threat acting group is targeting healthcare and doing this specific type of attack—happens to be phishing or fileless or whatever the complex attack is.” So they got to get really granular in the conversation. It can’t just be a super high-level one, because then your user’s not going to know what to do with that information. But if you coach them on the end-of-the-line issue and where it’s sourcing from, to Pedro’s point, you get ahead of that attack early, you might even prevent stuff that would have normally been a real headache. Robert Dutt: And you need to position yourself at least somewhat as the hero in so much as you’re saying, “Here’s the people who are attacking you, here’s what they’re doing, here’s what we’re doing proactively to counter that.” Cameron Tousley: Absolutely. Yeah, that’s a huge value to your end customer. The one that normally would have not cared about security and it’s more of an annoyance, now they’re paranoid about it, just like the MSP, just like the vendors, we’re all trying to get ahead of it. So I think that that provides a lot of value, and the average MSP is probably not going to do that. So you don’t necessarily have to go spend a ton of money, you just have to consume the information that’s out there maybe for free, and then maybe some of the paid services like the eCrime reports without buying our full threat intelligence platform, you can just do that. And that is like a huge value on its own to track exactly what we’re talking about right now. Robert Dutt: So taking a step back, I think some of this certainly informs and colors the question we go to ask, but I’m a 15-person MSP somewhere. I’ve got solid endpoint protection, an RMM stack I like, maybe managed SOC coverage, that kind of model. What’s the case, in addition to what we’ve already discussed, for why threat intelligence should be on my radar as a distinct capability I need to think about, bring to my customers and offer? Pedro Kertzman: Yeah, I think especially because again, talking specifically about the eCrime reports, we’re talking about the ones that are really perpetrating the attacks or executing the attacks. When you understand how your adversaries really act, you don’t need to always rely on the expertise of a super senior CTI analyst. There are ways that also, depending on your vendor, you can automate the expertise to just be pumping, let’s say, IOCs or IP addresses into your existing end users’ firewalls. If you manage a bunch of other firewalls for your end users, you can pump that eCrime knowledge into those firewalls in the form of IP addresses, domains, and things like that. But understanding that it’s going to be a proactive approach so they don’t get a foot in the door first, it’s kind of that decision beforehand that will give the MSPs, or MSSPs with 15 or so employees, that kind of extra leverage against those frontline attackers. Robert Dutt: I’m really interested in the idea of using intelligence and these eCrime reports as a client-facing tool, not just something that’s consumed internally, especially for that smaller MSP—something that you’re using in your QBR or whatever business review you have with customers to show your value. I’m curious, is that something you’re seeing happening today or is it a realistic use case, or is it a stretch for most MSPs right now? Cameron Tousley: I think it’s realistic. Now, let’s set the tone here. An MSP, they may not have the budget nor the expertise nor the staff to be buying a full-blown threat intelligence offering even like ours, but they can use certain parts of it like the eCrime reports. So that’s a good jumping-in point for the MSPs that are growing, or if you have 15 people on staff and there’s a good deal of them on the technical side, you may want to run your SOC in-house. Maybe that’s something you want to do. I think for them, the maturing MSP and definitely the MSSP, a threat intelligence offering is something that you will probably want to consume if you’re doing everything in-house. Now, I think there’s an argument for even if you’re going to go out-of-house and use the vendor, I still think there are free sources. We have customers that are using free platforms but running a paid feed through it. This is really dynamic. It’s flexible. It can fit to every different audience for the most part, except for the ones who are just not staffed for it and they’re probably outsourcing everything and they just don’t want to do it. They know that they are never going to be able to staff a 24×7 team and they’re also never going to be able to consume as much information as is coming in. But there are also other free resources, like I said, associated with our threat intelligence platform, like the eCrime reports, but there’s white papers that we produce. There are periodic threat reports. We do all kinds of analysis. And then on our welivesecurity.com blog, we publish all kinds of free information. And the really cool thing for existing ESET customers is through our ESET security platform, ESET Protect, we run a live feed through there and it shows you like, “Hey, here’s the latest news on WeLiveSecurity. Here is something you need to be aware of, there’s a vulnerability in the wild.” So we run some of the security stuff and this news right through a window inside of our platform, which I think is really big value added. Pedro Kertzman: Awesome. Yeah, I would add, if I can, Rob, we do have monthly digests as well on the CTI offerings, even for not super deep-down technical people. Let’s say more executives or CSMs, let’s say account managers on the MSSP or MSP side. It’s kind of an executive-ready type of report. So it’s more about the threat landscape overview. I think it helps them show that they are expanding their offerings on the security side and they’re knowledgeable about it as well. Again, doesn’t need to go in the nitty-gritty like in the weeds of IOCs and all that, but understanding, for example, that now the ecosystem on the other side is somebody providing the malware, somebody going and executing it. So just to show how they see these movements, I think it’s sometimes important enough to show that they are expanding their coverage for their end users. Robert Dutt: The reports, the eCrime reports, have been in the market about a month now, I guess. I’m curious what you’re actually hearing from MSPs and MSSPs as they’re digging into them. Are people using them the way you expected or are there surprises that you’re seeing in how they’re engaging, what they’re doing, how they’re thinking about this information? Pedro Kertzman: That’s a good question. I think because of the name, we got out of the gate with police forces reaching out to us, but in theory, it’s not the best kind of deep analysis that we’re going to give them, because they have a lot of expertise. So then we have the APT reports that would bring more detailed analysis for them. So it was interesting to see that people are kind of eager on the end-user side to see how the threat landscape, especially related to financial crimes or eCrime, are really, let’s say, hot right now. The MSPs are kind of following that trend, not as jumping on like the police forces were, but they are starting to inquire about the new eCrime reports for sure. Cameron Tousley: Yeah, I’d agree. I think the defender agencies, I’ll call them, the ones that are fighting the same battle we are, but maybe physically, but now they’re fighting the eCrime too. As they’re learning, this is a great tool for them. We find that they’re excited about it. It’s relatively new, so we’re going to see more and more adoption of it. But plenty of people who are in evaluation are like, “Hey, can I run a free month of this? I want to check it out and see what I’m going to get.” And we’re getting a lot of good feedback on it right now. I’d say on the MSSP/MSP side, again, it’s new for them too. And they do a lot of different things. So for them, they’re like, “I need to slice out some time to check this out as well because this is interesting. I don’t know if anybody else is really doing anything quite like this.” So for them to be able to check it out and add it to their offering, I think what’s going to happen is that they’ll get hooked on something like that and they’ll want more. And we’re already working on more. So our teams are hard at work. We’re adding new feeds, new reporting structures, new ways to consume it. And reasonably priced packages and things like that. Even ones where you have somebody on retainer where you can go to and get a very long deep dive on what you’re reading periodically throughout any given month. So I think with that, you’ll see a lot of internal IT large agencies adopt it. I think you’ll see some MSSPs adopt it. And you might even see some general MSPs who are evolving up that chain do the same thing. So it’s kind of a report and an offering for everybody there. Pedro Kertzman: Yeah, I think you mentioned something important, Cam. We do offer trials for the eCrime reports as well, right? If they want to test it out. Cameron Tousley: Yeah, try it before you buy it. Yeah. Robert Dutt: It sounds like you’re also thinking about ways that you can slice this, dice this, package it out to that smaller MSP or that MSP who’s not a pure-play security player going forward. I was going to ask, what do you see as coming next in CTI and in your eCrime reports? I think that’s certainly a hint. Anything else that you see sort of in the pipeline or where you’d like it to go, where partners would like to see it go? Cameron Tousley: Yeah, I’ll take a stab at this one because my heart’s near and dear to the MSP community. That’s what I’ve been working in. That’s a segment for quite a long time now for ESET. And so what I’m reading and what I’m theorizing on is that there’s other kinds of technologies that are pretty complex, have gotten more simple in the way that they’re still doing complex processes, like an EDR, right? It’s an investigative tool, and then you pair it with AI and then things become easier for the team managing it. I think it’s going to be the same thing here where you’re going to have an AI paired with it, which we have our own agentic AI agent in this offering now, which is very, very cool, and it’s built in our security platform. But for this, I think it’s going to make consuming information easier, generalizing it, summarizing it, and making sure you can spin it into a quick executive summary. My theory is click of a button, right? So I’m going to have a dashboard. I’m going to say, “Hey, I want an executive summary on this event.” So you’re basically just filtering, and then the end result is you hit that AI generate button and then it generates something that’s quality, and you can do it at various user levels, maybe various role levels. I’ll hit the CTO button or I’ll hit the CEO button and they’ll be a little bit different, obviously. So I think that it’s going to get simpler and managed intelligence as a service, that’s next. It’s already a term that’s being thrown out there a little bit if you look for it. So it’s just not mainstream yet. And I think it will be here in a short period of time. Pedro Kertzman: A hundred percent. And just to double down a little bit as well, Rob. I think especially for the smaller MSPs, let’s say you hit a critical infrastructure, you stop a pipeline or anything like that, you’re going to have federal agencies going after you, right? But then when you hit a mom-and-pop shop, nobody really cares. And those guys are often served through these smaller MSPs. So I think getting a better understanding of the threat landscape that especially targets those small businesses, I think it’s just a natural progression of the change in the threat landscape. Robert Dutt: Well, and you bring up a point that I kind of pulled on a little bit with your friend, Tony Anscombe, not too long ago. There’s so much data about how many attacks right now are taking advantage of the MSP tooling as a threat vector. And so I think that also speaks to a need for an MSP who wants to be mature and responsible about these kinds of things to have a better grip on who’s looking, what they’re looking at, and how that maps to what they’re doing. Pedro Kertzman: A hundred percent. And just to link this specifically about eCrime and affiliates, affiliates would be the ones exploiting those RMM tools, right? Because it’s something that is already deployed in the environment. If they get the credentials that got stolen for whatever reason, they have access to those tools and then they can deploy malware that they bought from those affiliate programs inside of the victim’s networks. Robert Dutt: And it’s funny, almost a reversal of back in the day, I can remember as a Mac user, there was a saying that Apple engaged in security through obscurity. What you describe is almost the opposite of that. It’s insecurity to a degree through obscurity. In that if I’m an attacker, I know that if I go after Colonial Pipeline to use your example, I’m all over the front page and there’s going to be a lot of government agencies who have a lot of serious, serious questions for me. If I take out an MSP tool that gives me access to a bunch of very small clients though, maybe I fly under the radar just a little bit more. Cameron Tousley: Oh yeah. Robert Dutt: This is my last question. If there’s one shift in thinking that you’d want a Canadian MSP to walk away with after this conversation, in terms of how they think about these reports, in terms of how they think about the role of threat intelligence in their business, you know, one thing they should reconsider about how they’re approaching their security practice, what would that be? Pedro Kertzman: So I think first, Rob, that’s kind of more of a mindset type of thing. CTI still sounds super complex to a lot of people. I would say there are two main flavors. One, if you really want to dig into techniques and all that, yes, you can get fairly technical and sophisticated, but there are really simple ways to ingest cyber threat intelligence into existing automated tools. You can, of course, do a POC with one, two, whatever vendors you want to do. Once you find that real value for your customers, your end users, then it’s automated. We’re talking about data feeds ingesting directly into a firewall. If you don’t have a CTI central brain kind of thing, which the market knows as a TIP (threat intel platform), you don’t need to go that route, the sophisticated route. There are simple ways to use threat intelligence. And honestly, it’s super valuable because it’s just, again, automated. You’re outsourcing the knowledge to the vendor directly who’s going to execute that, like a firewall, for example. Cameron Tousley: Yeah, I think that’s some really good commentary. And I have a lot of business conversations with MSP business owners and I follow the market, and the consolidation, there’s tons of it. And there has been for a few years, but it’s just insane right now. And I think that there’s this thing going around, it’s like, look, evolve or sell. Because you have the advent of AI and that’s speeding everything up tenfold. And just don’t be afraid. If you want to continue to run your business, don’t worry, you’re going to have clients out there in your locale that probably love you. But they’re also going to have people calling them as these other MSPs get bigger, and these national ones that swallow other little smaller companies and then their go-to market will be, “Well, let’s go down market, down market,” because we can’t always go up market, that’s pretty hard to do. But down market is like shooting fish in a barrel kind of thing. So that means it’s a risk for the smaller MSPs that are not going to sell out, that want to be in business another 10 or 15 years. So don’t be afraid, utilize AI to research it. They say don’t use AI as Google, I disagree a little bit, but you can use it for a lot of things. This can summarize: what is this offering? Can I use it? Ask it really basic questions to get acquainted, and then take the next step and call your vendor and just have a conversation with them and say, “What are all my options? I am in this locale, I serve these kind of verticals, here’s my sizing, here’s the tools I use.” You’ve got to throw everything out on the table because then your vendor, somebody like a technical or business contact, can jump in and say, “Look, I think that you should check out this part of this larger offering. And here’s what I’ll do for you. And here’s what you’re going to do. We’ll give you a game plan, right? You’re going to trial it in the following ways, we’re going to pair you up with a technical person to teach you a little bit and be your co-pilot—Microsoft gets enough press.” But really kind of jump in, try it out. Don’t be afraid. Because if you want to be around another 10 or 15 years, you have to make the leap. And you don’t have to do anything big, but you have to start adopting some of this security-forward thinking so that you can have threat briefings with your clients and not statistical talks. There was just that MSP summit and there was actually a panel on what the next gen of MSPs is doing. And it was funny to hear it because they’re like, “Well, we’re focused on outcomes.” And I totally agree, but I know some of the older MSPs are like, “Well, we’re focused on outcomes too.” But I think it’s the talk track. You’re all saying the same thing, but you need some more complex tools in some ways to be able to have these more outcome-based discussions. Like, “Hey, I not only blocked X amount of threats, I kept your uptime up in this way, and that allowed you to keep productivity up. So by my clock here, you were able to achieve all those things that you wanted to achieve in our initial meeting, we’re on track.” That’s the conversation you want to have in addition to that little bit of the threat briefings peppered in. Robert Dutt: All right. Some great advice there. Gentlemen, thank you both for taking the time. I appreciate it. Cameron Tousley: Thank you, Rob. Pedro Kertzman: Great to be here. Cameron Tousley: Absolutely. It was a pleasure. Thanks so much. Robert Dutt: There you have it, Cameron Tousley and Pedro Kertzman from ESET. I’d like to thank both Cameron and Pedro for their time. They did exactly what we set out to do with this conversation, kept it firmly in the strategy lane with technical depth in service of the business point rather than the other way around. A few things to leave you with. The framing that stuck with me most was Cameron’s distinction between statistics talk and threat briefings. The idea that your quarterly client review shifts from “here’s how many threats we blocked” to “here’s the specific group targeting your vertical right now. Here’s how their affiliate operates, and here’s what we’ve already done about it.” That’s a real upgrade in how an MSP demonstrates value. It moves you from uptime vendor to trusted advisor and that’s a conversation your competitors probably aren’t having yet. On the technical side, Pedro’s explanation of affiliate-level tracking is worth sitting with. The headline ransomware groups get the attention, but it’s the affiliates, the ones buying malware-as-a-service and doing the actual execution who determine the tactics on the ground. Tracking them is what gives you an early warning before the attack scales. And as I noted during the conversation, there’s a certain logic in how attackers exploit the MSP model specifically. Go after the tooling, stay under the radar, quietly compromise a hundred small clients instead of one high-profile target. Obscurity in that scenario is working against you. For the smaller MSP who’s heard all of this and thought, “I’m not staffed for this,” Pedro’s entry point is worth considering. You don’t need a full threat intelligence platform or a dedicated analyst to start. Automate the ingestion of indicators of compromise directly into your clients’ firewalls. Let the tooling do the work. It’s not glamorous, but it’s real, actionable and it’s a lot more than most of your competitors are doing. And Cameron’s closing thought, “evolve or sell,” is the frame I’d put around all of it. The consolidation wave hitting the MSP market right now is not slowing down. The shops that survive as independents will be the ones that have more sophisticated conversations with their customers. Threat intelligence is one of the things that helps you have those conversations. If you found this one useful, please follow or subscribe to the podcast wherever you listen. We’re on Apple Podcasts, Spotify, YouTube, all the major podcast directories. Ratings and reviews are always appreciated. Until next time, I’m Robert Dutt for ChannelBuzz.ca and I’ll see you in the channel.

(Deze versie heeft verbeterde audio kwaliteit tov de versie van voor 11 mei)Hebben we in deze tijden van AI nog anti virus nodig? AI kan zich immers eenvoudig aanpassen om onder de radar van detectie te blijven, zo gaat het verhaal.Dave Maasland, CEO van ESET verteld in deze aflevering waarom hij denkt dat juist de verdedigers in het voordeel zijn in deze tijden van AI.Daarnaast hebben we het over waar je als CISO op zou moeten letten als je end point beveiliging wil gaan inkopen.Wederom een interessante aflevering dus!YouTube

Aujourd'hui, je te recommande un podcast… dans lequel j'ai été interviewée !Marine m'a invitée dans Work in Process pour parler d'un sujet qu'on adore toutes les deux :les petites offres (ou “produits d'appel”, ou “offres pied dans la porte”).L'épisode s'intitule « Comment créer des produits d'appel et des petites offres irrésistibles ».On y parle :– de quand et pourquoi créer ce type d'offres– de comment les promouvoir efficacement– et de pourquoi elles sont souvent sous-estiméesEt si tu veux prolonger ta réflexion, je t'ai préparé une petite sélection de Minutes Marines :– MM#99 : c'est quoi une offre de service ?– MM#102 : les offres pied dans la porte– MM#188 : les différents types d'offresEt toi, t'as déjà testé une offre pied dans la porte ?Tu sais ce que tu veux vendre, et à qui ?(Pour me répondre, envoie-moi un mp sur Linkedin

Esta mañana en #Noticias7AM entrevistamos a Fátima Rodríguez, Investigadora de seguridad informática de ESET.  Tema: Cuánto cuestan los datos filtrados en México. #Uniradioinforma

Send us Fan MailWhat happens when cybersecurity meets fatherhood, leadership, and real-life decision making?

AI hackuje počítačové systémy a aplikácie. ➡️ Je AI nebezpečná? ➡️ Je pre nás AI hrozba alebo ju vieme ovládať a zmysluplne využiť? ➡️ Ako používa ESET umelú inteligenciu vo firme? ➡️ Prečo antivírus rozpoznáva deepfake videá inak, ako zisťovaním pravosti obrazu? Hostia:

Today’s headline news for Canadian IT solution providers: Hewlett Packard Enterprise expands software channel push: Hewlett Packard Enterprise is doubling its dedicated sales team to drive its Hybrid CloudOps software portfolio through the channel. According to CRN, Rocco Lavista, vice president and general manager of worldwide Hybrid CloudOps software sales at HPE, noted that rising global memory prices and the resulting hardware cost pressures are actively driving demand for virtualization alternatives like VM Essentials. For Canadian MSPs and VARs grappling with supply chain volatility and tightening server margins, the vendor’s expanded software push offers a potential pivot point to maintain profitability through higher-margin recurring revenue streams. AvePoint and Omdia research highlights AI governance gap: AvePoint and Omdia have released new global research indicating that governance and compliance, rather than technical capability, represent the primary barrier to AI monetization. Based on a survey of over 300 MSPs, 51 percent cited governance as the main obstacle to customer AI adoption. The report highlights a significant execution gap: while 94 percent of respondents are committed to AI readiness, only 43 percent report high maturity in their service delivery. As Canadian solution providers face increasing data sovereignty requirements, the research suggests that packaging AI governance as a standalone service is a viable path to capturing a share of a market Omdia projects will reach $276 billion by 2030. ESET tracks cyber insurance influence on the channel: Security vendor ESET has published its 2026 SMB Cyber Readiness Index, highlighting the growing influence of cyber insurance underwriters on the managed services landscape. The report found that 78 percent of Canadian small and medium-sized businesses now carry cyber insurance, with insurers increasingly mandating specific security controls. Among Canadian SMBs that outsource their security, 27 percent are now bypassing traditional providers to use a cyber insurer offering Managed Detection and Response (MDR) services. For the Canadian channel, the data underscores a critical shift: insurers are setting the baseline, and MSPs must integrate advanced monitoring capabilities to prevent clients from migrating to insurer-provided solutions. Read Full Transcript Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Thursday, April 23, 2026, and here’s what’s happening in the channel today. Hewlett Packard Enterprise is doubling its dedicated sales team to drive its Hybrid CloudOps software portfolio through the channel. According to Rocco Lavista, vice president and general manager of worldwide Hybrid CloudOps software sales at HPE, the vendor is actively working to accelerate partner attach rates for its software suite. Lavista recently noted that rising global memory prices and the resulting hardware cost pressures are actively driving demand for virtualization alternatives like VM Essentials. For Canadian MSPs and VARs grappling with supply chain volatility and tightening server margins, the vendor’s expanded software push offers a potential pivot point to maintain profitability through higher-margin recurring revenue streams. AvePoint and Omdia have released new global research indicating that governance and compliance, rather than technical capability, represent the primary barrier to AI monetization for managed service providers. Based on a survey of over three hundred MSPs, fifty-one percent cited governance as the main obstacle to customer AI adoption. The report highlights a significant execution gap: while ninety-four percent of respondents are committed to AI readiness, only forty-three percent report high maturity in their actual service delivery. As Canadian solution providers face increasing data sovereignty and privacy requirements, the research suggests that packaging AI governance as a distinct, standalone service may be the most viable path to capturing a share of a market Omdia projects will reach two hundred and seventy-six billion dollars by 2030. Security vendor ESET has published its 2026 SMB Cyber Readiness Index, highlighting the growing influence of cyber insurance underwriters on the managed services landscape. The report found that seventy-eight percent of Canadian small and medium-sized businesses now carry cyber insurance, with underwriters increasingly mandating specific security controls as a condition of coverage. Among Canadian SMBs that outsource their security, twenty-seven percent are now bypassing traditional providers to use a cyber insurer offering Managed Detection and Response services, while thirty-eight percent remain with a traditional MSP. For the Canadian channel, the data underscores a critical shift: insurers are actively setting the security baseline, and MSPs must integrate advanced monitoring capabilities to prevent clients from migrating to insurer-provided solutions. Later today on In The Channel, my conversation with Eric Arcese, vice president of global partner marketing at Dell Technologies, discussing the AI Factory, VxRail’s evolution, and what’s ahead. And if you haven’t heard it yet, be sure to check out yesterday’s chat with Rewst founder Aharon Chernin on building the automated MSP. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening.

The dominant structural shift discussed in the episode is the movement from tools-based differentiation to a market defined by proof and liability. This shift is driven by the rising demand for continuous, auditable control over data location, access, and change—requirements increasingly codified by policy mandates, insurance underwriting, and regional AI governance. As illustrated by France's shift away from Windows to Linux across government ministries, enforced through formal governmental policy, the conversation is moving beyond technology preferences to mandated operational boundaries and verifiable compliance. The episode cites findings from ESET's 2026 SMB Cyber Readiness Index, reporting that 86% of US SMBs and 78% of Canadian SMBs carry cyber insurance, with over half of US-insured SMBs required to implement explicit security controls by insurers. Underwriters increasingly demand evidence of controls like MFA, immutable backups, and EDR—not just attestations—at renewal, underwriting, and post-incident. Public sector mandates, such as France's comprehensive push for sovereignty encompassing OS, collaboration, cloud, and AI platforms, are producing enforceable requirements that cascade to commercial contracts and the MSP channel. Supporting developments include Gartner's forecast that by 2027, 35% of countries will be locked into region-specific AI platforms. This is reinforced by channel research from Channel Insider and a survey of 333 MSPs by AvePoint and Omnia, both pointing to governance—not AI tooling—as the leading blocker for MSPs adopting new technologies. Microsoft's move toward metered AI billing and the proliferation of shadow data (with more than 80% of sensitive data potentially sitting outside formal controls, according to Palo Alto Networks research) further highlight how operational complexity and fragmented governance elevate risk for service providers. For MSPs and IT leaders, these trends increase contractual and operational exposure. Failure to recognize that the market is purchasing assurance rather than tool support will leave providers absorbing liabilities related to insurance control failures and unmetered operational costs, often under fixed-fee models that do not account for new governance demands. Providers are advised to immediately review contract language for obligations tied to security controls, reconsider pricing and scope in governance delivery, and prepare for insurer-driven requirements such as third-party access to telemetry or continuous control attestations. The takeaway is that defensible, auditable evidence—not stack management—will define margins, accountability, and long-term client relationships. 00:00 Sovereignty Squeeze 04:22 Spawl Blindspot 07:02 Proof Pays 09:35 Why Do We Care?  Supported by:  ScalePad CometBackup 

El programa 2861 de Radiogeek, les habló de varios temas importantes. Un rumor afirma que iOS 27 dejará a cuatro iPhone sin compatibilidad; Despídete de los deepfakes de famosos en YouTube; Google Fotos acaba de lanzar un filtro de belleza para 1.500 millones de personas; Trump elogia a Tim Cook; Trump insinúa un posible acuerdo entre el Pentágono y Anthropic a medida que disminuyen las tensiones; por ultimo hablo de la portada de Economista y del ESET security days 2026 en Argentina. Toda esta información la pueden encontrar desde nuestra web www.infosertec.com.ar o bien desde el canal de Telegram/Whastapp, o Instagram. Esperamos sus comentarios.

So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-443

So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Show Notes: https://securityweekly.com/bsw-443

So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-443

So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET's global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit https://securityweekly.com/esetrsac to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastrsac to learn more about them! Show Notes: https://securityweekly.com/bsw-443

Mardi 14 avril, Frédéric Simottel a reçu Benoit Grunemwald, expert en cybersécurité chez ESET, Gérôme Billois, associé en cybersécurité et confiance numérique au sein du cabinet Wavestone, et Pascal Le Digol, directeur général France de WatchGuard Technologies, dans l'émission Tech&Co Business sur BFM Business. Retrouvez l'émission le samedi et réécoutez la en podcast.

It's getting tougher than ever to distinguish between a real and AI created video. That also goes for fraud. AI is creating such believable emails and websites that customers have to work hard not to fall for them. So what's to be done to protect companies and consumers from fake CEO messages or urgent but fake letters from legit clients? To discuss this and more was Righard Zwienenberg is a Senior Research Fellow with ESET .

In dieser Folge von „WeTalkSecurity" geht es um Threat Intelligence: was sich hinter dem Begriff verbirgt, wie Unternehmen davon profitieren, welche Rolle APT-Gruppen und geopolitische Konflikte dabei spielen – und warum Datenqualität wichtiger ist als Datenmenge. Philipp Plum spricht mit Steffen Schmidt, Manager of Sales Engineering bei ESET, darüber, wie Rohdaten und Telemetrie in verwertbare Bedrohungsinformationen verwandelt werden, was Datafeeds und APT-Reports leisten, welche Einstiegshürden bei der Implementierung bestehen und wie KI bzw. Machine Learning die Analyse von Bedrohungslagen künftig weiter vereinfachen wird.

On the RSAC Conference show floor, Tony Anscombe shared how ESET has expanded its threat intelligence offering with ECR reports -- designed to give commercial organizations both machine-readable feeds and human-readable analysis. The reason: threat actors are increasingly hard to attribute, they share tools, run coordinated campaigns, and reinvest profits into more sophisticated operations. Having someone do the research and surface actionable intelligence is no longer a luxury. Anscombe pointed to a telling campaign pattern from last year: threat actors refined attack methods against UK retailers, then rapidly adapted those same techniques against US retailers. The implication is clear -- your business may be unique in its infrastructure, but it is not unique in its sector. Understanding how your sector is being targeted is the foundation of a prevention-first posture. Automation came up as equally non-negotiable. If it takes three days to collect all the information needed to make a determination about an incident, the post-attack phase has already begun. ESET Inspect is designed to flip that equation: when an analyst opens an incident, the forensic analysis is done, the evidence is visualized, and the determination can be made on facts rather than gathered through investigation. Anscombe was careful to draw a line between automation as speed and automation as replacement. ESET's position is that AI should operate alongside human expertise -- trust and verify applies to AI-assisted analysis just as it does to any intelligence feed. Oversight remains essential, even as the tooling gets faster. A preview of upcoming survey data offered one of the more striking moments in the conversation. Roughly 35% of SMBs using MDR are sourcing that service directly from their cyber insurer. Anscombe flagged the monoculture risk: when a large share of businesses in the same sector run identical security stacks, a single point of failure becomes a sector-wide vulnerability. His advice after 30 years in the industry -- different organizations should deliberately choose different platforms to maintain diversity. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES ESET: https://www.eset.com ESET Threat Intelligence: https://www.eset.com/int/business/services/threat-intelligence/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, threat intelligence, cyber resilience, MDR, EDR, XDR, managed detection and response, SMB security, cybersecurity automation, RSAC Conference 2026, prevention-first security, cyber insurance, monoculture risk, ESET Inspect, APT research Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Les cybercriminels passent à la vitesse supérieure avec des attaques toujours plus crédibles et automatisées. Entre faille critique sur iOS et arnaques dopées à l'IA, les risques n'ont jamais été aussi élevés.Interview : Benoît Grünenwald, expert cybersécurité chez ESETEn partenariat avec ESETPunchlinesLes deepfakes deviennent de plus en plus crédibles.Les cyberattaques sont désormais industrialisées.Les données personnelles alimentent les arnaques ciblées.Mettre à jour ses appareils est indispensable.Parlons tout d'abord ce cette faille iOS particulièrement inquiétante : de quoi s'agit-il ?Cette alerte va au-delà d'une simple faille. On parle d'un kit d'exploit, c'est-à-dire un ensemble d'outils permettant d'utiliser une vulnérabilité pour prendre le contrôle d'un appareil. Dans ce cas précis, il suffit de visiter un site piégé avec un iPhone non à jour pour être infecté. Le scénario est simple : je reçois un SMS avec un lien, je clique, j'arrive sur un site compromis, et l'exploit s'exécute automatiquement. À partir de là, l'attaquant peut prendre le contrôle total de mon téléphone et accéder à mes données personnelles comme les contacts, les photos ou ma position.Nouveau sur le marché : les arnaques de livraison à base de deepfakesEn effet, on observe une nouvelle génération d'arnaques utilisant des images générées par IA. Par exemple, je reçois un message d'un prétendu livreur avec une photo d'un colis à mon nom, parfois même avec mon adresse. Ce qui change, c'est la personnalisation et l'industrialisation. Les cybercriminels ne se contentent plus de messages génériques : ils utilisent des bases de données et des outils automatisés pour générer des messages et des images sur mesure à grande échelle. Même si certaines images peuvent sembler imparfaites, elles deviennent de plus en plus crédibles. Et surtout, dans un contexte d'urgence ou de distraction, elles peuvent facilement tromper.Pourquoi le phishing explose-t-il autant aujourd'hui ?Les fuites de données jouent un rôle clé. Elles fournissent aux cybercriminels une énorme quantité d'informations personnelles qu'ils exploitent pour rendre leurs attaques plus convaincantes. On observe aussi une diversification des scénarios : colis, sécurité sociale, offres promotionnelles… Par exemple, des fausses offres de cartes de réduction très attractives peuvent inciter à cliquer rapidement sans vérifier. Les attaques sont de mieux en mieux construites, avec des noms de domaine crédibles et des messages personnalisés. Si on prend le temps d'analyser, on peut détecter des incohérences, mais dans la précipitation, le risque d'erreur est réel.Quels sont les réflexes essentiels pour se protéger ?Le premier réflexe, c'est la vigilance face aux messages non sollicités, quel que soit le canal : SMS, email ou messagerie. Le second, fondamental, c'est de maintenir tous ses appareils à jour. Dès qu'une mise à jour est disponible, il faut l'installer. C'est une mesure simple mais essentielle pour se protéger contre les failles connues.Hébergé par Audiomeans. Visitez audiomeans.fr/politique-de-confidentialite pour plus d'informations.

Décision de justice historique contre les géants des réseaux sociaux. OpenAI se prépare à la Bourse. Anthropic invente l'agent IA télécommandé. Google crée un "compresseur" pour IA afin d'économiser la mémoire informatique. Sony abandonne son projet de voiture. Nouvelle cyberarnaque au deepfake. Une bibliothèque mondiale du logiciel

RSAC: Retiring "APT," FCC's US-Made Router Ban, Zoom Call Scraping, Iran-Targeting Wiper, and Cyber Terrorism Insurance From RSAC 2026, host David Shipley highlights ESET researcher Robert Lipowsky's argument to retire the overused "advanced persistent threat" label and instead describe actors by motivation and activity, noting blurred lines between nation-state and criminal tooling. He also reports RSAC vendor trends (zero trust fading, "agentic AI" everywhere) and standout booth themes. In Washington, the FCC bans authorization of any new Wi‑Fi router models not made in the United States, citing supply-chain risk and attacks like Volt Flax and Salt Typhoon, impacting an industry largely manufacturing abroad unless exemptions are granted with plans to reshore. The episode details Webinar TV allegedly joining public Zoom links to record calls and publish AI-generated podcast recaps, and a Kubernetes-targeting campaign linked to the Trivy supply-chain attack that deploys an Iran-checking wiper. Finally, Treasury seeks comments on expanding the terrorism risk insurance backstop (TRIP) to cover cyber losses. Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst   00:00 Sponsor Meter Intro 00:18 Headlines Preview 00:58 Retiring The APT Label 02:51 RSAC Floor Trends 05:08 FCC Router Ban 06:43 Zoom Calls Turned Podcasts 09:29 Iran Targeting Wiper 10:57 Cyber Terrorism Insurance Debate 13:15 Wrap Up And Thanks 13:44 Sponsor Meter Outro

Tony Anscombe has attended RSA Conference since 1998 -- back when it was held at the Fairmont Hotel. That long view informs everything about how ESET approaches threat intelligence. It is not about volume. It is about accuracy, speed, and putting the right signal in front of the right team at the right moment. The ESET eCrime Ecosystem Report comes in two forms: a business-facing summary outlining current risks for leadership, and a long-form technical report for analysts -- complete with IOCs, coding examples, and structured intelligence feeds covering ransomware, crypto scams, malicious email attachments, and infostealer data. These feeds are built to plug directly into SOC workflows and firewall rules, not to create more work for already stretched teams. Tony Anscombe is direct about the quality problem in threat intelligence. Open-source feeds sound appealing -- until you factor in the analyst hours required to clean out the noise. By then, the intelligence is stale. Attacks circle the globe in hours. Near-real-time, verified intelligence is not a premium -- it is the baseline requirement. The threat detection conversation has also moved well past malware. Anscombe walks through how modern attackers often skip the payload entirely -- credential theft gets them in, then slow lateral movement and data exfiltration follow, with ransomware as the final act rather than the first signal. ESET's platform focuses on behavioral anomaly detection across the full environment, with on-site, cloud, and managed deployment options for organizations that cannot or will not go all-in on cloud architecture. At RSAC Conference 2026, ESET will be at booth 5253 in Moscone North. Anscombe has two sessions on the Wednesday agenda: one on supply chain blind spots -- urging security teams to engage directly with the business side to map third-party risk fully -- and a community rant session tackling four things that need to change in cybersecurity, including the cryptocurrency regulation debate. On AI, his message is measured: the real conversation at the show is not about using AI -- it is about securing it. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES ESET website: https://www.eset.com ESET threat research blog (WeLiveSecurity): https://www.welivesecurity.com ESET at RSAC Conference 2026 -- Booth 5253, Moscone North Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, RSAC Conference 2026, eCrime, threat intelligence, eCrime Ecosystem Report, cybersecurity, endpoint protection, MDR, threat detection, supply chain security, AI security, ransomware, infostealer, brand spotlight, brand marketing, marketing podcast, brand story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

(Presented by TLPBLACK: High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help defenders detect, hunt, and disrupt threats faster, with seamless integration into SIEM and SOAR workflows.) Three Buddy Problem - Episode 89: We discuss Iran hacktivist group 'Handala' wiper attacks against US medical device maker Stryker, Microsoft Intune MDM tool abuse, and whether Iran's cyber retaliation is as scary as the headlines suggest. Plus, ESET's discovery that Russia's APT28 original implant developers are back after years of silence, Dutch intelligence warnings on Russian campaigns targeting Signal and WhatsApp accounts, Apple finally patching Coruna exploit kit vulnerabilities for older iPhones, and Google sharing Coruna samples that raise new questions about the exploit kit's proliferation chain. Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

The MSP market is undergoing a critical shift toward risk management as the central value proposition, with operational accountability now defined by the ability to produce defensible documentation and deliver rapid incident response. According to Dave Sobel, MSPs are no longer primarily offering stack management, but are increasingly brokering risk through cyber warranties, insurance underwriting, incident retainers, and AI governance frameworks. Those unable to support their claims with evidence and formal processes risk becoming mere facilitators for third-party terms and losing control over their margins. Recent developments reinforce this shift. A Splunk report finds that nearly all CISOs now view AI governance and risk management as their responsibility, citing threat actor sophistication as a primary driver. AI is assisting with event triage and data correlation, but verification—especially around AI-generated content—is unreliable, with detection tools struggling against advanced fakes. Insurance mechanisms are becoming productized with prioritized incident response, and legal intelligence is being embedded into MSP workflows. Vendors like N-able, Monjur, SentinelOne, and DocuSign are directly integrating financial, legal, and governance functions into their offerings, fundamentally altering client and vendor relationships. Adjacent stories illustrate volatility in traditional safeguards and the operational reality of adaptive threats. CISA leadership changes indicate instability in public response institutions. AI-powered malware exemplifies the challenge: ESET's PromptSpy uses Gemini to continuously adapt its persistence, outpacing static detection models. Insurance underwriters are increasingly demanding machine-verifiable evidence of controls, using detailed questionnaires to distinguish autonomous AI from marketing claims. The risk is no longer just technical; it is structural. For MSPs and IT leaders, operational posture is now shaped by an ecosystem of embedded warranties, legal terms, governance requirements, and adaptive threats. The ability to document, defend, and productize risk controls becomes a baseline for credibility and insurance eligibility. Failure to build evidence pipelines and clarify vendor-imposed liabilities exposes service providers to compounded risk. The practical implication is a necessity for MSPs to treat governance and detection as measurable, documented capabilities—not assumptions or routine paperwork. Three things to know today: 00:00 CISOs Own Governance, Detectors Lag Fakes, Response Gets Contracted — Accountability Follows 03:14 N-able, SentinelOne, DocuSign Move Risk Management Into the Stack — MSP Terms Follow 05:10 CISOs Want Agentic AI, But Insurers and Adaptive Malware Are Forcing the Timeline 07:32 Why Do We Care?  Supported by:  CometBackUpSmall Biz Thoughts Community

On pensait l'intelligence artificielle générative cantonnée aux assistants virtuels et aux outils de productivité. Mais elle intéresse aussi les cybercriminels. Le 19 février 2026, les chercheurs d'ESET ont révélé l'existence de PromptSpy, un malware Android qui s'appuie sur le modèle Gemini de Google pour s'adapter aux téléphones de ses victimes. Et ce n'est peut-être qu'un avant-goût de ce qui arrive. Pour comprendre ce qui rend PromptSpy inédit, il faut revenir aux limites des malwares classiques. Habituellement, ces logiciels malveillants fonctionnent avec des scripts rigides : des coordonnées de clics prédéfinies, des boutons identifiés à l'avance. Problème : Android n'est pas uniforme. Chaque constructeur modifie l'interface, chaque mise à jour peut déplacer les menus. Résultat, les scripts se retrouvent vite obsolètes.PromptSpy contourne cette faiblesse grâce à l'IA. Concrètement, il capture une image de l'écran de la victime et l'envoie à Gemini. Le modèle analyse les éléments visibles — boutons, textes, icônes — et renvoie des instructions personnalisées, comme « appuie ici » ou « fais glisser là ». Selon Lukas Stefanko, chercheur chez ESET, cette approche permet au malware de s'adapter automatiquement à n'importe quel smartphone ou version d'Android. Une souplesse inédite. L'objectif principal est la persistance : rester installé quoi qu'il arrive. PromptSpy se verrouille dans la liste des applications récentes d'Android, en s'épinglant avec un cadenas virtuel. Impossible alors de le fermer d'un simple geste. Le dialogue avec l'IA continue jusqu'à confirmation que le verrouillage est effectif.Mais le cœur du danger réside ailleurs : dans un module VNC. Cette technologie permet aux attaquants de voir l'écran en temps réel et de contrôler le téléphone à distance, comme s'ils le tenaient en main. Le malware abuse aussi des services d'accessibilité — des fonctions prévues à l'origine pour aider les personnes en situation de handicap — afin d'empêcher la désinstallation grâce à des superpositions invisibles. Les chercheurs ont découvert ces zones cachées en activant un mode de débogage laissé dans le code. PromptSpy peut enregistrer l'écran, récupérer des codes PIN, lister les applications installées et transmettre ces données via des communications chiffrées. Pour le supprimer, il faut redémarrer en mode sans échec — un mode qui désactive les applications tierces — puis effacer l'application frauduleuse, baptisée MorganArg, qui imite une banque. Pour l'instant, aucune infection massive n'a été détectée. Mais pour ESET, le signal est clair : après PromptLock en 2025, l'IA devient un outil d'adaptation pour les malwares. Google a été alerté et Play Protect bloque les versions identifiées Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Aujourd'hui, je te recommande un podcast… dans lequel j'ai été interviewée !Marine m'a invitée dans Work in Process pour parler d'un sujet qu'on adore toutes les deux :les petites offres (ou “produits d'appel”, ou “offres pied dans la porte”).L'épisode s'intitule « Comment créer des produits d'appel et des petites offres irrésistibles ».On y parle :– de quand et pourquoi créer ce type d'offres– de comment les promouvoir efficacement– et de pourquoi elles sont souvent sous-estiméesEt si tu veux prolonger ta réflexion, je t'ai préparé une petite sélection de Minutes Marines :– MM#99 : c'est quoi une offre de service ?– MM#102 : les offres pied dans la porte– MM#188 : les différents types d'offresEt toi, t'as déjà testé une offre pied dans la porte ?Tu sais ce que tu veux vendre, et à qui ?(Pour me répondre, envoie-moi un mp sur Linkedin

Z čašníka a pomocníka na patológii až na pódiá, kde prednáša tisíckam ľudí. Pavla to do sveta kyberbezpečnosti odvialo úplne náhodou. 9 rokov bol v ESET-e a dnes má svoju vlastnú firmu, ktorá učí ľudí nenechať sa v online priestore nachytať.

In this edition of Between Two Nerds Tom Uren and The Grugq discuss the recent Russian attack on Polish electricity infrastructure. This episode is also available on Youtube. Show notes ESET's first report ESET's update report CERT-PL report Dragos report The Insider 'Hidden Bear' investigation BTN 124, How Russia's sabotage team got into hacking BTN 145, Russia's cyber war on wheat

(Presented by Material Security: We protect your company's most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 83: Poland's CERT documents a rare, explicit wiper attack on civilians in a NATO country, including detailed attribution of a Russian government op targeting the electric grid in the heart of winter. We examine why this crosses a long-avoided threshold, why attribution suddenly matters again, and what it says about pre-positioned access, vendor insecurity, and the shrinking gap between cyber operations and acts of war. Plus, another Fortinet fiasco, a new batch of Ivanti zero-days under attack, an emergency patch from Microsoft and the return of the mysterious KasperSekrets account. Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

Microsoft granted the FBI access to laptops encrypted with BitLocker. The EU opens an investigation into Grok's creation of sexually explicit images. Glimmers of access pierce Iran's internet blackout. Koi Security warns npm fixes fall short against PackageGate exploits. Some Windows 11 devices fail to boot after installing the January Patch Tuesday updates. CISA warns of active exploitation of  multiple vulnerabilities across widely used enterprise and developer software. ESET researchers have attributed the cyberattack on Poland's energy sector to Russia's Sandworm. This week's business breakdown. Brandon Karpf joins us to talk space and cyber. CISA sits out RSAC.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is cybersecurity executive and friend of the show Brandon Karpf with Dave Bittner and T-Minus Space Daily host Maria Varmazis, for our monthly space and cyber segment. Brandon, Maria and Dave discuss “No more free rides: it's time to pay for space safety.” Selected Reading FBI Accessed Windows Laptops After Microsoft Shared BitLocker Recovery Keys (Hackread) European Commission opens new investigation into X's Grok (The Register) Amid Two-Week Internet Blackout, Some Iranians Are Getting Back Online (New York Times) Hackers can bypass npm's Shai-Hulud defenses via Git dependencies (Bleeping Computer) Microsoft investigates Windows 11 boot failures after January updates (Bleeping Computer) CISA says critical VMware RCE flaw now actively exploited (Bleeping Computer) CISA confirms active exploitation of four enterprise software bugs (Bleeping Computer) ESET Research: Sandworm behind cyberattack on Poland's power grid in late 2025 (ESET)  Aikido secures $60 million in Series B funding. (N2K Pro Business Briefing) CISA won't attend infosec industry's biggest conference (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.   Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

No episódio desta quarta-feira (7), conversamos com Daniel Barbosa, pesquisador de segurança da ESET no Brasil, sobre as perigosas tendências de golpes digitais para 2026. O especialista detalha como a inteligência artificial é usada para criar Deepfakes de voz e vídeo extremamente realistas e aprimorar a engenharia social, e por que o Pix é um alvo de fraude tão desejado por golpistas. Você também vai conferir: Novo iPhone "barato" está a caminho; X afirma que vai suspender contas de quem cria conteúdos ilegais com a IA Grok; Google facilita migração de arquivos do Dropbox para o Drive nas empresas. Este podcast foi roteirizado e apresentado por Marcelo Fischer, e contou com reportagens de Vinícius Moschen, Viviane França e João Melo, sob coordenação de Anaísa Catucci. A trilha sonora é de Guilherme Zomer, a edição de Lívia Strazza e a arte da capa é de Erick Teixeira.See omnystudio.com/listener for privacy information.

Our daily digital tools—browsers, apps, and smart devices—offer convenience but also expose us to hidden security risks. This guide reveals how ordinary technologies can imperil privacy and safety, focusing on three major areas: browser extensions, typo-prone website visits, and internet-connected cameras.The Hidden Spy on Your BrowserBrowser extensions, designed to block ads or save passwords, can also harvest personal data or hide malware. Researchers recently found popular Chromium extensions secretly recording entire conversations with AI chatbots such as ChatGPT and Gemini—logging prompts, responses, and timestamps, then transmitting them to outside servers. Many of these tools were deceptively labeled as privacy enhancers and featured in official stores, masking their data collection practices under carefully worded policies.Another danger, exemplified by the GhostPoster malware campaign on Firefox, showed how malicious code can bypass security. The attackers embedded it in an image file within the extension's icon—an area security software rarely scans. The code then downloaded additional payloads from remote servers in timed stages to avoid detection. Together, these examples illustrate that browser extensions can function as open doors for data theft and hidden malware, exploiting misplaced trust.When a Typo Becomes a TrapEven something as minor as mistyping a web address now carries serious risk. A "parked domain"—an inactive site often resembling a misspelled version of a popular URL—has become a common tool for cybercriminals. Once relatively harmless, these domains are now overwhelmingly malicious. According to Infoblox research, over 90% of visits to parked domains result in exposure to scams, illegal content, or automatic malware downloads, compared to less than 5% a decade ago.Simply visiting one of these pages can trigger pop-ups for fake antivirus subscriptions, redirect you to scam sites, or silently infect your device. In today's environment, a typo is no longer an inconvenience—it's a gateway to immediate compromise.The Camera That Turns on YouInternet-connected security cameras promise safety but can create severe privacy breaches when poorly secured. A massive hack in South Korea exposed footage from over 120,000 cameras in homes, clinics, and salons, which hackers later sold online. Most intrusions stemmed from weak or unchanged default passwords. This event underscores that devices we install for protection can become surveillance tools for attackers if we fail to secure them properly.Staying Smart and SafeThe dangers from compromised extensions, malicious parked domains, and insecure cameras highlight one shared truth: convenience often conceals risk. To navigate safely, users should: 1. Question their tools—research extensions or apps and limit unnecessary permissions. 2. Avoid careless mistakes—double-check URLs before pressing enter. 3. Secure devices—use strong, unique passwords and update firmware regularly.Ultimately, cyber safety depends on ongoing vigilance rather than one-time fixes. Like Santa in a playful ESET report who “tightened his security” after a fictional data breach, users too can—and must—strengthen their defenses. Staying alert, skeptical, and proactive transforms technology from a source of danger into a safer partner in modern life.

Après une année 2025 marquée par des fuites de données massives, la cybercriminalité change d'échelle. Benoît Grünemwald, expert cybersécurité chez ESET, analyse les menaces émergentes, l'usage croissant de l'IA par les attaquants et la capacité de réponse des défenseurs à l'aube de 2026.Interview : Benoît Grünemwald, expert cybersécurité chez ESETEn partenariat avec ESETSi l'on dresse le bilan de 2025 en matière de cybercriminalité, que faut-il retenir en priorité ?En 2025, ce sont avant tout des fuites de données à très grande échelle. Elles ont touché des entreprises, mais aussi des fédérations sportives françaises et des services parapublics comme France Travail. L'ampleur est telle qu'on peut considérer que presque tout le monde a été concerné, directement ou indirectement.Pourquoi dites-vous que les conséquences se feront surtout sentir en 2026 ?Parce qu'il faut du temps aux cybercriminels pour exploiter ces données. Certains sont spécialisés dans la récupération d'informations et la constitution de bases, parfois revendues sur le dark web. En recoupant plusieurs fuites, notamment grâce à l'intelligence artificielle, ils peuvent créer des profils très précis. Cela ouvre la voie à des campagnes de phishing ciblées, mais aussi à des risques bien réels dans le monde physique.L'intelligence artificielle a-t-elle marqué un tournant en 2025 pour les cyberattaquants ?Oui, clairement. On est passé de simples expérimentations à des logiciels malveillants capables de se réécrire eux-mêmes, partiellement ou totalement, grâce à l'IA. Certains malwares utilisent désormais des API pour dialoguer avec une IA hébergée sur un serveur contrôlé par l'attaquant, afin de décider quoi faire des données trouvées sur la machine de la victime. C'est un changement de paradigme important, même si ces menaces restent aujourd'hui bien détectées.On a aussi parlé de l'utilisation d'agents d'IA comme Claude par des groupes de pirates…Oui, c'est notamment documenté dans un rapport d'Anthropic sur l'utilisation détournée de Claude. Des agents spécialisés ont été utilisés pour automatiser quasiment toute la chaîne d'une attaque. Chaque agent se charge d'une étape, avec très peu d'interactions humaines. Cela réduit la complexité technique pour les attaquants, mais cela reste encore relativement encadré.Les défenseurs utilisent eux aussi l'IA. Avec quels résultats ?Les défenseurs utilisent l'IA depuis longtemps, notamment pour les tests de pénétration, ou pen tests. Récemment, une IA a même remporté un concours de hacking éthique, en identifiant des failles plus efficacement que des experts humains. C'est un signal fort sur la capacité de l'IA à renforcer la sécurité des systèmes avant que les cybercriminels ne les exploitent.-----------♥️ Soutien : https://mondenumerique.info/don

L'intelligence artificielle, la robotique, la cybersécurité et la désinformation ont marqué 2025. Dans ce dernier Hebdo de l'année, on dresse le bilan d'un millésime technologique hors norme et se projette déjà vers 2026.

(Presented by Material Security (https://material.security): We protect your company's most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 73: The buddies react to Google's release of Gemini 3 and its early performance, new Chrome interface changes landing on users' machines, and major highlights from CYBERWARCON. We revisit the long-running debate over APT naming conventions, examine Amazon's latest threat-intel reporting on Iranian activity, and walk through the Cloudflare outage that briefly knocked chunks of the internet offline. Plus, new APT reports from ESET, Positive Technologies, and SecurityScorecard, and China's CN-CERT (now validated claim) that the U.S. government seized billions in Bitcoin tied to the Lubian mining-pool hack. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

ConnectWise has announced enhancements to its Ozzio platform, which now includes expanded third-party patching for over 7,000 applications, improvements to the professional services automation (PSA) user experience, and advanced robotic process automation (RPA) capabilities. These updates aim to address security vulnerabilities in widely exploited applications and streamline operations for managed service providers (MSPs). The new features are set to improve operational efficiency and security, with the expanded patching available immediately and RPA features expected to roll out in the coming months.In conjunction with these updates, ESET has integrated its ESET Protect platform with ConnectWise Ozzio, allowing for one-click deployment of security management tools. This integration is designed to enhance the efficiency of security tasks for MSPs, enabling them to meet legal and insurance requirements more effectively. Additionally, ConnectSecure has introduced AI-powered vulnerability management reports that prioritize risks based on business impact rather than just technical severity, further supporting MSPs in delivering proactive risk assessments.OpenAI has surpassed 1 million business customers, marking it as the fastest-growing business platform in history. A Wharton study indicates that 75% of enterprises using AI technologies report a positive return on investment. Meanwhile, Google has launched Gemini AI tools for stock traders and improved hurricane prediction capabilities through its DeepMind technology, showcasing the growing integration of AI across various sectors, including finance and weather forecasting.For MSPs and IT service leaders, these developments underscore the importance of integrating advanced security and AI capabilities into their service offerings. As the landscape shifts towards cyber resilience and AI-driven solutions, providers must adapt by leveraging these tools to enhance their operational efficiency and client services. The focus on measurable outcomes, such as trust and risk management, will be crucial for maintaining competitive advantage in an increasingly automated environment.  Four things to know today00:00 At IT Nation Connect, ConnectWise Focuses on Asio Enhancements While Ecosystem Partners Deliver the Bigger Innovation05:37 N-able Rebrands Its Future: Strong Earnings and AI-Fueled Pivot Toward Cyber Resilience08:31 From ChatGPT to Hurricanes: How AI's Expansion Is Turning Tools Into Core Business Systems11:14 Trust, Transparency, and Transformation: How AI Acceleration Is Forcing Leaders to Rethink Human Metrics This is the Business of Tech.    Supported by:  https://mailprotector.com/mspradio/