ESET Research
Latest Articles
Twitter ends free SMS 2FA: Here’s how you can protect your account now
Twitter’s ditching of free text-message authentication doesn’t mean that you should forgo using 2FA. Instead, switch to another – and, indeed, better – 2FA option.
Banking turmoil opens opportunities for fraud – Week in security with Tony Anscombe
Scammers are looking to cash in on the chaos that has set in following the startling meltdowns of Silicon Valley Bank and Signature Bank and the crisis at Credit Suisse
SVB’s collapse is a scammer’s dream: Don’t get caught out
How cybercriminals can exploit Silicon Valley Bank's downfall for their own ends – and at your expense
Not‑so‑private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets
ESET researchers analyzed Android and Windows clippers that can tamper with instant messages and use OCR to steal cryptocurrency funds
The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia
ESET Research uncovered a campaign by APT group Tick against a data-loss prevention company in East Asia and found a previously unreported tool used by the group
5 signs you’ve fallen for a scam – and what to do next
Here’s how to know you have fallen victim to a scam – and what to do in order to undo or mitigate the damage.
APT hackers set a honeytrap to ensnare victims – Week in security with Tony Anscombe
A request to move an online conversation to a supposedly more secure platform may not be as well-meaning as it sounds
Common WhatsApp scams and how to avoid them
Here's a roundup of some of the most common tricks that fraudsters use to dupe their victims on WhatsApp – and what you can do to protect yourself against them.
‘A woman from Mars’: Life in the pursuit of space exploration
An astrobiologist, analog astronaut, author and speaker, Dr. Michaela Musilova shares her experience as a woman at the forefront of space exploration and from her quest for scientific and personal excellence
Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials
ESET researchers analyze a cyberespionage campaign that distributes CapraRAT backdoors through trojanized and supposedly secure Android messaging apps – but also exfiltrates sensitive information
What does $5,000 buy you on a hacking forum? – Week in security with Tony Anscombe
A bootkit that ESET researchers have discovered in the wild is the BlackLotus UEFI bootkit that is being peddled on hacking forums
MQsTTang: Mustang Panda’s latest backdoor treads new ground with Qt and MQTT
ESET researchers tease apart MQsTTang, a new backdoor used by Mustang Panda, which communicates via the MQTT protocol
BlackLotus UEFI bootkit: Myth confirmed
The first in-the-wild UEFI bootkit bypassing UEFI Secure Boot on fully updated UEFI systems is now a reality
ESET Research Podcast: Ransomware trashed data, Android threats soared in T3 2022
And that’s just the tip of the iceberg when it comes to the trends that defined the cyberthreat landscape in the final four months of 2022.
One year on, how is the war playing out in cyberspace? – Week in security with Tony Anscombe
With the conflict in Ukraine passing the one-year mark, have its cyber-war elements turned out as expected?
A year of wiper attacks in Ukraine
ESET Research has compiled a timeline of cyberattacks that used wiper malware and have occurred since Russia’s invasion of Ukraine in 2022
WinorDLL64: A backdoor from the vast Lazarus arsenal?
The targeted region, and overlap in behavior and code, suggest the tool is used by the infamous North Korea-aligned APT group
Writing like a boss with ChatGPT and how to get better at spotting phishing scams
It’s never been easier to write a convincing message that can trick you into handing over your money or personal data
ESET SMB Digital Security Sentiment Report: The damaging effects of a breach
SMBs need to not only reduce their odds of being hit by an attack, but also implement processes that they can follow if their defenses are breached
Will ChatGPT start writing killer malware?
AI-pocalypse soon? As stunning as ChatGPT’s output can be, should we also expect the chatbot to spit out sophisticated malware?