ESET researchers have discovered and analyzed advanced malware, previously undocumented, that has been used in targeted attacks against critical infrastructure organizations in Central and Eastern Europe. The malware, named GreyEnergy by ESET researchers, exhibits many conceptual similarities with BlackEnergy, the malware used in attacks against the Ukrainian energy industry in December 2015
Search results for: "BlackEnergy"
Highlights from the past seven days in information security include an analysis of the BlackEnergy trojan and Microsoft’s decision to end support for older versions of Internet Explorer.
Robert Lipovsky, a senior malware researcher at ESET, offers his expert insight into the recent discovery of BlackEnergy malware in Ukrainian energy distribution companies.
Highlights from the last seven days in information security include the return of the BlackEnergy trojan and security insights from CES 2016.
The recent attacks on the electrical power industry in Ukraine are connected to attacks on the media and to targeted cyber-espionage attacks against Ukrainian governmental agencies.
The cybercriminal group behind BlackEnergy, the malware family that has been around since 2007 and has made a comeback in 2014, was also active in the year 2015.
In this post we provide additional information on how a specially crafted PowerPoint slideshow file (.PPSX) led to the execution of a BlackEnergy dropper.
This week, a serious software vulnerability, which rapidly became known as the ‘Bash Bug’ or ‘Shellshock’ dominated the headlines, as two other faked news stories showed that hoaxes can fool the world very easily these days.
State organizations and private businesses from various sectors in Ukraine and Poland have been targeted with new versions of BlackEnergy, a malware that's evolved into a sophisticated threat with a modular architecture.
GreyEnergy: ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks
ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks
ESET’s analysis of a recent backdoor used by TeleBots – the group behind the massive NotPetya ransomware outbreak – uncovers strong code similarities to the Industroyer main backdoor, revealing a rumored connection that was not previously proven
Healthcare sectors, critical manufacturing, food production and transportation also said to be targets for cybercriminals
ESET's Global Security Evangelist Tony Anscombe expands on his theory
The Lazarus Group gained notoriety especially after cyber-sabotage against Sony Pictures Entertainment in 2014. Fast forward to late 2017 and the group continues to deploy its malicious tools, including disk-wiping malware known as KillDisk, to attack a number of targets.
Tracing the evolution and subsequent revolution of ransomware
The vulnerability of critical infrastructure, including energy grids, to cyberattacks has been a growing concern worldwide. Many nations have been scrambling to improve their defenses vis-à-vis threats faced by services that are critical to the continuity of our daily lives.
The latest survey marks a shift from optimism regarding technological risks in the previous years. The heightened levels of worry come on the back of an escalation in cybersecurity threats, which, as noted by the WEF, are growing in prevalence and in disruptive potential alike.
Courtesy of its highly customizable nature – along with its ability to persist in the system and to provide valuable information for fine-tuning the highly configurable payloads – the malware can be adapted for attacks against any environment, making it extremely dangerous.
We are halfway through the year and it is a good opportunity to analyze the extent to which the ideas we gathered in the Trends 2017: Security Held Ransom report have come true.