search result

BlackEnergy by the SSHBearDoor: attacks against Ukrainian news media and electric industry

The cybercriminal group behind BlackEnergy, the malware family that has been around since 2007 and has made a comeback in 2014, was also active in the year 2015.

Back in BlackEnergy *: 2014 Targeted Attacks in Ukraine and Poland

State organizations and private businesses from various sectors in Ukraine and Poland have been targeted with new versions of BlackEnergy, a malware that’s evolved into a sophisticated threat with a modular architecture.

BlackEnergy trojan strikes again: Attacks Ukrainian electric power industry

The recent attacks on the electrical power industry in Ukraine are connected to attacks on the media and to targeted cyber-espionage attacks against Ukrainian governmental agencies.

BlackEnergy and the Ukrainian power outage: What we really know

Robert Lipovsky, a senior malware researcher at ESET, offers his expert insight into the recent discovery of BlackEnergy malware in Ukrainian energy distribution companies.

CVE-2014-4114: Details on August BlackEnergy PowerPoint Campaigns

In this post we provide additional information on how a specially crafted PowerPoint slideshow file (.PPSX) led to the execution of a BlackEnergy dropper.

The security review: BlackEnergy, CES 2016 and Windows 10

Highlights from the last seven days in information security include the return of the BlackEnergy trojan and security insights from CES 2016.

The security review: BlackEnergy, Internet Explorer and Fitbit

Highlights from the past seven days in information security include an analysis of the BlackEnergy trojan and Microsoft’s decision to end support for older versions of Internet Explorer.

Week in security: Bash Bug, BlackEnergy and hoax attacks

This week, a serious software vulnerability, which rapidly became known as the ‘Bash Bug’ or ‘Shellshock’ dominated the headlines, as two other faked news stories showed that hoaxes can fool the world very easily these days.

New wave of cyberattacks against Ukrainian power industry

ESET has discovered a new wave of cyberattacks attacks against Ukraine’s electric power industry. Interesting, the malware that was used is not BlackEnergy.

Korplug military targeted attacks: Afghanistan & Tajikistan

After taking a look at recent Korplug (PlugX) detections, we identified two larger scale campaigns employing this well-known Remote Access Trojan. This blog gives an overview of the first one

White House hit by “sustained” cyber attack, hackers breach unclassified network

IT security staff have spent the last few weeks fighting hackers in the White House, after a computer network was breached. But can we tell who was behind the attack?

Operation Groundbait: Espionage in Ukrainian war zones

After BlackEnergy and Operation Potao Express, ESET researchers have uncovered another cyberespionage operation in Ukraine: Operation Groundbait.

Razzies for malware: These were the worst performances of the year

Just as audiences have suffered from bad movie craftsmanship, IT users have had to endure the consequences of the malicious work done by malware authors. Welcome to Razzies for malware.

Operational technology ‘susceptible to remote attacks’

Reid Wightman, a security researcher, has discovered that internet-connected operational technology can ‘easily’ be attacked and damaged.

KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt

ESET has discovered a Linux variant of the KillDisk component that renders Linux machines unbootable, while encrypting files and requesting a large ransom at the same time.

The security review: ESET’s trends for 2016, more attacks in Ukraine and virtualized security

Highlights from the last seven days in information security include ESET’s latest trends report (In)security Everywhere and the ongoing cyberattacks against Ukraine’s electric power industry.

The rise of TeleBots: Analyzing disruptive KillDisk attacks

ESET’s Anton Cherepanov analyzes the work of TeleBots, a malicious toolset that was used in focused cyberattacks against targets in Ukraine’s financial sector.

Lifting the lid on Sednit: A closer look at the software it uses

ESET’s threat analysts have taken a closer look at the software used by Sednit to spy on its targets and steal confidential information.

The security review: ESET release decryptor for TeslaCrypt ransomware

Welcome to this week’s security review, which includes ESET releasing a new decryptor for TeslaCrypt ransomware, new revelations about a 2012 LinkedIn data breach and expert insight into Operation Groundbait.

ESET Presentations at Virus Bulletin 2015

Some of the good things in store for those attending Virus Bulletin 2015.

Copyright © 2017 ESET, All Rights Reserved.