The cybercriminal group behind BlackEnergy, the malware family that has been around since 2007 and has made a comeback in 2014, was also active in the year 2015.
State organizations and private businesses from various sectors in Ukraine and Poland have been targeted with new versions of BlackEnergy, a malware that’s evolved into a sophisticated threat with a modular architecture.
The recent attacks on the electrical power industry in Ukraine are connected to attacks on the media and to targeted cyber-espionage attacks against Ukrainian governmental agencies.
Robert Lipovsky, a senior malware researcher at ESET, offers his expert insight into the recent discovery of BlackEnergy malware in Ukrainian energy distribution companies.
In this post we provide additional information on how a specially crafted PowerPoint slideshow file (.PPSX) led to the execution of a BlackEnergy dropper.
Highlights from the last seven days in information security include the return of the BlackEnergy trojan and security insights from CES 2016.
Highlights from the past seven days in information security include an analysis of the BlackEnergy trojan and Microsoft’s decision to end support for older versions of Internet Explorer.
This week, a serious software vulnerability, which rapidly became known as the ‘Bash Bug’ or ‘Shellshock’ dominated the headlines, as two other faked news stories showed that hoaxes can fool the world very easily these days.
ESET has discovered a new wave of cyberattacks attacks against Ukraine’s electric power industry. Interesting, the malware that was used is not BlackEnergy.
After taking a look at recent Korplug (PlugX) detections, we identified two larger scale campaigns employing this well-known Remote Access Trojan. This blog gives an overview of the first one
IT security staff have spent the last few weeks fighting hackers in the White House, after a computer network was breached. But can we tell who was behind the attack?
After BlackEnergy and Operation Potao Express, ESET researchers have uncovered another cyberespionage operation in Ukraine: Operation Groundbait.
Just as audiences have suffered from bad movie craftsmanship, IT users have had to endure the consequences of the malicious work done by malware authors. Welcome to Razzies for malware.
Reid Wightman, a security researcher, has discovered that internet-connected operational technology can ‘easily’ be attacked and damaged.
ESET has discovered a Linux variant of the KillDisk component that renders Linux machines unbootable, while encrypting files and requesting a large ransom at the same time.
Highlights from the last seven days in information security include ESET’s latest trends report (In)security Everywhere and the ongoing cyberattacks against Ukraine’s electric power industry.
ESET’s Anton Cherepanov analyzes the work of TeleBots, a malicious toolset that was used in focused cyberattacks against targets in Ukraine’s financial sector.
ESET’s threat analysts have taken a closer look at the software used by Sednit to spy on its targets and steal confidential information.
Welcome to this week’s security review, which includes ESET releasing a new decryptor for TeslaCrypt ransomware, new revelations about a 2012 LinkedIn data breach and expert insight into Operation Groundbait.