Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia
ESET researchers have uncovered a supply-chain attack on the website of a government in Southeast Asia.
ESET researchers have uncovered a supply-chain attack on the website of a government in Southeast Asia.
LuckyMouse, TA428, HyperBro, Tmanger and ShadowPad linked in Mongolian supply-chain attack
ESET researchers discover a new backdoor used by Turla to exfiltrate stolen documents to Dropbox
ESET researchers uncover a novel Lazarus supply-chain attack leveraging WIZVERA VeraPort software
Backdoor authors show deep knowledge of the targeted POS software, decrypting database passwords from Windows registry values
Throughout its monitoring, ESET analyzed thousands of malicious samples every month to help this effort
ESET researchers uncover a new APT group that has been stealing sensitive documents from several governments in Eastern Europe and the Balkans since 2011
ESET researchers discover surprisingly many indicators of close cooperation among Latin American banking trojans’ authors
ESET researchers uncover a new version of Android spyware used by the APT-C-23 threat group against targets in the Middle East
ESET researchers have discovered and analyzed malware that targets Voice over IP (VoIP) softswitches
ESET researchers analyze a previously undocumented trojan that is spread via malicious torrents and uses multiple tricks to squeeze cryptocoins from its victims while staying under the radar
Beware the tax bogeyman – there are tax scams aplenty
Another in our occasional series demystifying Latin American banking trojans
We introduce Stadeo – a set of scripts that can help fellow threat researchers and reverse engineers to deobfuscate the code of Stantinko and other malware
ESET researchers lure GMERA malware operators to remotely control their Mac honeypots
ESET research uncovers a malicious operation that both spies on victims and leaks their data
ESET research gives a detailed picture of the operations of the Evilnum group and its toolkit deployed in attacks against carefully chosen targets in the fintech sector
Poorly secured remote access attracts mostly ransomware gangs, but can provide access to coin miners and backdoors too
ESET researchers dissect an Android app that masquerades as an official COVID-19 contact-tracing app and encrypts files on the victim's device
ESET researchers reveal the modus operandi of the elusive InvisiMole group, including newly discovered ties with the Gamaredon group