Threat Reports

16 reports

ESET Threat Report H2 2023

ESET Threat Report H2 2023

This issue of ESET's Threat Report provides an overview of the top threats and trends as observed by our experts from June to November 2023. Among other things, it highlights a number of notable developments on the threat landscape, including campaigns that target users of tools like ChatGPT, a significant increase in Android spyware cases, and new strategies on the ransomware scene.


ESET APT Activity Report Q2 2023 - Q3 2023

ESET APT Activity Report Q2 2023 - Q3 2023

This issue of the report summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from April 2023 until the end of September 2023. In the monitored timespan, we observed a notable strategy of APT groups utilizing the exploitation of known vulnerabilities, including in WinRAR, Microsoft Exchange servers and IIS servers, to exfiltrate data from governmental entities or related organizations.


ESET Threat Report H1 2023

ESET Threat Report H1 2023

The H1 2023 issue of ESET Threat Report reviews the key trends and developments that shaped the threat landscape between December 2022 and May 2023. Among other findings, it shows that cybercriminals have remarkable adaptability and relentlessly pursue new avenues to achieve their nefarious goals – be it through exploiting vulnerabilities, gaining unauthorized access, compromising sensitive information, or defrauding individuals. Importantly, this issue also includes design improvements and features a new approach to data presentation.


ESET APT Activity Report Q4 2022­–Q1 2023

ESET APT Activity Report Q4 2022­–Q1 2023

What were some of the world's most notorious APT groups up to from October 2022 to March 2023? As this report shows, several China-aligned threat actors such as Ke3chang and Mustang Panda focused on European organizations, targeting them with new malicious wares. Meanwhile, Iran-aligned group OilRig deployed a new custom backdoor in Israel. North Korea-aligned groups continued to focus on South Korean and South Korea-related entities. Russia-aligned APT groups were especially active in Ukraine and EU countries, with Sandworm deploying wipers.


ESET Threat Report T3 2022

ESET Threat Report T3 2022

This issue of ESET's Threat Report reviews the key developments that defined the threat landscape in the final four months of 2022. Russia's war on Ukraine continued to impact everything from global economy to cyberspace, where the ransomware scene in particular went through major shifts, all while RDP attacks took a nosedive. This, of course, barely scratches the surface of what the report reveals. Additionally, the report highlights some of the key findings by ESET researchers in late 2022.


ESET APT Activity Report T3 2022

ESET APT Activity Report T3 2022

This issue of the ESET APT Activity Report reviews the activities of selected APT groups as observed, investigated, and analyzed by ESET researchers from September to December 2022. Russia-aligned APT groups continued to be particularly involved in operations targeting Ukraine, deploying destructive wipers and ransomware. For example, we detected the infamous Sandworm group using a previously unknown wiper against an energy sector company in Ukraine.


ESET APT Activity Report T2 2022

ESET APT Activity Report T2 2022

The first instalment of the ESET APT Activity Report – which looks at advanced persistent threat (APT) activity in May to August 2022 and accompanies the ESET Threat Report covering the same period – features insights of ESET Research into the activity of Russia-, China-, Iran-, and North Korea-aligned threat actors. Among many other things, the report shows that even more than eight months after the Russian invasion, Ukraine continues to be a prime target of Russia-aligned APT groups.


ESET Threat Report T2 2022

ESET Threat Report T2 2022

In the T2 2022 Threat Report, the ESET research team reviews the main trends and developments shaping the threat landscape from May to August 2022. The report sheds light on the changes in ideologically motivated ransomware, Emotet activity, the most-used phishing lures, the continuation of the sharp decline of Remote Desktop Protocol (RDP) attacks, as well as on how the plummeting cryptocurrency exchange rates affected online threats. The report also reviews the most important findings and achievements by ESET researchers in recent months.


ESET Threat Report T 1 2022

ESET Threat Report T 1 2022

The T1 2022 issue of the ESET Threat Report provides an in-depth exploration of the key developments, trends and threats that shaped the cybersecurity landscape in the first four months of 2022. What kinds of implications did Russia's invasion of Ukraine have for attackers' tactics and techniques? What are some of the most impactful attacks that were connected to the war and were discovered (and thwarted) by ESET research? Speaking of which, the report also summarizes the various recent findings from ESET research labs and features highlights from ESET investigations into operations by various APT groups.