Anton Cherepanov

ESET research discovers a zero-day exploit that takes advantage of a local privilege escalation vulnerability in Windows

ESET researchers have discovered that the attackers have been distributing the Plead malware via compromised routers and man-in-the-middle attacks against the legitimate ASUS WebStorage software

ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks

ESET’s analysis of a recent backdoor used by TeleBots – the group behind the massive NotPetya ransomware outbreak – uncovers strong code similarities to the Industroyer main backdoor, revealing a rumored connection that was not previously proven

D-Link and Changing Information Technologies code-signing certificates stolen and abused by highly skilled cyberespionage group focused on East Asia, particularly Taiwan

Double zero-day vulnerabilities fused into one. A mysterious sample enables attackers to execute arbitrary code with the highest privileges on intended targets

The Lazarus Group gained notoriety especially after cyber-sabotage against Sony Pictures Entertainment in 2014. Fast forward to late 2017 and the group continues to deploy its malicious tools, including disk-wiping malware known as KillDisk, to attack a number of targets.

This article reveals details about the initial infection vector that was used during the DiskCoder.C outbreak.

This blogpost reveals many details about the Diskcoder.C (aka ExPetr or NotPetya) outbreak and related information about previously unpublished attacks.