White Papers

86 reports
Diplomats in Eastern Europe bitten by a Turla mosquitoDownload

Diplomats in Eastern Europe bitten by a Turla mosquito

Diplomats in Eastern Europe bitten by a Turla mosquito

Turla is one of the longest-known state-sponsored cyberespionage groups, with well-known victims such as the US Department of Defense in 2008. The group owns a large toolset that is generally divided into several categories: the most advanced malware is only deployed on machines that are the most interesting to the attackers. Their espionage platform is mainly used against Windows machines, but also against macOS and Linux machines with various backdoors and a rootkit.

ESET’s Guide to deobfuscating and devirtualizing FinFisherDownload

ESET’s Guide to deobfuscating and devirtualizing FinFisher

ESET’s Guide to deobfuscating and devirtualizing FinFisher

Thanks to its strong anti-analysis measures, the FinFisher spyware has gone largely unexplored. Despite being a prominent surveillance tool, only partial analyses have been published on its more recent samples. Things were put in motion in the summer of 2017 with ESET’s analysis of FinFisher surveillance campaigns that ESET had discovered in several countries.

Gazing at Gazer: Turla’s new second stage backdoorDownload

Gazing at Gazer: Turla’s new second stage backdoor

Gazing at Gazer: Turla’s new second stage backdoor

Turla is a notorious group that has been targeting governments, government officials and diplomats for years. Although this backdoor has been actively deployed since at least 2016, it has not been documented anywhere. Based on strings found in the samples we analyzed, we have named this backdoor “Gazer”.

Is Machine Learning Cybersecurity's silver bullet?Download

Is Machine Learning Cybersecurity's silver bullet?

Is Machine Learning Cybersecurity's silver bullet?

The world is changing in front of our eyes. Where facts, truth and honesty were once our most valuable assets, nowadays, alternative-facts, post-truths and outright lies reign. Unfortunately, the cybersecurity industry is no exception to this trend.

Stantinko: Teddy Bear Surfing Out of SightDownload

Stantinko: Teddy Bear Surfing Out of Sight

Stantinko: Teddy Bear Surfing Out of Sight

To get a global view of the Stantinko ecosystem, you need a lot of the pieces of the puzzle. The more we dug and tracked Stantinko, the more we could collect those pieces and put them together.

Win32/Industroyer: A new threat for industrial control systemsDownload

Win32/Industroyer: A new threat for industrial control systems

Win32/Industroyer: A new threat for industrial control systems

Win32/Industroyer is a sophisticated piece of malware designed to disrupt the working processes of industrial control systems (ICS).

Read The ManualDownload

Read The Manual

Read The Manual

In this paper, ESET's Matthieu Faou and Jean-Ian Boutin look at Read The Manual (RTM), a new group that has emerged on the international cybercrime scene. They cover the details of their tools, whom they target, and offer a rare glimpse into the type of operation they are carrying out.

Trends in Android ransomwareDownload

Trends in Android ransomware

Trends in Android ransomware

Among other things, this paper delivers a definition of ransomware is provided; ESET’s detection telemetry is used to see the current trends for this cyberthreat; and detail on the most noteworthy Android ransomware examples since 2014 is provided.

IS GDPR good or bad news for business?Download

IS GDPR good or bad news for business?

IS GDPR good or bad news for business?

Based on “A concise guide to the key provisions of the General Data Protection Regulation (GDPR)” by Kemp Jones Solicitors LLP.