Microsoft fixes vulnerability affecting all Windows versions since 1996
Another vulnerability in the same Windows component was abused by Stuxnet a decade ago
Latest Articles
Mikroceen: Spying backdoor leveraged in high‑profile networks in Central Asia
ESET researchers dissect a backdoor deployed in attacks against multiple government agencies and major organizations operating in two critical infrastructure sectors in Asia
Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks
ESET researchers uncover several instances of malware that uses various attack vectors to target systems isolated by an air gap
Thunderbolt flaws open millions of PCs to physical hacking
A new attack method enables bad actors to access data on a locked computer via an evil maid attack within 5 minutes
WannaCryptor remains a global threat three years on
WannaCryptor is still alive and kicking, so much so that it sits atop the list of the most commonly detected ransomware families
Lukas Stefanko: How we fought off a DDoS attack from a mobile botnet
Hot on the heels of his research into an attack that attempted to take down ESET’s website, Lukas Stefanko sheds more light on threats posed by mobile botnets
Over 160 million user records put up for sale on the dark web
Eleven companies, ranging from online marketplaces to news websites, have had their user databases poached
Breaking news? App promises news feeds, brings DDoS attacks instead
After being targeted by an Android DDoS app, ESET seized the opportunity to analyze the attack and to help put an end to it
Week in security with Tony Anscombe
COVID-19 and digital transformation – How personal data ends up in spam feeds – Common password mistakes and what to do instead
Scams to watch out for not just this Mother’s Day
As you rush to buy something for your mom, con artists will be trying to make a dent in your wallet. Here are some common types of fraud to look out for not only this Mother's Day.
Digital transformation could be accelerated by COVID‑19
The pandemic has highlighted the need for businesses to act with alacrity and prepare for the long haul – and to do so with cybersecurity in mind
5 common password mistakes you should avoid
Password recycling or using easy-to-guess passwords are just two common mistakes you may be making when protecting your digital accounts
Almost a million WordPress websites targeted in massive campaign
An unknown threat actor is exploiting vulnerabilities in plugins for which patches have been available for months, or even years
Professional data leakage: How did that security vendor get my personal data?
…and why are they selling it to other security vendors and product testers?
Ghost blogging platform servers hacked to mine cryptocurrency
Ghost wasn’t the only victim of break-ins over the weekend that exploited critical holes in infrastructure automation software for which patches were available
Week in security with Tony Anscombe
ESET's new Threat Report is out – Another deep dive into Latin American banking trojans – More coronavirus-themed scams
It’s no time to let your guard down as coronavirus fraud remains a threat
Scammers rehash old campaigns, create credit card-stealing websites and repurpose information channels to milk the COVID-19 crisis for all it's worth
Sextortion scammers still shilling with stolen passwords
The email includes the potential victim’s password as evidence of a hack, but there is more than meets the eye
ESET Threat Report Q1 2020
A view of the Q1 2020 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
Grandoreiro: How engorged can an EXE get?
Another in our occasional series demystifying Latin American banking trojans