Patch now! Why the BlueKeep vulnerability is a big deal
What you need to know about the critical security hole that could enable the next WannaCryptor
Research
Expert content, for researchers by researchersResearch
A journey to Zebrocy land
ESET sheds light on commands used by the favorite backdoor of the Sednit group
EternalBlue reaching new heights since WannaCryptor outbreak
Attack attempts involving the exploit are in hundreds of thousands daily
Plead malware distributed via MitM attacks at router level, misusing ASUS WebStorage
ESET researchers have discovered that the attackers have been distributing the Plead malware via compromised routers and man-in-the-middle attacks against the legitimate ASUS WebStorage software
Turla LightNeuron: An email too far
ESET research uncovers Microsoft Exchange malware remotely controlled via steganographic PDF and JPG email attachments
D‑Link camera vulnerability allows attackers to tap into the video stream
ESET researchers highlight a series of security holes in a device intended to make homes and offices more secure
Buhtrap backdoor and Buran ransomware distributed via major advertising platform
Criminal activities against accountants on the rise – Buhtrap and RTM still active
OceanLotus: macOS malware update
Latest ESET research describes the inner workings of a recently found addition to OceanLotus’s toolset for targeting Mac users
Fake or Fake: Keeping up with OceanLotus decoys
ESET researchers detail the latest tricks and techniques OceanLotus uses to deliver its backdoor while staying under the radar
Gaming industry still in the scope of attackers in Asia
Asian game developers again targeted in supply-chain attacks distributing malware in legitimately signed software
ML‑era in cybersecurity: A step toward a safer world or the brink of chaos?
As the use of this technology grows so does the risk that attackers may hijack it
First clipper malware discovered on Google Play
Cryptocurrency stealers that replace a wallet address in the clipboard are no longer limited to Windows or shady Android app stores
DanaBot updated with new C&C communication
ESET researchers have discovered new versions of the DanaBot Trojan, updated with a more complicated protocol for C&C communication and slight modifications to architecture and campaign IDs
“Love you” malspam gets a makeover for massive Japan‑targeted campaign
ESET researchers have detected a substantial new wave of the “Love you” malspam campaign, updated to target Japan and spread GandCrab 5.1
Russia hit by new wave of ransomware spam
Among the increased number of malicious JavaScript email attachments observed in January 2019, ESET researchers have spotted a large wave of ransomware-spreading spam targeting Russian users
Android Trojan steals money from PayPal accounts even with 2FA on
ESET researchers discovered a new Android Trojan using a novel Accessibility-abusing technique that targets the official PayPal app, and is capable of bypassing PayPal’s two-factor authentication
DanaBot evolves beyond banking Trojan with new spam‑sending capability
ESET research shows that DanaBot operators have been expanding the malware’s scope and possibly cooperating with another criminal group
The Dark Side of the ForSSHe
ESET researchers discovered a set of previously undocumented Linux malware families based on OpenSSH. In the white paper, “The Dark Side of the ForSSHe”, they release analysis of 21 malware families to improve the prevention, detection and remediation of such threats
3ve – Major online ad fraud operation disrupted
International law enforcement swoops on fake ad viewing outfit
Sednit: What’s going on with Zebrocy?
In August 2018, Sednit’s operators deployed two new Zebrocy components, and since then we have seen an uptick in Zebrocy deployments, with targets in Central Asia, as well as countries in Central and Eastern Europe, notably embassies, ministries of foreign affairs, and diplomats