Needles in a haystack: Picking unwanted UEFI components out of millions of samples
ESET experts describe how they trained a machine-learning model to recognize a handful of unwanted UEFI components within a flood of millions of harmless samples
Search results for: "UEFI"
White Papers
A machine‑learning method to explore the UEFI landscape
Building on their earlier work on UEFI threats, ESET experts describe how they trained a machine-learning model to recognize a handful of unwanted UEFI components within a flood of millions of harmless samples. Besides showing strong capabilities in identifying suspicious UEFI executables, this system offers real-time monitoring of the UEFI landscape and was found to
White Papers
LOJAX: First UEFI rootkit found in the wild, courtesy of the Sednit group
ESET researchers have discovered the first in-the-wild UEFI rootkit. Dubbed LoJax, the research team has shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe. The Sednit group is a resourceful APT group targeting people and
LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group
ESET researchers have shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe
Fighting persistent malware with a UEFI scanner, or ‘What’s it all about UEFI?”
The biggest news in malware so far this year has been WannaCryptor a.k.a. WannaCry, and one reason that particular ransomware spread so fast was because it used a “top secret” exploit developed by the NSA, an agency known to have dabbled in UEFI compromise.
UEFI malware: How to exploit a false sense of security
When thinking about security we generally take risk into account. It is well known that risk is a composition of likelihood and potential impact.
Thunderspy attacks: What they are, who’s at greatest risk and how to stay safe
All you need to know about preventing adversaries from exploiting the recently disclosed vulnerabilities in the Thunderbolt interface
Week in security with Tony Anscombe
This week, ESET researchers published an analysis of a previously unknown cyber-espionage platform and described a system enabling them to explore the UEFI landscape in an efficient way
A journey to Zebrocy land
ESET sheds light on commands used by the favorite backdoor of the Sednit group
ML‑era in cybersecurity: A step toward a safer world or the brink of chaos?
As the use of this technology grows so does the risk that attackers may hijack it
2018: Research highlights from ESET’s leading lights
As the curtain slowly falls on yet another eventful year in cybersecurity, let’s look back on some of the finest malware analysis by ESET researchers in 2018
Sednit: What’s going on with Zebrocy?
In August 2018, Sednit’s operators deployed two new Zebrocy components, and since then we have seen an uptick in Zebrocy deployments, with targets in Central Asia, as well as countries in Central and Eastern Europe, notably embassies, ministries of foreign affairs, and diplomats
Virus Bulletin 2018: Attack velocity ramps up
Some tips from the floor of VB 2018 for helping to keep your data more secure
Week in security with Tony Anscombe
ESET researchers discover LoJax - Week in security with Tony Anscombe
Bootkits, Windigo, and Virus Bulletin
ESET research on Operation Windigo received an award at Virus Bulletin 2014. Our research on bootkits was also well received, and is now available publicly.
Back in BlackEnergy *: 2014 Targeted Attacks in Ukraine and Poland
State organizations and private businesses from various sectors in Ukraine and Poland have been targeted with new versions of BlackEnergy, a malware that's evolved into a sophisticated threat with a modular architecture.
A buffet of 2014 security and privacy predictions
Have you been wondering what trends in security and privacy ESET researchers are predicting for 2014? The following is a sampling, a year-end snack plate if you will, featuring predictions from Aryeh Goretsky, Righard Zwienenberg, David Harley, Cameron Camp, Lysa Myers, and more.
Six months with Windows 8 (white paper)
ESET security researchers release white paper looking at the first six months of Windows 8. Just how secure is Microsoft's new operating system?
A white paper: Windows 8’s Security Features
[NOTE: For the latest information about compatibility between ESET’s software and Windows 8, please see the following blog post: W8ing for V6: What ESET has in store for Windows 8 Users. (10/23/2012, 4:15PM)] Windows 8 will be available to the public in three weeks, and interest in the latest version of Microsoft’s flagship operating system
Windows 8: Significant Changes and Security Issues
Aryeh Goretsky discusses the transition from BIOS firmware to UEFI for implementing Secure Boot under Windows 8.