ESET APT Activity Report T2 2022

An overview of the activities of selected APT groups investigated and analysed by ESET Research in T2 2022 Today ESET Research publishes the very first ESET APT Activity Report, which summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from May until the end of August … More ESET APT Activity Report T2 2022

ESET Research discovers Mustang Panda’s Hodur cyberespionage malware: Old tricks, new Korplug variant

Mustang Panda, the cyberespionage group behind this threat, is targeting mainly governmental entities and NGOs in East and Southeast Asia, and some in Europe and Africa. · This cyberespionage campaign dates back to at least August 2021 and is still ongoing as of March 2022. · Mustang Panda, the APT group behind this campaign, is … More ESET Research discovers Mustang Panda’s Hodur cyberespionage malware: Old tricks, new Korplug variant

Endpoint detection and response: The path to security maturity starts with visibility

Looking to set off on the right foot with endpoint detection and response? Prioritize visibility into your systems. For organizations considering adoption of an endpoint detection and response (EDR) solution, MITRE Engenuity’s most recent ATT&CK® Evaluation provides a singular glimpse into how a prospective EDR tool stands in the face of sophisticated threats. The work of … More Endpoint detection and response: The path to security maturity starts with visibility

Know your enemy: MITRE Engenuity’s ATT&CK® Evaluations show the need for balanced approach to EDR use

In spite of MITRE Engenuity’s clear guidance regarding the ATT&CK® Evaluation methodology and interpretation of the results – specifically, the part that says the “evaluations are not a competitive analysis” and that “there are no scores or winners” – a handful of participating vendors have already released boastful marketing materials claiming that they beat their competition. While the motivations … More Know your enemy: MITRE Engenuity’s ATT&CK® Evaluations show the need for balanced approach to EDR use

Authorities remove web shells from compromised Exchange servers

Law enforcement steps in to thwart attacks leveraging the recently-disclosed Microsoft Exchange Server vulnerabilities. The United States’ Federal Bureau of Investigation (FBI) has carried out a court-approved operation to “copy and remove” malicious web shells from hundreds of systems across the US that were compromised through the mass exploitation of zero-day flaws in Microsoft Exchange … More Authorities remove web shells from compromised Exchange servers