More signs that MSPs must master cybersecurity

Is it worth evolving to become a Managed Security and Service Provider (MSSP)?  The business case seems clear for MSP cybersecurity mastery, but how do you tell when an idea’s time has come? Well, if the volume of stories about Managed Service Providers (MSPs) facing increasingly advanced security threats is any indication, then the time … More More signs that MSPs must master cybersecurity

ICAO victim of a major cyberattack in 2016

The organization was the victim of a water-hole attack, likely attributable to the APT LuckyMouse group. The International Civil Aviation Organization (ICAO) was a victim of a large-scale cyberattack back in 2016. Indeed, in November of that year, a cyber-intelligence analyst at Lockheed Martin contacted the international organization after finding that cybercriminals took control of … More ICAO victim of a major cyberattack in 2016

2018: Research highlights from ESET’s leading lights

As the curtain slowly falls on yet another eventful year in cybersecurity, let’s look back on some of the finest malware analysis by ESET researchers in 2018. If you never got the chance to read this year’s investigations by ESET researchers into some of the most dangerous hacker shenanigans in recent years, or if you … More 2018: Research highlights from ESET’s leading lights

GreyEnergy: Updated arsenal of one of the most dangerous threat actors

ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks. Recent ESET research has uncovered details of the successor of the BlackEnergy APT group, whose main toolset was last seen in December 2015 during the first-ever blackout caused by a cyberattack. Around the time … More GreyEnergy: Updated arsenal of one of the most dangerous threat actors

LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group

ESET researchers have shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe. UEFI rootkits are widely viewed as extremely dangerous tools for implementing cyberattacks, as they are hard to detect and able to survive security … More LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group

Turla: In and out of its unique Outlook backdoor

The latest ESET research offers a rare glimpse into the mechanics of a particularly stealthy and resilient backdoor that the Turla cyberespionage group can fully control via PDF files attached to emails. ESET researchers have investigated a distinctive backdoor used by the notorious Advanced Persistent Threat (APT) group known as Turla (or Snake, or Uroburos) to siphon … More Turla: In and out of its unique Outlook backdoor

OceanLotus ships new backdoor using old tricks

ESET researchers have dissected some of the latest additions to the malicious toolkit of the Advanced Persistent Threat (APT) group known as OceanLotus, also dubbed APT32 and APT-C-00. A prolific purveyor of malware, OceanLotus has its sights set on high-profile corporate and government targets in Southeast Asia, particularly in Vietnam, the Philippines, Laos, and Cambodia. … More OceanLotus ships new backdoor using old tricks