Tag: APT

ESET releases latest Q2 2024–Q3 2024 APT report: APT groups expand targeting and diplomatic espionage

November 7, 2024

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2024 and Q3 2024. ESET APT Activity Report Q2 2024–Q3 2024 summarizes notable activities of selected advanced persistent threat (APT) groups that were documented by ESET researchers from April 2024 until the end of September 2024. The highlighted … More ESET releases latest Q2 2024–Q3 2024 APT report: APT groups expand targeting and diplomatic espionage

ESET Research: GoldenJackal APT group, with air-gap-capable tools, targets systems in Europe to steal confidential data

October 8, 2024

ESET researchers have discovered a series of attacks that took place in Europe from May 2022 to March 2024, where the attackers used a toolset capable of targeting air-gapped systems, in a governmental organization of a European Union country. ESET attributes the campaign to GoldenJackal, a cyberespionage APT group that targets government and diplomatic entities. … More ESET Research: GoldenJackal APT group, with air-gap-capable tools, targets systems in Europe to steal confidential data

The complexities of attack attribution

October 7, 2024

Attributing a cyberattack to a specific threat actor is a complex affair, as evidenced by new ESET research published recently. Attributing a cyberattack to a specific threat actor is no easy task, as highlighted by new ESET research published this week. ESET experts recently uncovered a new APT group that they named CeranaKeeper and that … More The complexities of attack attribution

ESET Research discovers new government-attacking APT group

October 2, 2024

ESET researchers have discovered several targeted campaigns against governmental institutions in Thailand, starting in 2023, where massive amounts of data have been exfiltrated. The campaigns misused legitimate file-sharing services such as Dropbox, PixelDrain, GitHub, and OneDrive in the process. Based on the findings, ESET researchers decided to track this activity cluster as the work of … More ESET Research discovers new government-attacking APT group

ESET Research: Spy group exploits WPS Office zero day; analysis uncovers a second vulnerability

August 30, 2024

ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). The vulnerability was being exploited by APT-C-60, allegedly a South Korea-aligned cyberespionage group, to target East Asian countries. When examining the root cause, ESET discovered another way to exploit the faulty code (CVE-2924-7263). Following a coordinated disclosure process, both vulnerabilities are … More ESET Research: Spy group exploits WPS Office zero day; analysis uncovers a second vulnerability