What the ban on facial recognition tech will – and will not – do

As San Francisco moves to regulate the use of facial recognition systems, we reflect on some of the many ‘faces’ of the fast-growing technology. Last week, San Francisco became the first city in the United States to ban the use of facial recognition technology, at least by law enforcement, local agencies, and the city’s transport … More What the ban on facial recognition tech will – and will not – do

NSA’s EternalBlue exploit reaching new heights since WannaCryptor outbreak

Attack attempts involving the USA’s National Security Agency’s exploit are in hundreds of thousands daily. It has been two years since EternalBlue opened the door to one of the nastiest ransomware outbreaks in history, known as WannaCryptor (or WannaCry). Since the now-infamous malware incident, attempts to use the exploit have only been growing in prevalence. Currently … More NSA’s EternalBlue exploit reaching new heights since WannaCryptor outbreak

Turla: In and out of its unique Outlook backdoor

The latest ESET research offers a rare glimpse into the mechanics of a particularly stealthy and resilient backdoor that the Turla cyberespionage group can fully control via PDF files attached to emails. ESET researchers have investigated a distinctive backdoor used by the notorious Advanced Persistent Threat (APT) group known as Turla (or Snake, or Uroburos) to siphon … More Turla: In and out of its unique Outlook backdoor

A deep dive down the Vermin RAThole

ESET researchers have analysed remote access tools cybercriminals have been using in an ongoing campaign to systematically exfiltrate data from Ukrainian systems. In this blogpost, we will sum up the findings published in full in our white paper “Quasar, Sobaken and Vermin: A deeper look into an ongoing espionage campaign”. The attackers behind the campaign … More A deep dive down the Vermin RAThole

Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign

D-Link and Changing Information Technologies code-signing certificates stolen and abused by highly skilled cyberespionage group focused on East Asia, particularly Taiwan. ESET researchers have discovered a new malware campaign misusing stolen digital certificates. We spotted this malware campaign when our systems marked several files as suspicious. Interestingly, the flagged files were digitally signed using a valid … More Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign

New FinFisher surveillance campaigns: Are internet providers involved?

New surveillance campaigns utilising FinFisher, infamous spyware known also as FinSpy and sold to governments and their agencies worldwide, are in the wild. Besides featuring technical improvements, some of these variants have been using a cunning, previously-unseen infection vector with strong indicators of major internet service provider (ISP) involvement. FinFisher has extensive spying capabilities, such as … More New FinFisher surveillance campaigns: Are internet providers involved?

New ESET research uncovers Gazer, the stealthy backdoor that spies on embassies

Security researchers at ESET have released new research today into the activities of the notorious Turla cyberespionage group, and specifically a previously undocumented backdoor that has been used to spy on consulates and embassies worldwide. ESET’s research team are the first in the world to document the advanced backdoor malware, which they have named “Gazer”, despite evidence that … More New ESET research uncovers Gazer, the stealthy backdoor that spies on embassies