ESET researchers analyze new TTPs attributed to the Turla group that leverage PowerShell to run malware in-memory only. Turla, also known as Snake, is an infamous espionage group recognized for its complex malware. To confound detection, its operators recently started using PowerShell scripts that provide direct, in-memory loading and execution of malware executables and libraries. … More A dive into Turla PowerShell usage
As San Francisco moves to regulate the use of facial recognition systems, we reflect on some of the many ‘faces’ of the fast-growing technology. Last week, San Francisco became the first city in the United States to ban the use of facial recognition technology, at least by law enforcement, local agencies, and the city’s transport … More What the ban on facial recognition tech will – and will not – do
Attack attempts involving the USA’s National Security Agency’s exploit are in hundreds of thousands daily. It has been two years since EternalBlue opened the door to one of the nastiest ransomware outbreaks in history, known as WannaCryptor (or WannaCry). Since the now-infamous malware incident, attempts to use the exploit have only been growing in prevalence. Currently … More NSA’s EternalBlue exploit reaching new heights since WannaCryptor outbreak
The latest ESET research offers a rare glimpse into the mechanics of a particularly stealthy and resilient backdoor that the Turla cyberespionage group can fully control via PDF files attached to emails. ESET researchers have investigated a distinctive backdoor used by the notorious Advanced Persistent Threat (APT) group known as Turla (or Snake, or Uroburos) to siphon … More Turla: In and out of its unique Outlook backdoor
ESET researchers have analysed remote access tools cybercriminals have been using in an ongoing campaign to systematically exfiltrate data from Ukrainian systems. In this blogpost, we will sum up the findings published in full in our white paper “Quasar, Sobaken and Vermin: A deeper look into an ongoing espionage campaign”. The attackers behind the campaign … More A deep dive down the Vermin RAThole
ESET Ireland 