Five ways to strengthen employee cybersecurity awareness

How can organizations foster a workplace environment that enables employees to acquire the skills needed to keep cyber-threats at bay? Since human error has a well-documented history of causing many breaches, no organization can afford to overlook the importance of ensuring that its employees are aware of online dangers. This is mainly why the first instalment in our … More Five ways to strengthen employee cybersecurity awareness

Tracking down the developer of Android adware affecting millions of users

ESET researchers discovered a year-long adware campaign on Google Play and tracked down its operator. The apps involved, installed eight million times, use several tricks for stealth and persistence. We detected a large adware campaign running for about a year, with the involved apps installed eight million times from Google Play alone. We identified 42 … More Tracking down the developer of Android adware affecting millions of users

Smart cities must be cyber‑smart cities

As cities turn to IoT to address long-standing urban problems, what are the risks of leaving cybersecurity behind at the planning phase? You’ve probably heard the term “smart cities” – that is, the idea that extensive use of Information and Communications Technology (ICT) to monitor energy, utilities and transportation infrastructure can lead to cost savings, … More Smart cities must be cyber‑smart cities

Connecting the dots: Exposing the arsenal and methods of the Winnti Group

New ESET white paper released describing updates to the malware arsenal and campaigns of this group known for its supply-chain attacks. Today, ESET Research releases a white paper updating our understanding of the Winnti Group. Last March, ESET researchers warned about a new supply-chain attack targeting video game developers in Asia. Following that publication, we continued … More Connecting the dots: Exposing the arsenal and methods of the Winnti Group

How can critical infrastructure be targeted by malware?

Do you know how attacks on national critical systems could also represent a threat to your business? The concept that cyber criminals can take out power grids or disrupt transport networks may once have been a movie script rather than news headlines. Yet in the last few years we’ve seen continued attacks on power grids … More How can critical infrastructure be targeted by malware?

Needles in a haystack: Picking unwanted UEFI components out of millions of samples

ESET experts describe how they trained a machine-learning model to recognize a handful of unwanted UEFI components within a flood of millions of harmless samples. UEFI (Unified Extensible Firmware Interface) security has been a hot topic for the past few years, but, due to various limitations, very little UEFI-based malware has been found in the … More Needles in a haystack: Picking unwanted UEFI components out of millions of samples

Casbaneiro: Dangerous cooking with a secret ingredient

Número dois in our series demystifying Latin American banking trojans. Most reverse engineers would agree that quite often one can learn something new on the job. However, it is not every day you learn how to cook a delicious meal while analyzing malware. This unique experience is provided by a malware family we discuss in … More Casbaneiro: Dangerous cooking with a secret ingredient