New ESET white paper released describing updates to the malware arsenal and campaigns of this group known for its supply-chain attacks. Today, ESET Research releases a white paper updating our understanding of the Winnti Group. Last March, ESET researchers warned about a new supply-chain attack targeting video game developers in Asia. Following that publication, we continued … More Connecting the dots: Exposing the arsenal and methods of the Winnti Group
Do you know how attacks on national critical systems could also represent a threat to your business? The concept that cyber criminals can take out power grids or disrupt transport networks may once have been a movie script rather than news headlines. Yet in the last few years we’ve seen continued attacks on power grids … More How can critical infrastructure be targeted by malware?
ESET experts describe how they trained a machine-learning model to recognize a handful of unwanted UEFI components within a flood of millions of harmless samples. UEFI (Unified Extensible Firmware Interface) security has been a hot topic for the past few years, but, due to various limitations, very little UEFI-based malware has been found in the … More Needles in a haystack: Picking unwanted UEFI components out of millions of samples
Número dois in our series demystifying Latin American banking trojans. Most reverse engineers would agree that quite often one can learn something new on the job. However, it is not every day you learn how to cook a delicious meal while analyzing malware. This unique experience is provided by a malware family we discuss in … More Casbaneiro: Dangerous cooking with a secret ingredient
The incidents send medical staff back to the days of pen and paper. Several hospitals in the United States and Australia have been paralyzed by ransomware attacks, leading to the cancellation of all but the most urgent appointments and surgeries. In the US, the outbreak affected three Alabama-based healthcare providers – DCH Regional Medical Center, … More Hospitals in US, Australia hobbled by ransomware
ESET researchers describe the latest components used in a recent Sednit campaign. While summer is usually synonymous with vacations, it seems that the Sednit group has been developing new components to add to the Zebrocy malware family. The Sednit group – also known as APT28, Fancy Bear, Sofacy or STRONTIUM – has been operating since … More No summer vacations for Zebrocy
ESET Ireland warning about scammers claiming they’ll release videos of victims watching illegal pornography unless paid 5000 GBP in Bitcoin. ESET Ireland has registered several related emails being sent to Irish mailboxes, threatening recipients with releasing videos of them watching illegal pornography online, unless they immediately pay the blackmailers 5000 GBP (5,611 EUR) in Bitcoin. The … More Email sextortion scam, claiming victim’s paedophilia links, hits Irish mailboxes