Emotet launches major new spam campaign

The recent spike in Emotet activity shows that it remains an active threat. A week after adding a new email content harvesting module, and following a period of low activity, the malicious actors behind Emotet have launched a new, large-scale spam campaign. What is Emotet? Emotet is a banking Trojan family notorious for its modular architecture, … More Emotet launches major new spam campaign

PowerPool malware exploits ALPC LPE zero-day vulnerability

Malware from newly uncovered group PowerPool exploits zero-day vulnerability in the wild, only two days after its disclosure. On August 27, 2018, a so-called zero-day vulnerability affecting Microsoft Windows was published on GitHub and publicized via a rather acerbic tweet. It seems obvious that this was not part of a coordinated vulnerability disclosure and there was no … More PowerPool malware exploits ALPC LPE zero-day vulnerability

Trends 2018: Doing time for cybercrime

Law enforcement and malware research join forces to take down cybercriminals. The primary purpose of malware analysis is to determine how a given piece of malware works, extract IOCs (Indicators of Compromise) and determine potential countermeasures. This work is almost purely technical in nature: it focuses on binary files and their properties. Results from malware analysis are … More Trends 2018: Doing time for cybercrime

System update headaches? ESET is the cure

On average, people have more than 50 software applications on their Windows computers.1 Combine this with your mobile device apps and alternative operating systems, and you could end up spending all of your time updating applications or fixing update issues. How to handle the headaches associated with keeping your devices up to date? Let ESET … More System update headaches? ESET is the cure

Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign

D-Link and Changing Information Technologies code-signing certificates stolen and abused by highly skilled cyberespionage group focused on East Asia, particularly Taiwan. ESET researchers have discovered a new malware campaign misusing stolen digital certificates. We spotted this malware campaign when our systems marked several files as suspicious. Interestingly, the flagged files were digitally signed using a valid … More Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign