How Emotet is changing tactics in response to Microsoft’s tightening of Office macro security

Emotet malware is back with ferocious vigor, according to ESET telemetry in the first four months of 2022. Will it survive the ever-tightening controls on macro-enabled documents? One of the key findings from the ESET Threat Report T1 2022 is that the Emotet botnet has risen, Phoenix-like, from the ashes, pumping out vast amounts of spam in … More How Emotet is changing tactics in response to Microsoft’s tightening of Office macro security

New Windows on ARM64 device? ESET protects both at work and at play

After the successful launch of its business-oriented siblings, ESET has extended its latest technology to home users/consumers and stands ready to protect their Windows on Arm-based devices with our award-wining full-featured products. Our development teams put a lot of effort into reengineering ESET’s already mature security technology for ARM-powered devices, which are increasingly used in both … More New Windows on ARM64 device? ESET protects both at work and at play

Wslink: Unique and undocumented malicious loader that runs as a server

There are no code, functionality or operational similarities to suggest that this is a tool from a known threat actor. ESET researchers have discovered a unique and previously undocumented loader for Windows binaries that, unlike other such loaders, runs as a server and executes received modules in memory. A loader is malicious code (a program) … More Wslink: Unique and undocumented malicious loader that runs as a server

Microsoft thwarts record‑breaking DDoS attack

The attack, which clocked in at 2.4 Tbps, targeted one of Azure customers based in Europe. Microsoft has revealed that it thwarted a Distributed Denial-of-Service (DDoS) attack that clocked in at a whopping 2.4 terabytes per second (Tbps). The onslaught, which targeted an Azure customer in Europe, surpasses the previous record holder – a 2.3 Tbps … More Microsoft thwarts record‑breaking DDoS attack

ESET Research discovers ESPecter, a bootkit for cyberespionage

ESET researchers have discovered a previously undocumented real-world UEFI bootkit that persists on the EFI System Partition (ESP). The bootkit, which ESET has named ESPecter, can bypass Windows Driver Signature Enforcement to load its own unsigned driver, which facilitates its espionage activities. ESPecter is the second discovery of a UEFI bootkit persisting on the ESP … More ESET Research discovers ESPecter, a bootkit for cyberespionage