Tag: powershell

What exactly is a file-less malware attack and how could it affect your business?

September 5, 2019

File-less malware attacks leave little trace, which makes them all the more threatening. A file-less malware attack doesn’t even need to install software on a victim’s machine and is instead based on an attacker taking control of something already installed on your computer. A file-less malware attack often latches onto a built-in component of Windows … More What exactly is a file-less malware attack and how could it affect your business?

A dive into Turla PowerShell usage

May 31, 2019

ESET researchers analyze new TTPs attributed to the Turla group that leverage PowerShell to run malware in-memory only. Turla, also known as Snake, is an infamous espionage group recognized for its complex malware. To confound detection, its operators recently started using PowerShell scripts that provide direct, in-memory loading and execution of malware executables and libraries. … More A dive into Turla PowerShell usage

Turla LightNeuron: An email too far

May 8, 2019

ESET research uncovers Microsoft Exchange malware remotely controlled via steganographic PDF and JPG email attachments. Due to security improvements in operating systems, rootkit usage has been in constant decline for several years. As such, malware developers – especially those working in espionage groups – have been busy developing new stealthy userland malware. Recently, ESET researchers … More Turla LightNeuron: An email too far

Bug in EA’s Origin client left gamers open to attacks

April 23, 2019

The gaming company has rolled out a fix for the remote code execution vulnerability, so make sure you run the platform’s latest version. Electronic Arts (EA) has fixed a security flaw in the Windows version of its gaming client Origin that allowed attackers to remotely execute code on an affected computer. The vulnerability was discovered by … More Bug in EA’s Origin client left gamers open to attacks

DanaBot shifts its targeting to Europe, adds new features

September 21, 2018

ESET researchers have discovered new DanaBot campaigns targeting a number of European countries. Recently, we have spotted a surge in activity of DanaBot, a stealthy banking Trojan discovered earlier this year. The malware, first observed in campaigns targeting Australia and later Poland, has apparently expanded further, with campaigns popping up in Italy, Germany, Austria, and … More DanaBot shifts its targeting to Europe, adds new features