ESET researchers analyze new TTPs attributed to the Turla group that leverage PowerShell to run malware in-memory only. Turla, also known as Snake, is an infamous espionage group recognized for its complex malware. To confound detection, its operators recently started using PowerShell scripts that provide direct, in-memory loading and execution of malware executables and libraries. … More A dive into Turla PowerShell usage
Criminals used my account to launder credit card transactions into cash, at least where the company transacted with was willing to refund. Last week I received a notification from Bank of America advising that my credit card may have been part of a compromise at an undisclosed merchant. The email does mention that there may … More The aftermath of a data breach: A personal story
ESET researchers have just concluded their analysis of fake cryptocurrency wallets that emerged on Google Play at the time of bitcoin’s renewed spike in value. This month has seen bitcoin growing, with its price climbing to its highest point since September 2018. Not surprisingly, cybercriminals were quick to notice this development and started upping their … More ESET discovers new fake cryptocurrency apps on Google Play able to phish and scam users out of cryptocurrency
ESET sheds light on commands used by the favorite backdoor of the Sednit group. What happens when a victim is compromised by a backdoor and the operator is controlling it? It’s a difficult question that is not possible to answer entirely by reverse engineering the code. In this article we will analyze commands sent by … More A journey to Zebrocy land
What you need to know about the critical security hole that could enable the next WannaCryptor. Remember the panic that hit organizations around the world on May 12th, 2017 when machine after machine displayed the WannaCryptor ransom screen? Well, we might have a similar incident on our hands in the coming days, weeks or months … More Patch now! Why the BlueKeep vulnerability is a big deal
ESET Ireland 