(eset):research;

Research has been at the core of ESET and its technology since the company's inception. The journey began in 1987, when ESET co-founders Miroslav Trnka and Peter Paško uncovered one of the world's first computer viruses, which they named "Vienna" and wrote a program to detect it. Many other discoveries quickly followed.

More than 30 years later, ESET remains at the forefront of cybersecurity research, operating 13 R&D centers across the world that analyze, monitor and anticipate new threats. In recent years alone, ESET researchers have made a number of significant discoveries that shed light on various malicious campaigns orchestrated by the world’s most advanced threat actors. They have also identified multiple high-impact vulnerabilities in third-party products and services.

Over the years, ESET’s experts have assisted law enforcement with disruptions of several notorious cybercrime operations. They also frequently present at leading industry conferences and are among the most referenced contributors to the MITRE ATT&CK® knowledge base of adversary tactics and techniques.

@ESETresearch | ESET GitHub | ESET Coordinated Vulnerability Disclosure Policy


2244 articles

ESET Research

UEFI threats moving to the ESP: Introducing ESPecter bootkit

UEFI threats moving to the ESP: Introducing ESPecter bootkit

ESET Research

UEFI threats moving to the ESP: Introducing ESPecter bootkit

ESET research discovers a previously undocumented UEFI bootkit with roots going back all the way to at least 2012

Martin Smolár and Anton Cherepanov05 Oct 2021


Threat Reports, ESET Research

ESET Threat Report T2 2021

ESET Threat Report T2 2021

Threat Reports, ESET Research

ESET Threat Report T2 2021

A view of the T2 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

Roman Kováč30 Sep 2021


ESET Research

FamousSparrow: A suspicious hotel guest

FamousSparrow: A suspicious hotel guest

ESET Research

FamousSparrow: A suspicious hotel guest

Yet another APT group that exploited the ProxyLogon vulnerability in March 2021

Tahseen Bin Taj and Matthieu Faou23 Sep 2021


ESET Research

Numando: Count once, code twice

Numando: Count once, code twice

ESET Research

Numando: Count once, code twice

The (probably) penultimate post in our occasional series demystifying Latin American banking trojans.

ESET Research17 Sep 2021


ESET Research

BladeHawk group: Android espionage against Kurdish ethnic group

BladeHawk group: Android espionage against Kurdish ethnic group

ESET Research

BladeHawk group: Android espionage against Kurdish ethnic group

ESET researchers have investigated a mobile espionage campaign that targets the Kurdish ethnic group and has been active since at least March 2020

Lukas Stefanko07 Sep 2021


COVID-19, ESET Research

Flaw in the Quebec vaccine passport: analysis

Flaw in the Quebec vaccine passport: analysis

COVID-19, ESET Research

Flaw in the Quebec vaccine passport: analysis

ESET cybersecurity expert Marc-Étienne Léveillé analyses in-depth the Quebec vaccine proof apps VaxiCode and VaxiCode Verif.

Marc-Etienne M.Léveillé31 Aug 2021


The SideWalk may be as dangerous as the CROSSWALK

The SideWalk may be as dangerous as the CROSSWALK

The SideWalk may be as dangerous as the CROSSWALK

Meet SparklingGoblin, a member of the Winnti family

Thibaut Passilly and Mathieu Tartare24 Aug 2021


ESET Research

IISerpent: Malware-driven SEO fraud as a service

IISerpent: Malware-driven SEO fraud as a service

ESET Research

IISerpent: Malware-driven SEO fraud as a service

The last in our series on IIS threats introduces a malicious IIS extension used to manipulate page rankings for third-party websites

Zuzana Hromcová11 Aug 2021


ESET Research

IISpy: A complex server-side backdoor with anti-forensic features

IISpy: A complex server-side backdoor with anti-forensic features

ESET Research

IISpy: A complex server-side backdoor with anti-forensic features

The second in our series on IIS threats dissects a malicious IIS extension that employs nifty tricks in an attempt to secure long-term espionage on the compromised servers

Zuzana Hromcová09 Aug 2021