(eset):research;

Research has been at the core of ESET and its technology since the company's inception. The journey began in 1987, when ESET co-founders Miroslav Trnka and Peter Paško uncovered one of the world's first computer viruses, which they named "Vienna" and wrote a program to detect it. Many other discoveries quickly followed.

More than 30 years later, ESET remains at the forefront of cybersecurity research, operating 13 R&D centers across the world that analyze, monitor and anticipate new threats. In recent years alone, ESET researchers have made a number of significant discoveries that shed light on various malicious campaigns orchestrated by the world’s most advanced threat actors. They have also identified multiple high-impact vulnerabilities in third-party products and services.

Over the years, ESET’s experts have assisted law enforcement with disruptions of several notorious cybercrime operations. They also frequently present at leading industry conferences and are among the most referenced contributors to the MITRE ATT&CK® knowledge base of adversary tactics and techniques.

@ESETresearch | ESET GitHub | ESET Coordinated Vulnerability Disclosure Policy

Blogposts White Papers Threat Reports
2230 articles

ESET Research

The Evolution of Webinject

The Evolution of Webinject

ESET Research

The Evolution of Webinject

Last month, we presented “The Evolution of Webinject” in Seattle at the 24th Virus Bulletin conference. This blog post will go over its key findings and provide links to the various material that has been released in the last few weeks.

Jean-Ian Boutin23 Oct 2014

ESET Research

Operation Windigo: "Good job, ESET!" says malware author

Operation Windigo: "Good job, ESET!" says malware author

ESET Research

Operation Windigo: "Good job, ESET!" says malware author

Following the recognition at Virus Bulletin 2014 of ESET’s research on Operation Windigo, I took the opportunity to ask Marc-Etienne Léveillé – who worked directly on the Operation Windigo report a few questions. Marc-Etienne is a malware researcher at ESET.

Olivier Bilodeau15 Oct 2014

Cybercrime

CVE-2014-4114: Details on August BlackEnergy PowerPoint Campaigns

CVE-2014-4114: Details on August BlackEnergy PowerPoint Campaigns

Cybercrime

CVE-2014-4114: Details on August BlackEnergy PowerPoint Campaigns

In this post we provide additional information on how a specially crafted PowerPoint slideshow file (.PPSX) led to the execution of a BlackEnergy dropper.

Robert Lipovsky14 Oct 2014

ESET Research

Sednit espionage group now using custom exploit kit

Sednit espionage group now using custom exploit kit

ESET Research

Sednit espionage group now using custom exploit kit

For at least five years the Sednit group has been relentlessly attacking various institutions, most notably in Eastern Europe. The group used several advanced pieces of malware for these targeted attacks, in particular the one we named Win32/Sednit, also known as Sofacy.

ESET Research08 Oct 2014

Video

How to keep your child safe on YouTube

How to keep your child safe on YouTube

Video

How to keep your child safe on YouTube

YouTube is one of the most popular websites in the world, but can expose younger viewers to inappropriate content. By following these 5 precautionary measures you can keep your child safe from any content that may be unsuitable.

Editor02 Oct 2014

Video

Should I worry about my connected devices?

Should I worry about my connected devices?

Video

Should I worry about my connected devices?

There could be many benefits of having a connected household, but connecting your appliances to the internet could also put them at risk of being hacked. We provide some useful tips to make sure all of your connected devices are protected.

Editor02 Oct 2014

Bootkits, Windigo, and Virus Bulletin

Bootkits, Windigo, and Virus Bulletin

Bootkits, Windigo, and Virus Bulletin

ESET research on Operation Windigo received an award at Virus Bulletin 2014. Our research on bootkits was also well received, and is now available publicly.

David Harley30 Sep 2014

How To

How to fix Shellshock Bash on Mac OS X: Mavericks edition

How to fix Shellshock Bash on Mac OS X: Mavericks edition

How To

How to fix Shellshock Bash on Mac OS X: Mavericks edition

Apple Mac OS X users concerned about the Bash vulnerability dubbed Shellshock got some relief late yesterday as Apple published fixes for various versions of OS X. But if you use Mavericks you will need to install 10.9.5 before the Bash fix will work.

Stephen Cobb30 Sep 2014

How to resolve Shellshock on Mac OS X, web servers and more

How to resolve Shellshock on Mac OS X, web servers and more

How to resolve Shellshock on Mac OS X, web servers and more

The "Bash Bug" or "Shellshock" vulnerability means a wide range of devices, servers and computers, including Mac OS X, will need to be patched to prevent abuse by malicious persons. Here's advice about what to do and links to more in-depth resources.

Stephen Cobb25 Sep 2014