Award-winning news, views, and insight from the ESET security community
Ukraine Crisis – Digital Security Resource Center
Sandworm uses a new version of ArguePatch to attack targets in Ukraine
ESET researchers spot an updated version of the malware loader used in the Industroyer2 and CaddyWiper attacks
Editor • 20 May 2022
ESET Research
A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity
ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET.
Alexandre Côté Cyr and Matthieu Faou • 27 Apr 2022
When "secure" isn't secure at all: High-impact UEFI vulnerabilities discovered in Lenovo consumer laptops
ESET researchers discover multiple vulnerabilities in various Lenovo laptop models that allow an attacker with admin privileges to expose the user to firmware-level malware
Martin Smolár • 19 Apr 2022
ESET takes part in global operation to disrupt Zloader botnets
ESET researchers provided technical analysis, statistical information, and known command and control server domain names and IP addresses
Jean-Ian Boutin and Tomáš Procházka • 13 Apr 2022
ESET Research, Critical Infrastructure, Ukraine Crisis – Digital Security Resource Center
Industroyer2: Industroyer reloaded
This ICS-capable malware targets a Ukrainian energy company
ESET Research • 12 Apr 2022
Fake e-shops on the prowl for banking credentials using Android malware
ESET researchers analyzed three malicious applications targeting customers of eight Malaysian banks
Lukas Stefanko • 06 Apr 2022
Under the hood of Wslink’s multilayered virtual machine
ESET researchers describe the structure of the virtual machine used in samples of Wslink and suggest a possible approach to see through its obfuscation techniques
Vladislav Hrčka • 28 Mar 2022
Crypto malware in patched wallets targeting Android and iOS devices
ESET Research uncovers a sophisticated scheme that distributes trojanized Android and iOS apps posing as popular cryptocurrency wallets
Lukas Stefanko • 24 Mar 2022
Mustang Panda’s Hodur: Old tricks, new Korplug variant
ESET researchers have discovered Hodur, a previously undocumented Korplug variant spread by Mustang Panda, that uses phishing lures referencing current events in Europe, including the invasion of Ukraine
Alexandre Côté Cyr • 23 Mar 2022