ESET Research


2246 articles

ESET Research

Worok: The big picture

Worok: The big picture

ESET Research

Worok: The big picture

Focused mostly on Asia, this new cyberespionage group uses undocumented tools, including steganographically extracting PowerShell payloads from PNG files

Thibaut Passilly06 Sep 2022


ESET Research

ESET Research Podcast: Hot security topics at RSA or mostly hype?

ESET Research Podcast: Hot security topics at RSA or mostly hype?

ESET Research

ESET Research Podcast: Hot security topics at RSA or mostly hype?

Listen to Cameron Camp, Juraj Jánošík, and Filip Mazán discuss the use of machine learning in cybersecurity, followed by Cameron’s insights into the security of medical devices

ESET Research20 Jul 2022


ESET Research

I see what you did there: A look at the CloudMensis macOS spyware

I see what you did there: A look at the CloudMensis macOS spyware

ESET Research

I see what you did there: A look at the CloudMensis macOS spyware

Previously unknown macOS malware uses cloud storage as its C&C channel and to exfiltrate documents, keystrokes, and screen captures from compromised Macs

Marc-Etienne M.Léveillé19 Jul 2022


Threat Reports

ESET Threat Report T1 2022

ESET Threat Report T1 2022

Threat Reports

ESET Threat Report T1 2022

A view of the T1 2022 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

Roman Kováč02 Jun 2022


ESET Research

ESET Research Podcast: UEFI in crosshairs of ESPecter bootkit

ESET Research Podcast: UEFI in crosshairs of ESPecter bootkit

ESET Research

ESET Research Podcast: UEFI in crosshairs of ESPecter bootkit

Listen to Aryeh Goretsky, Martin Smolár, and Jean-Ian Boutin discuss what UEFI threats are capable of and what the ESPecter bootkit tells us about their evolution

ESET Research26 May 2022


Ukraine Crisis – Digital Security Resource Center

Sandworm uses a new version of ArguePatch to attack targets in Ukraine

Sandworm uses a new version of ArguePatch to attack targets in Ukraine

Ukraine Crisis – Digital Security Resource Center

Sandworm uses a new version of ArguePatch to attack targets in Ukraine

ESET researchers spot an updated version of the malware loader used in the Industroyer2 and CaddyWiper attacks

Editor20 May 2022


ESET Research

A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

ESET Research

A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET.

Alexandre Côté Cyr and Matthieu Faou27 Apr 2022


ESET Research

When "secure" isn't secure at all: High-impact UEFI vulnerabilities discovered in Lenovo consumer laptops

When "secure" isn't secure at all: High-impact UEFI vulnerabilities discovered in Lenovo consumer laptops

ESET Research

When "secure" isn't secure at all: High-impact UEFI vulnerabilities discovered in Lenovo consumer laptops

ESET researchers discover multiple vulnerabilities in various Lenovo laptop models that allow an attacker with admin privileges to expose the user to firmware-level malware

Martin Smolár19 Apr 2022


ESET Research

ESET takes part in global operation to disrupt Zloader botnets

ESET takes part in global operation to disrupt Zloader botnets

ESET Research

ESET takes part in global operation to disrupt Zloader botnets

ESET researchers provided technical analysis, statistical information, and known command and control server domain names and IP addresses

Jean-Ian Boutin and Tomáš Procházka13 Apr 2022