Award-winning news, views, and insight from the ESET security community
ESET Research
Numando: Count once, code twice
The (probably) penultimate post in our occasional series demystifying Latin American banking trojans.
ESET Research • 17 Sep 2021
BladeHawk group: Android espionage against Kurdish ethnic group
ESET researchers have investigated a mobile espionage campaign that targets the Kurdish ethnic group and has been active since at least March 2020
Lukas Stefanko • 07 Sep 2021
COVID-19, ESET Research
Flaw in the Quebec vaccine passport: analysis
ESET cybersecurity expert Marc-Étienne Léveillé analyses in-depth the Quebec vaccine proof apps VaxiCode and VaxiCode Verif.
Marc-Etienne M.Léveillé • 31 Aug 2021
The SideWalk may be as dangerous as the CROSSWALK
Meet SparklingGoblin, a member of the Winnti family
Thibaut Passilly and Mathieu Tartare • 24 Aug 2021
IISerpent: Malware-driven SEO fraud as a service
The last in our series on IIS threats introduces a malicious IIS extension used to manipulate page rankings for third-party websites
Zuzana Hromcová • 11 Aug 2021
IISpy: A complex server-side backdoor with anti-forensic features
The second in our series on IIS threats dissects a malicious IIS extension that employs nifty tricks in an attempt to secure long-term espionage on the compromised servers
Zuzana Hromcová • 09 Aug 2021
IIStealer: A server-side threat to e-commerce transactions
The first in our series on IIS threats looks at a malicious IIS extension that intercepts server transactions to steal credit card information
Zuzana Hromcová • 06 Aug 2021
Anatomy of native IIS malware
ESET researchers publish a white paper putting IIS web server threats under the microscope
Zuzana Hromcová and Anton Cherepanov • 06 Aug 2021
ESET Research, Mobile Security
Some URL shortener services distribute Android malware, including banking or SMS trojans
On iOS we have seen link shortener services pushing spam calendar files to victims’ devices.
Lukas Stefanko • 20 Jul 2021