ESET Research

After taking a look at recent Korplug (PlugX) detections, we identified two larger scale campaigns employing this well-known Remote Access Trojan. This blog gives an overview of the first one

Two Flash vulnerabilities that were fixed by Adobe 2 weeks ago are now being used in exploit kits. This is in addition to a third vulnerability, CVE-2014-0556, that was patched in September and that has also been added to Nuclear EK last week.

Last month, we presented “The Evolution of Webinject” in Seattle at the 24th Virus Bulletin conference. This blog post will go over its key findings and provide links to the various material that has been released in the last few weeks.

Following the recognition at Virus Bulletin 2014 of ESET’s research on Operation Windigo, I took the opportunity to ask Marc-Etienne Léveillé – who worked directly on the Operation Windigo report a few questions. Marc-Etienne is a malware researcher at ESET.

In this post we provide additional information on how a specially crafted PowerPoint slideshow file (.PPSX) led to the execution of a BlackEnergy dropper.

For at least five years the Sednit group has been relentlessly attacking various institutions, most notably in Eastern Europe. The group used several advanced pieces of malware for these targeted attacks, in particular the one we named Win32/Sednit, also known as Sofacy.

YouTube is one of the most popular websites in the world, but can expose younger viewers to inappropriate content. By following these 5 precautionary measures you can keep your child safe from any content that may be unsuitable.

There could be many benefits of having a connected household, but connecting your appliances to the internet could also put them at risk of being hacked. We provide some useful tips to make sure all of your connected devices are protected.

ESET research on Operation Windigo received an award at Virus Bulletin 2014. Our research on bootkits was also well received, and is now available publicly.