You searched for ESET/ | SC Media

Your search for ESET/ returned 27 results

Active Filters

Click on a filter below to refine your search. Remove a filter to broaden your search.

Bradley Barth remove

Your search for ESET/ returned 27 results

Sort Results:

Relevant Recent
trojanhorse_1032765
Cybercrime, Finance, Malware, Security News

Fiendish Amavaldo banking trojan strikes in Mexico after targeting Brazilians

Researchers this year discovered a pair of malicious campaigns that attempted to distribute the recently discovered Amavaldo banking trojan to Brazilians and Mexicans, respectively. Amavaldo is one of 10 malware families that researchers at ESET’s lab in Prague are claiming to have discovered since 2017, when they first launched an in-depth investigation into Latin American…
Cryptocurrency, Cybercrime, Malware, Security News

Stantinko botnet’s monetization strategy shifts to cryptomining

The versatile Stantinko botnet that’s been targeting former Soviet nations since at least 2012 has added a Monero cryptomining module to its arsenal. Stantinko historically has perpetrated click fraud, ad injections, social network fraud and brute-force password stealing attacks, primarily targeting Russia, Ukraine, Belarus and Kazakhstan. But this latest module, discovered by researchers at ESET,…
APTs/cyberespionage, Cybercrime, Malware, Security News

‘LightNeuron’ backdoor receives secret commands via Microsoft Exchange email servers; Russian link suspected

Researchers have uncovered what they say is the very first malware to achieve persistence in Microsoft Exchange email servers, which allows attackers to secretly execute commands via malicious emails featuring attachments with hidden code. Dubbed LightNeuron, the furtive backdoor has been targeting Exchange servers since at least 2014, according to a blog post from ESET,…
APTs/cyberespionage, Cybercrime, Gaming, Malware, Security News

Major software vendor compromised with previously undocumented PortReuse backdoor

A thorough investigation into reputed Chinese APT actor Winnti Group turned up a previously undocumented backdoor that was used to compromise a popular Asian mobile hardware and software vendor — perhaps as a prelude to launching a major supply chain attack against its users. Dubbed PortReuse, the modular malware is a passive network implant that…
APTs/cyberespionage, Cybercrime, Malware, Security News

Clandestine ‘GreyEnergy’ APT group spawned from BlackEnergy, NotPetya actors

Researchers from ESET yesterday exposed a previously undisclosed threat group that descended from TeleBots, the APT group known for launching the BlackEnergy trojan and NotPetya attacks against Ukraine in recent years. Dubbed GreyEnergy, the actor is comparable to the BlackEnergy group (which later changed strategies and became known as TeleBots or Sandworm) in that it…
APTs/cyberespionage, Cybercrime, Malware, Security News

Ramsay spy framework built to subvert air-gapped defenses

Air-gapped networks aren’t easily compromised, but they don’t offer perfectly air-tight security either. Leveraging insider threats, infecting flash drives and other removable media, and conducting side-channel attacks are all techniques malicious actors can employ to spread malware to isolated systems. Indeed, researchers at ESET are reporting the discovery of a new cyber espionage framework designed…
IoT, Network Security, Security News, Vulnerabilities

Unpatched Amazon Echo and Kindle devices prone to KRACK attacks

Amazon.com Echo and Kindle devices were discovered last year to contain WPA/WPA2 protocol vulnerabilities that could potentially allow malicious actors to uncover keychains used to encrypt Wi-Fi traffic. The vulnerabilities, CVE-2017-13077 and CVE-2017-13078, are prone to Key Reinstallation Attacks (aka KRACK attacks), and were disclosed back in 2017 by a pair of Belgian researchers. In essence, they…
Cybercrime, Gaming, Malware, Security News

Skip-2.0 backdoor malware provides ‘magic password’ to access MSSQL accounts

Researchers today revealed their discovery of what they believe to be the first publicly documented case of a backdoor targeting Microsoft SQL Server (MSSQL) databases – attributing the malware to the threat actor Winnti Group. Dubbed “skip-2.0,” the malware is installed in memory and provides attackers with a “magic password” that allows them to connect…
APTs/cyberespionage, Cybercrime, Malware, Security News

The lowdown on LoJax: Researchers detect a UEFI rootkit in the wild

The Russian APT group Sednit (aka Fancy Bear and APT28) is strongly suspected to be the culprit behind a new rootkit malware program that can survive on an infected machine even if the operating system is reinstalled and the hard drive is replaced. ESET researchers who discovered the rootkit say this is the first time…
APTs/cyberespionage, Cybercrime, Malware, Ransomware, Security News

Researchers: Backdoor malware connects NotPetya culprits to Industroyer attack against Ukraine’s grid

Researchers are pointing to a recently discovered malicious backdoor as a key piece of evidence that apparently links the actors who launched the 2017 NotPetya ransomware attacks with the malicious hackers who disrupted Ukraine’s power grid the year before. The finding potentially helps to confirm ongoing suspicions among cyber experts that these notorious cyber incidents…
Next post in APTs/cyberespionage