🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

In July, #ESETresearch reported on macOS spyware we dubbed CloudMensis. In the blogpost, we left the malware unattributed. However, further analysis showed similarities with a Windows malware called #RokRAT, a #ScarCruft tool. Marc-Etienne M.Léveillé, Peter Kálnai 1/9 x.com/ESETresearch/s…

#ESETresearch is happy to be back at Virus Bulletin in person! Today, Robert Lipovsky presented research by Matias Porolli about #POLONIUM’s new implants deployed against targets in Israel 🇮🇱 #VB2022 virusbulletin.com/conference/vb2… 1/2

#ESETresearch has discovered #Lazarus attacks against targets in 🇳🇱 and 🇧🇪, spreading via spearphishing emails and exploiting the CVE-2021-21551 vulnerability to disable the monitoring of all security solutions on compromised machines Peter Kálnai welivesecurity.com/2022/09/30/ama…

#ESETresearch reveals new findings about POLONIUM, an APT group that has targeted more than a dozen organizations in Israel 🇮🇱 since at least September 2021, using at least seven different custom backdoors. welivesecurity.com/2022/10/11/pol… 1/6

Today's newsletter is now available as a podcast, with an appearance today from ESET's Robert Lipovsky and the company's work on tracking Polonium APT campaigns in Israel risky.biz/RBNEWS67/

#Emotet’s operators were busy updating their systeminfo module, with changes that enable malware operators to improve the targeting of specific victims and distinguish tracking bots from real users. #ESETresearch 1/7

#ESETesearch discovered Dolphin, a sophisticated backdoor extending the arsenal of the #ScarCruft APT group. Dolphin has a wide range of spying capabilities and is deployed on selected targets only. welivesecurity.com/2022/11/30/who… 1/6

#BREAKING On January 25th #ESETResearch discovered a new cyberattack in 🇺🇦 Ukraine. Attackers deployed a new wiper we named #SwiftSlicer using Active Directory Group Policy. The #SwiftSlicer wiper is written in Go programing language. We attribute this attack to #Sandworm. 1/3

Ahead of the 1 year anniversary of the war in Ukraine, WIRED’s Andy Greenberg (@agreenberg at the other places) featured ESET researchers Anton Cherepanov & @Robert_lipovsky in a story highlighting the increasing threat of wiper malware & its devastating impact on critical infrastructure. bit.ly/3XRUjoO

Today, we mark the one year anniversary of Russia's unprovoked invasion of #Ukraine 🇺🇦. #ESETResearch has put together a timeline of the disruptive wiper attacks we have observed in Ukraine since the beginning of 2022, shortly before the war started. welivesecurity.com/2023/02/24/yea…

#ESETResearch analyze first in-the-wild UEFI bootkit bypassing UEFI Secure Boot even on fully updated Windows 11 systems. Its functionality indicates it is the #BlackLotus UEFI bootkit, for sale on hacking forums since at least Oct 6, 2022. Martin Smolar welivesecurity.com/2023/03/01/bla… 1/11

ESET Research took a closer look at #AceCryptor, a massively prevalent cryptor-as-a-service using its multistage approach to protect tens of malware families from static and dynamic detection. In 2021–2022 alone, ESET telemetry documented its activity in over 80,000 cases. 1/10

#ESETResearch publishes new findings about #AsylumAmbuscade, a threat actor at the border between cybercrime and cyberespionage. welivesecurity.com/2023/06/08/asy… 1/4

#ESETresearch will present at Black Hat USA 2023. On August 10th, __mat__ will talk about #MoustachedBouncer: AitM-Powered Surveillance via Belarus ISPs 🇧🇾 #BHUSA #BlackHat Stay tuned!

#ESETresearch’s Filip Jurčacko and Zuzana Hromcova will be presenting at LABScon this week. Join them in Arizona to hear about #Deadglyph, a new, sophisticated backdoor active in the Middle East, and #OilRig’s persistent attacks on Israeli healthcare & local governments. 1/2

#ESETresearch document two #OilRig cyberespionage campaigns targeting Israeli organizations in 2021 and 2022: Outer Space and Juicy Mix welivesecurity.com/en/eset-resear… Zuzana Hromcova 1/5

#ESETresearch discovered a #cyberespionage campaign against a governmental entity in 🇬🇾 Guyana, which we named #Operation Jacana. To gain initial access, the attackers used #spearphishing emails referencing the political affairs of the country. welivesecurity.com/en/eset-resear… 1/4

#ESETResearch discovered a zero-day XSS vulnerability (#CVE-2023-5631) in Roundcube Webmail servers. It is actively used in the wild by #WinterVivern to target governments and a think tank in Europe. The exploit was contained in a legitimate-looking email about Outlook. 1/4

This Thursday at #CYBERWARCON I'll give an update on Sandworm's cybersabotage and Gamaredon's espionage. Come say hi! ESET Research CYBERWARCON

New today from Mandiant (part of Google Cloud) detailing a new class of cyber physical attack from Sandworm to disrupt Ukraine's grid This attack departs from the group’s history of using OT-specific malware, instead opting for a harder to detect living off the land approach mandiant.com/resources/blog…