Cyber Security

0 Comments
Digital Security In today’s digitally interconnected world, advanced cyber capabilities have become an exceptionally potent and versatile tool of tradecraft for nation-states and criminals alike Andy Garth 29 Jan 2024  •  , 4 min. read For thousands of years, nations have engaged in espionage, spying on their neighbors, allies, and adversaries. Traditionally, this realm of
0 Comments
Video The previously unknown threat actor used the implant to target Chinese and Japanese companies, as well as individuals in China, Japan, and the UK 26 Jan 2024 This week, ESET researchers released their findings about an attack where a previously unknown threat actor deployed a sophisticated multistage implant, which ESET named NSPX30, through adversary-in-the-middle
0 Comments
ESET researchers provide an analysis of an attack carried out by a previously undisclosed China-aligned threat actor we have named Blackwood, and that we believe has been operating since at least 2018. The attackers deliver a sophisticated implant, which we named NSPX30, through adversary-in-the-middle (AitM) attacks hijacking update requests from legitimate software. Key points in
0 Comments
Video The job of a CISO is becoming increasingly stressful as cybersecurity chiefs face overwhelming workloads and growing concerns over personal liability for security failings 19 Jan 2024 The job of a chief information security officer (CISO) is becoming increasingly stressful, to the point that some security leaders are seeking out more peaceful career paths.
0 Comments
Steeped in AI and the security risks of its use, the 2023 SANS Holiday Hack Challenge was an enrichening experience of navigating a series of 21 objectives that tested and broadened multiple cybersecurity skills. The best challenges for me were hunting down AI hallucinations in a pentest report, escalating privileges on a Linux system, searching
0 Comments
Digital Security As we draw the curtain on another eventful year in cybersecurity, let’s review some of the high-profile cyber-incidents that occurred in 2023 Phil Muncaster 28 Dec 2023  •  , 5 min. read It’s been another monumental year in cybersecurity. Threat actors thrived against a backdrop of continued macroeconomic and geopolitical uncertainty, using all
0 Comments
ESET Research, Threat Reports A view of the H2 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts Jiří Kropáč 19 Dec 2023  •  , 2 min. read The second half of 2023 witnessed significant cybersecurity incidents. Cl0p, a notorious cybercriminal group known for carrying
0 Comments
ESET researchers analyzed a growing series of OilRig downloaders that the group has used in several campaigns throughout 2022, to maintain access to target organizations of special interest – all located in Israel. These lightweight downloaders, which we named SampleCheck5000 (SC5k v1-v3), OilCheck, ODAgent, and OilBooster, are notable for using one of several legitimate cloud
0 Comments
Cybercrime continues to grow rapidly; indeed, it is a highly lucrative global industry. Without accurately accounting for profits from cybercrime (1, 2), we are left looking at the staggering estimated cost of US$7.08 trillion in 2022 for reference. Measured in terms of GDP, the illegal proceeds would rank as the third-largest “economy” worldwide. Regardless, this
0 Comments
ESET Research has discovered a cluster of malicious Python projects being distributed in PyPI, the official Python package repository. The threat targets both Windows and Linux systems and usually delivers a custom backdoor. In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency,
0 Comments
Mobile Security A security compromise so stealthy that it doesn’t even require your interaction? Yes, zero-click attacks require no action from you – but this doesn’t mean you’re left vulnerable. Márk Szabó 11 Dec 2023  •  , 3 min. read In a world of instant communication and accelerated by the ever-spreading notion that if you