ESET

Freelance Software Developers in North Korean Malware Crosshairs

Freelance Software Developers in North Korean Malware Crosshairs 2025-02-21 at 18:01 By Ionut Arghire ESET says hundreds of freelance software developers have fallen victim to North Korean hackers posing as recruiters. The post Freelance Software Developers in North Korean Malware Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

Freelance Software Developers in North Korean Malware Crosshairs Read More »

Hackers pose as employers to steal crypto, login credentials

Hackers pose as employers to steal crypto, login credentials 2025-02-20 at 12:03 By Help Net Security Since early 2024, ESET researchers have been tracking DeceptiveDevelopment, a series of malicious campaigns linked to North Korea-aligned operators. Disguising themselves as software development recruiters, these threat actors lure victims with fake job offers and deliver software projects embedded

React to this headline:

Loading spinner

Hackers pose as employers to steal crypto, login credentials Read More »

Crypto-stealing iOS, Android malware found on App Store, Google Play

Crypto-stealing iOS, Android malware found on App Store, Google Play 2025-02-05 at 13:25 By Zeljka Zorz A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate cryptowallets’ seed recovery phrases, Kaspersky researchers have found. “The infected apps in Google Play

React to this headline:

Loading spinner

Crypto-stealing iOS, Android malware found on App Store, Google Play Read More »

China-aligned PlushDaemon APT compromises supply chain of Korean VPN

China-aligned PlushDaemon APT compromises supply chain of Korean VPN 2025-01-22 at 08:04 By Help Net Security ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this cyberespionage campaign, the attackers compromised the legitimate installer, replacing it with a malicious

React to this headline:

Loading spinner

China-aligned PlushDaemon APT compromises supply chain of Korean VPN Read More »

New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)

New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) 2025-01-16 at 12:03 By Help Net Security ESET researchers have identified a vulnerability (CVE-2024-7344) impacting most UEFI-based systems, which allows attackers to bypass UEFI Secure Boot. The issue was found in a UEFI application signed with Microsoft’s “Microsoft Corporation UEFI CA 2011” third-party certificate. Exploiting this vulnerability

React to this headline:

Loading spinner

New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) Read More »

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor 2024-11-26 at 12:18 By Zeljka Zorz Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows Task Scheduler, as zero-days earlier this year. “Chaining together two zero-day vulnerabilities armed

React to this headline:

Loading spinner

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor Read More »

Researchers unearth two previously unknown Linux backdoors

Researchers unearth two previously unknown Linux backdoors 2024-11-21 at 12:12 By Help Net Security ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is cyberespionage that targets sensitive data such as system information, user credentials, and specific files and directories. These

React to this headline:

Loading spinner

Researchers unearth two previously unknown Linux backdoors Read More »

US charges suspected Redline infostealer developer, admin

US charges suspected Redline infostealer developer, admin 2024-10-29 at 18:22 By Zeljka Zorz The identity of a suspected developer and administrator of the Redline malware-as-a-service operation has been revealed: Russian national Maxim Rudometov. Infrastructure takedown As promised on Monday when they announced the disruption of the Redline and Meta infostealer operations, law enforcement Operation Magnus

React to this headline:

Loading spinner

US charges suspected Redline infostealer developer, admin Read More »

ESET HOME Security enhancements strengthen protection against AI-driven threats

ESET HOME Security enhancements strengthen protection against AI-driven threats 2024-10-23 at 12:33 By Industry News ESET announced its upgraded consumer offering, ESET HOME Security, with new features, such as ESET Folder Guard and Multithread Scanning. These enhancements to ESET HOME Security, as an all-in-one solution for consumers, correspond to the increasing number of advanced, automated, and

React to this headline:

Loading spinner

ESET HOME Security enhancements strengthen protection against AI-driven threats Read More »

Israeli orgs targeted with wiper malware via ESET-branded emails

Israeli orgs targeted with wiper malware via ESET-branded emails 2024-10-18 at 13:32 By Zeljka Zorz Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email. The phishing email The attack took the form of a phishing email ostensibly sent by the “Eset Advanced Threat Defense

React to this headline:

Loading spinner

Israeli orgs targeted with wiper malware via ESET-branded emails Read More »

Scammers target Airbnb and Booking.com users

Scammers target Airbnb and Booking.com users 2024-10-11 at 07:01 By Help Net Security ESET researchers discovered that the organized scammer network Telekopye has expanded its operations to target users of popular accommodation booking platforms like Booking.com and Airbnb. They have also increased the sophistication of their victim selection and of targeting the two booking sites,

React to this headline:

Loading spinner

Scammers target Airbnb and Booking.com users Read More »

ESET updates Vulnerability and Patch Management module

ESET updates Vulnerability and Patch Management module 2024-10-10 at 17:02 By Industry News ESET released its updated ESET Vulnerability and Patch Management module. With the new update, ESET V&PM has expanded to support Linux1 (desktops and servers), as well as macOS2 devices, covering broader parts of a business’ ecosystem. The V&PM module is also now

React to this headline:

Loading spinner

ESET updates Vulnerability and Patch Management module Read More »

Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680)

Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680) 2024-10-10 at 15:31 By Zeljka Zorz Mozilla has pushed out an emergency update for its Firefox and Firefox ESR browsers to fix a vulnerability (CVE-2024-9680) that is being exploited in the wild. About CVE-2024-9680 Reported by ESET malware researcher Damien Schaeffer, CVE-2024-9680 is a use-after-free vulnerability in

React to this headline:

Loading spinner

Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680) Read More »

GoldenJackal APT group breaches air-gapped systems in Europe

GoldenJackal APT group breaches air-gapped systems in Europe 2024-10-09 at 07:01 By Help Net Security ESET researchers have discovered a series of attacks that took place in Europe from May 2022 to March 2024, where the attackers used a toolset capable of targeting air-gapped systems, in a governmental organization of a European Union country. Cyberespionage

React to this headline:

Loading spinner

GoldenJackal APT group breaches air-gapped systems in Europe Read More »

ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products

ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products 2024-09-23 at 17:02 By Ionut Arghire ESET has released patches for two local privilege escalation vulnerabilities in security products for Windows and macOS. The post ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products Read More »

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) 2024-08-28 at 12:02 By Help Net Security ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asian countries. When examining the root cause, ESET discovered another way to

React to this headline:

Loading spinner

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) Read More »

New phishing method targets Android and iPhone users

New phishing method targets Android and iPhone users 2024-08-20 at 17:33 By Help Net Security ESET researchers discovered an uncommon type of phishing campaign targeting Android and iPhone users. They analyzed a case observed in the wild that targeted clients of a prominent Czech bank. PWA phishing flow (Source: ESET) This technique is noteworthy because

React to this headline:

Loading spinner

New phishing method targets Android and iPhone users Read More »

Chinese hackers compromised an ISP to deliver malicious software updates

Chinese hackers compromised an ISP to deliver malicious software updates 2024-08-05 at 13:46 By Zeljka Zorz APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Volexity researchers have shared. Malware delivery via automatic software updates StormBamboo (aka Evasive Panda, aka StormCloud), a Chinese-speaking threat

React to this headline:

Loading spinner

Chinese hackers compromised an ISP to deliver malicious software updates Read More »

Vulnerability in Telegram app for Android allows sending malicious files disguised as videos

Vulnerability in Telegram app for Android allows sending malicious files disguised as videos 2024-07-23 at 12:16 By Help Net Security ESET researchers discovered a zero-day exploit, which targets the Telegram app for Android, that appeared for sale for an unspecified price in an underground forum post from June 2024. Example of how the EvilVideo exploit

React to this headline:

Loading spinner

Vulnerability in Telegram app for Android allows sending malicious files disguised as videos Read More »

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver 2024-07-22 at 06:01 By Help Net Security ESET Research has discovered a sophisticated Chinese browser injector: a signed, vulnerable, ad-injecting driver from a mysterious Chinese company. This threat, which ESET dubbed HotPage, comes self-contained in an executable file that installs its main driver and injects

React to this headline:

Loading spinner

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver Read More »

Scroll to Top