Evasive Panda APT group delivers malware via updates for popular Chinese software
Award-winning news, views, and insight from the ESET security community ESET Research Evasive Panda APT group delivers malware via updates for popular Chinese software ESET Research uncovers a campaign by the APT group known as Evasive Panda targeting an international NGO in China with malware delivered through updates of popular Chinese software ESET researchers have discovered a campaign that we
MQsTTang: Mustang Panda’s latest backdoor treads new ground with Qt and MQTT | WeLiveSecurity
ESET researchers have analyzed MQsTTang, a new custom backdoor that we attribute to the Mustang Panda APT group. This backdoor is part of an ongoing campaign that we can trace back to early January 2023. Unlike most of the group’s malware, MQsTTang doesn’t seem to be based on existing families or publicly available projects. Mustang Panda is known for its customized Korplug variants (also dubbed P
BlackLotus UEFI bootkit: Myth confirmed
Award-winning news, views, and insight from the ESET security community ESET Research BlackLotus UEFI bootkit: Myth confirmed The first in-the-wild UEFI bootkit bypassing UEFI Secure Boot on fully updated UEFI systems is now a reality The number of UEFI vulnerabilities discovered in recent years and the failures in patching them or revoking vulnerable binaries within a reasonable time window hasn’
Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin
Award-winning news, views, and insight from the ESET security community ESET Research Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin ESET researchers uncover Dolphin, a sophisticated backdoor extending the arsenal of the ScarCruft APT group ESET researchers have analyzed a previously unreported backdoor used by the ScarCruft APT group. The backdoor, which we named Dolphin, has a w
When
Award-winning news, views, and insight from the ESET security community ESET Research When "secure" isn't secure at all: High-impact UEFI vulnerabilities discovered in Lenovo consumer laptops ESET researchers discover multiple vulnerabilities in various Lenovo laptop models that allow an attacker with admin privileges to expose the user to firmware-level malware ESET researchers have discovered an
CaddyWiper: New wiper malware discovered in Ukraine
Award-winning news, views, and insight from the ESET security community Ukraine Crisis – Digital Security Resource Center CaddyWiper: New wiper malware discovered in Ukraine This is the third time in as many weeks that ESET researchers have spotted previously unknown data wiping malware taking aim at Ukrainian organizations ESET researchers have uncovered yet another destructive data wiper that wa
Watering hole deploys new macOS malware, DazzleSpy, in Asia
Award-winning news, views, and insight from the ESET security community ESET Research Watering hole deploys new macOS malware, DazzleSpy, in Asia Hong Kong pro-democracy radio station website compromised to serve a Safari exploit that installed cyberespionage malware on site visitors’ Macs On November 11th, Google TAG published a blogpost about watering-hole attacks leading to exploits for the Saf
UEFI threats moving to the ESP: Introducing ESPecter bootkit
Award-winning news, views, and insight from the ESET security community ESET Research UEFI threats moving to the ESP: Introducing ESPecter bootkit ESET research discovers a previously undocumented UEFI bootkit with roots going back all the way to at least 2012 ESET researchers have analyzed a previously undocumented, real-world UEFI bootkit that persists on the EFI System Partition (ESP). The boot
Kobalos – A complex Linux threat to high performance computing infrastructure
ESET researchers have analyzed malware that has been targeting high performance computing (HPC) clusters, among other high-profile targets. We reverse engineered this small, yet complex, malware that is portable to many operating systems including Linux, BSD, Solaris, and possibly AIX and Windows. We have named this malware Kobalos for its tiny code size and many tricks; in Greek mythology, a Koba
Operation NightScout: Supply-chain attack targets online gaming in Asia
Award-winning news, views, and insight from the ESET security community ESET Research Operation NightScout: Supply-chain attack targets online gaming in Asia ESET researchers uncover a supply-chain attack used in a cyberespionage operation targeting online-gaming communities in Asia UPDATE (February 3rd, 2021): Following the publication of our research, BigNox have contacted us to say that their i
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Evasive Panda leverages Monlam Festival to target Tibetans
Shedding light on AceCryptor and its operation
Discarded, not destroyed: Old routers reveal corporate secrets
Amazon-themed campaigns of Lazarus in the Netherlands and Belgium
You never walk alone: The SideWalk backdoor gets a Linux variant
Costco survey scam targets WhatsApp users
Mustang Panda’s Hodur: Old tricks, new Korplug variant
In Memoriam: John McAfee
DDoS attack knocks Belgian government websites offline
Turla Crutch: Keeping the “back door” open