Please turn on your JavaScript for this page to function normally.
Operation Endgame
DanaBot botnet disrupted, QakBot leader indicted

Operation Endgame, mounted by law enforcement and judicial authorities from the US, Canada and the EU, continues to deliver positive results by disrupting the DanaBot botnet …

hand
Lumma Stealer Malware-as-a-Service operation disrupted

A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most …

botnet
Nation-state APTs ramp up attacks on Ukraine and the EU

Russian APT groups intensified attacks against Ukraine and the EU, exploiting zero-day vulnerabilities and deploying wipers, according to ESET. Ukraine faces rising cyber …

email
Russia-linked hackers target webmail servers in Ukraine-related espionage operation

ESET researchers have uncovered RoundPress, a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities. Behind it is most likely the Russia-aligned …

crypto wallet
Android financial threats: What businesses need to know to protect themselves and their customers

The rise of mobile banking has changed how businesses and customers interact. It brought about increased convenience and efficiency, but has also opened new doors for …

ransomware
Enemies with benefits: RansomHub and rival gangs share EDRKillShifter tool

ESET researchers have published an in-depth analysis highlighting significant shifts within the ransomware landscape, spotlighting the rise of RansomHub. This relatively new …

hand
China-linked FamousSparrow APT group resurfaces with enhanced capabilities

ESET investigated suspicious activity on the network of a trade group in the United States that operates in the financial sector. While helping the affected entity remediate …

cybercrime
Hackers pose as employers to steal crypto, login credentials

Since early 2024, ESET researchers have been tracking DeceptiveDevelopment, a series of malicious campaigns linked to North Korea-aligned operators. Disguising themselves as …

smartphone
Crypto-stealing iOS, Android malware found on App Store, Google Play

A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate …

backdoor
China-aligned PlushDaemon APT compromises supply chain of Korean VPN

ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this …

UEFI Secure Boot
New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)

ESET researchers have identified a vulnerability (CVE-2024-7344) impacting most UEFI-based systems, which allows attackers to bypass UEFI Secure Boot. The issue was found in a …

backdoor
RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools