Hackers pose as employers to steal crypto, login credentials
Since early 2024, ESET researchers have been tracking DeceptiveDevelopment, a series of malicious campaigns linked to North Korea-aligned operators. Disguising themselves as …
Crypto-stealing iOS, Android malware found on App Store, Google Play
A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate …
China-aligned PlushDaemon APT compromises supply chain of Korean VPN
ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this …
New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)
ESET researchers have identified a vulnerability (CVE-2024-7344) impacting most UEFI-based systems, which allows attackers to bypass UEFI Secure Boot. The issue was found in a …
RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege …
Researchers unearth two previously unknown Linux backdoors
ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is …
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 …
US charges suspected Redline infostealer developer, admin
The identity of a suspected developer and administrator of the Redline malware-as-a-service operation has been revealed: Russian national Maxim Rudometov. Infrastructure …
ESET HOME Security enhancements strengthen protection against AI-driven threats
ESET announced its upgraded consumer offering, ESET HOME Security, with new features, such as ESET Folder Guard and Multithread Scanning. These enhancements to ESET HOME …
Israeli orgs targeted with wiper malware via ESET-branded emails
Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email. The phishing email The attack …
Scammers target Airbnb and Booking.com users
ESET researchers discovered that the organized scammer network Telekopye has expanded its operations to target users of popular accommodation booking platforms like …
ESET updates Vulnerability and Patch Management module
ESET released its updated ESET Vulnerability and Patch Management module. With the new update, ESET V&PM has expanded to support Linux1 (desktops and servers), as well as …
Featured news
Resources
Don't miss
- Where IT meets OT and railway cybersecurity gets harder
- Praxen: Open-source AI agent behavior verification
- Product showcase: How to evaluate AI SOC platforms and where Prophet AI leads
- What the Fortibleed campaign means for organizations running FortiGate firewalls
- A $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Security