For the past several months, a significant vulnerability affecting the security of Windows devices has been identified, allowing potential bypass of an industry-standard protection mechanism designed to thwart firmware infections. On Tuesday, Microsoft announced a patch for the vulnerability tracked as CVE-2024-7344. Currently, the implications for Linux systems remain uncertain.…
Recent trends in ransomware attacks reveal a concerning evolution in tactics, as highlighted by the latest Threat Report from ESET. This report identifies a significant shift towards state-sponsored cybercriminal activities, with orchestration increasingly coming from government-affiliated groups focused on disruption and financial gain. These actors leverage ransomware not only to…
Endpoint Security Bootkitty: Researchers Identify Linux’s First Bootkit, Primarily Conceptual Rather Than Malicious Prajeet Nair (@prajeetspeaks) • November 28, 2024 Bootkitty discovered in the wild is recognized as the first bootkit targeting Linux. (Image: Shutterstock) Cybersecurity experts have unearthed the first bootkit specifically engineered to compromise Linux systems by manipulating…
Researchers Identify First Bootkit Targeting Linux Systems Cybersecurity experts have uncovered a significant advancement in malware threats with the identification of the first bootkit specifically engineered to compromise Linux systems. Dubbed "Bootkitty," this malicious software operates within the Unified Extensible Firmware Interface (UEFI), manipulating the boot process for harmful intents.…
In recent developments within the cybersecurity landscape, a new form of malware known as Bootkitty has emerged, targeting Linux systems with techniques historically associated with Windows infections. This bootkit operates at the firmware level, specifically within the Unified Extensible Firmware Interface (UEFI), a crucial component that executes prior to the…
Russian RomCom Group Leverages Zero-Day Vulnerabilities in Cyber Campaign Cybersecurity researchers from ESET have uncovered a sophisticated attack campaign attributed to the Russia-linked group known as RomCom, which exploited two previously unknown vulnerabilities—commonly referred to as zero-day flaws—in widely used software platforms, namely Firefox and Windows. This complex operation highlights…
Security Operations ESET Identifies Significant Vulnerabilities Exploited by the Russian RomCom Hacking Group Chris Riotta (@chrisriotta) • November 26, 2024 ESET reports the discovery of critical vulnerabilities in Mozilla products and Windows, exploited by the RomCom group to deploy a backdoor. (Image: Mozilla Foundation) Two critical vulnerabilities affecting Mozilla products…
The cybersecurity landscape is witnessing a new wave of phishing attacks leveraging global events to target unsuspecting users. According to experts from ESET, a recent campaign is exploiting a fabricated assassination plot against former President Donald Trump to deceive individuals into revealing personal and corporate information. This tactic is particularly…
In 2024, human errors accounted for nearly 68% of reported data breaches, highlighting a critical vulnerability in cybersecurity defenses. This alarming statistic was detailed in the Verizon 2024 Data Breach Investigations Report, recently referenced in a specialized article on Eset’s Romanian blog. Most breaches stemmed from phishing and pretexting schemes,…
