Tag ESET

Discovered in the Wild: The First Ever Unkillable UEFI Bootkit for Linux

In recent developments within the cybersecurity landscape, a new form of malware known as Bootkitty has emerged, targeting Linux systems with techniques historically associated with Windows infections. This bootkit operates at the firmware level, specifically within the Unified Extensible Firmware Interface (UEFI), a crucial component that executes prior to the…

Read MoreDiscovered in the Wild: The First Ever Unkillable UEFI Bootkit for Linux

Russian Hackers Leverage 0-Day Vulnerabilities in Firefox and Windows to Install Backdoors

Russian RomCom Group Leverages Zero-Day Vulnerabilities in Cyber Campaign Cybersecurity researchers from ESET have uncovered a sophisticated attack campaign attributed to the Russia-linked group known as RomCom, which exploited two previously unknown vulnerabilities—commonly referred to as zero-day flaws—in widely used software platforms, namely Firefox and Windows. This complex operation highlights…

Read MoreRussian Hackers Leverage 0-Day Vulnerabilities in Firefox and Windows to Install Backdoors

Russian Hackers Attack Mozilla and Windows in Recent Exploit Chain

Security Operations ESET Identifies Significant Vulnerabilities Exploited by the Russian RomCom Hacking Group Chris Riotta (@chrisriotta) • November 26, 2024 ESET reports the discovery of critical vulnerabilities in Mozilla products and Windows, exploited by the RomCom group to deploy a backdoor. (Image: Mozilla Foundation) Two critical vulnerabilities affecting Mozilla products…

Read MoreRussian Hackers Attack Mozilla and Windows in Recent Exploit Chain

Phishing Scheme Takes Advantage of Fake Trump Assassination Narrative to Steal Corporate Data

The cybersecurity landscape is witnessing a new wave of phishing attacks leveraging global events to target unsuspecting users. According to experts from ESET, a recent campaign is exploiting a fabricated assassination plot against former President Donald Trump to deceive individuals into revealing personal and corporate information. This tactic is particularly…

Read MorePhishing Scheme Takes Advantage of Fake Trump Assassination Narrative to Steal Corporate Data

70% of Data Breaches Result from Human Error: Expert-Recommended Protection Strategies

In 2024, human errors accounted for nearly 68% of reported data breaches, highlighting a critical vulnerability in cybersecurity defenses. This alarming statistic was detailed in the Verizon 2024 Data Breach Investigations Report, recently referenced in a specialized article on Eset’s Romanian blog. Most breaches stemmed from phishing and pretexting schemes,…

Read More70% of Data Breaches Result from Human Error: Expert-Recommended Protection Strategies

Hamas Linked to October Wiper Attacks via Eset Email

Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime ‘Wirte’ Threat Actor Employs Wiper Malware Targeting Victims in Israel David Perera (@daveperera) • November 12, 2024 Hamas launches a significant rocket offensive towards Israel from Rafah in the southern Gaza Strip on October 7, 2023. (Image: Shutterstock) Recent investigations indicate that…

Read MoreHamas Linked to October Wiper Attacks via Eset Email

Researchers Reveal Prolonged Cyber Espionage Targeting Foreign Embassies in Belarus

In a troubling revelation, the cyber espionage group codenamed MoustachedBouncer, which has remained undocumented until now, has been linked to a series of attacks targeting foreign embassies in Belarus. ESET security researcher Matthieu Faou notes that this group has likely been active since 2014 and has continuously improved its techniques,…

Read MoreResearchers Reveal Prolonged Cyber Espionage Targeting Foreign Embassies in Belarus

China-Linked Bronze Starlight Group Targets Gambling Sector Using Cobalt Strike Beacons

A sophisticated cyberattack campaign emanating from China is currently targeting the gambling industry across Southeast Asia, employing Cobalt Strike beacons to infiltrate compromised systems. According to cybersecurity experts at SentinelOne, the indicators and methodologies associated with this operation suggest involvement from a threat actor group identified as Bronze Starlight, also…

Read MoreChina-Linked Bronze Starlight Group Targets Gambling Sector Using Cobalt Strike Beacons