In T2 2022, we saw the continuation of the sharp decline of Remote Desktop Protocol (RDP) attacks, which likely continued to lose their steam due to the Russia-Ukraine war, along with the post- COVOD return to offices and overall improved security of corporate environments. Even with declining numbers, Russia IP addresses continued to be responsible for the large portion of RDP attacks.

The final months of 2022 were bustling with interesting ESET research findings. Our researchers discovered a MirrorFace spearphishing campaign against high-profile Japanese political entities, and new ransomware named RansomBoggs that targets multiple organizations in Ukraine and has Sandworm’s fingerprints all over it. ESET researchers also discovered a campaign conducted by the infamous Lazarus group that targets its victims with spear-phishing emails containing documents with fake job offers; one of the lures was sent to an aerospace company employee.

This report reflects on the key threats that emerged or expanded in the 4th quarter of 2020.

This annual report outlines expected cybersecurity trends for the coming year.

From the report, “In this paper, we discuss that while ML has proven to be a powerful tool in detecting malware for many years, the reality is that true AI does not yet exist. The marketing tricks of next-gen vendors are simply making matters all the more confusing for IT decision makers who need to build robust cyber security defences at a time when the threat landscape is becoming all the more precarious.”

This report offers insight into the Win32/Industroyer a new threat for industrial control systems.

The latest Petya-like outbreak has gathered a lot of attention from the media. However, it should be noted that this was not an isolated incident: this is the latest in a series of similar attacks in Ukraine. This blogpost reveals many details about the Diskcoder.C (aka ExPetr, PetrWrap, Petya, or NotPetya) outbreak and related information about previously unpublished attacks.

Herein we release our analysis of a previously undocumented backdoor that has been targeted against embassies and consulates around the world leads us to attribute it, with high confidence, to the Turla group. Turla is a notorious group that has been targeting governments, government officials and diplomats for years. They are known to run watering hole and spearphishing campaigns to better pinpoint their targets. Although this backdoor has been actively deployed since at least 2016, it has not been documented anywhere. Based on strings found in the samples we analyzed, we have named this backdoor “Gazer”.

“The Turla espionage group has been targeting various institutions for many years. Recently, we found several new versions of Carbon, a second stage backdoor in the Turla group arsenal. Last year, a technical analysis of this component was made by Swiss GovCERT.ch as part of their report detailing the attack that a defense firm owned by the Swiss government, RUAG, suffered in the past. This blog post highlights the technical innovations that we found in the latest versions of Carbon we have discovered.”

The “Trends For 2015 – Targeting the Corporate World” report by the ESET LATAM Research Lab invites you to review some of the most significant cases that affected computer security in 2014, and to consider and present the challenges and threats expected for 2015. This report will try to address the different types of threats and security incidents we have witnessed during the year classified by catego- ry in order to answer the following questions: what will we find during 2015 in terms of IT security? And how, therefore, can companies and individual users prepare themselves to get through next year in safe- ty?

In support of National Cyber Security Awareness Month (October), ESET® and the National Cyber Security Alliance (NCSA) commissioned a survey to better understand the role of cybersecurity in the American household, providing an inside-look into how it is adapting in the digital era of the data breach. Given the simultaneous rise in our number of connected devices and cyber threats, this survey underlined the importance of cybersecurity as a core commitment in our digital lives. This paper discusses the findings of that survey.