Explore 2024 Check Fraud Report: Rising U.S. fraud trends, geographic hotspots, and threat actors, with insights from Telegram data.
The discovery of the NGate malware by ESET Research is another example of how sophisticated Android threats have become
Demystifying CVE-2024-7262 and CVE-2024-7263
We are thrilled to announce our latest development for our integration of Recorded Future with Google Security Operations, also known as Security Operations (Formerly known as Google Chronicle).
The critical vulnerability CVE-2023-22527 is being actively exploited for cryptojacking activities, turning affected Confluence Data Center and Server instances into cryptomining networks....
USDC is one of the biggest assets in crypto by usage and TVL. Circle, the owners of USDC, created the protocol Cross Chain Transfer Protocol (CCTP). Although this is a general message passing...
In the digital graveyard, a new threat stirs: Out-of-support devices becoming thralls of malicious actors
As a precursory, I really don't like how this article is written. It takes more time to hype up the bug and the companies work than actually explain the vulnerability. Additionally, the...
The world of Android threats is quite vast and intriguing. In this episode, Becks and Lukáš demonstrate how easy it is to take over your phone, with some added tips on how to stay secure
Key Takeaways In December 2023, we observed an intrusion that started with the execution of a Cobalt Strike beacon and ended in the deployment of BlackSuit ransomware. The threat actor … Read More
In July 2024, the software supply chain security landscape faced unprecedented challenges, marked by sophisticated attacks from state-sponsored actors and organized cybercriminal groups. North...
Phishing using PWAs? ESET Research's latest discovery might just ruin some users' assumptions about their preferred platform's security
The threat actor group Bling Libra (behind ShinyHunters ransomware) has been observed infiltrating an organization's Amazon Web Services (AWS) environment, focusing on extortion rather than...
Attackers can take advantage of a quirk of the default AWS configuration (without SourceIdentity configured) to potentially make detecting and attributing their actions more difficult.
Android malware discovered by ESET Research relays NFC data from victims’ payment cards, via victims’ mobile phones, to the device of a perpetrator waiting at an ATM
This case study serves to highlight the importance of rapid, heuristic, accurate, and contextualized detection and response in the cloud.
Should the payment of a ransomware demand be illegal? Should it be regulated in some way? These questions are some examples of the legal minefield that cybersecurity teams must deal with
The authors of the post were trying to find SSRF bugs within Microsoft Copilot after finding 2 but recently patched bugs. They found that when providing key phrases it was possible to trigger an...
Welcome to the Threat Context monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber Threat...
ESET analysts dissect a novel phishing method tailored to Android and iOS users
Explore GreenCharlie’s expanding cyber threat against US political and government entities. Learn how this Iran-nexus group uses advanced phishing techniques and malware like GORBLE and POWERSTAR.
In this blog, the second in the series, you will learn about how to build a database of Bluetooth Low-Energy (BTLE) Generic Attribute (GATT) Universally Unique Identifiers (UUIDs) capable of...
Agave and Jito are Solana validator clients. Solana executes eBPF bytecode from an ELF file when being executed. The development toolchain aligns the ELF program. During the ELF sanitization...
Modern JS frameworks like react, Angular and Vue safeguard against XSS. If you want to include input as HTML, there are mechanisms to do this but are dangerous. Vue.js uses the mustache template...
Jetpack Compose is a new way for building UIs in Android, replacing the fragments style. Now, navigation between screens represents composable functions. Hence, the Jetpack Navigation library is...
Soko is Go software for publishing Gentoo Linux packages. It uses an ORM which should in theory make us safe against SQL injection attacks. However, the code authors were misusing the prepared...
The Threshold Network is a collection of various services that use threshold cryptography by relying on multiple secret keepers. One of these services is tBTC that bridges native assets. The...
The Apache HTTP server is constructed with modules, with 136 listed in the documentation and about half that are in normal use. To the author this, there was a bad code smell: a giant request_rec...
Browsers can request any data via HTTP using JavaScript. From a website, it's possible to make requests to items on the local network, such as localhost. Should this be allowed? IP scanning and...
ControlLogix 1756 is a series of programmable automation controllers from Rockwell for highly scalable industrial automation. This device is a chassis component that servers as the enclosure for...