Pierluigi Paganini February 18, 2024
ESET fixed high-severity local privilege escalation bug in Windows products

Cybersecurity firm ESET has addressed a high-severity elevation of privilege vulnerability in its Windows security solution. ESET addressed a high-severity vulnerability, tracked as CVE-2024-0353 (CVSS score 7.8), in its Windows products. The vulnerability is a local privilege escalation issue that was submitted to the company by the Zero Day Initiative (ZDI). According to the advisory, […]

Pierluigi Paganini December 21, 2023
ESET fixed a high-severity bug in the Secure Traffic Scanning Feature of several products

ESET fixes a high-severity flaw in Secure Traffic Scanning Feature that could have been exploited to cause web browsers to trust sites that should not be trusted. ESET has addressed a vulnerability (CVE-2023-5594, CVSS score 7.5) in the Secure Traffic Scanning Feature, preventing potential exploitation that could lead web browsers to trust websites using certificates […]

Pierluigi Paganini February 02, 2022
ESET releases fixes for local privilege escalation bug in Windows Applications

Antivirus firm ESET addressed a local privilege escalation vulnerability, tracked CVE-2021-37852, impacting its Windows clients. Antivirus firm ESET released security patches to address a high severity local privilege escalation vulnerability, tracked CVE-2021-37852, impacting its Windows clients. An attacker can exploit the vulnerability to misuse the AMSI scanning feature to elevate privileges in specific scenarios. “According […]

Pierluigi Paganini September 03, 2017
Google removed almost 300 Android apps involved in DDoS attack

Google removed almost 300 Android apps from the official Play Store after expert at ESET reported they were abused for a DDoS attack. This week Google has removed at least 300 apps from the Official Play Store after learning that apps were being hijacked to power DDoS attacks. “We identified approximately 300 apps associated with […]

Pierluigi Paganini July 06, 2016
Espionage SBDH Toolkit used to target European Countries

ESET security firm has uncovered an espionage toolkit dubbed SBDH that was used in espionage campaigns targeting government organizations in Europe. Security experts from ESET security firm have spotted an espionage toolkit dubbed SBDH that was used by threat actors in hacking operations targeting government organizations in Europe. The research observed infections in many countries, including […]

Pierluigi Paganini December 24, 2015
Roaming Tiger Hackers targets Russian organizations for espionage

Security researchers from ESET uncovered the Roaming Tiger hacking campaign, bad actors in the wild are targeting Russian organizations. Roaming Tiger is the name of a cyber espionage campaign targeting high profile organizations in Russia and former Soviet Union countries, including Belarus, Kazakhstan, Kyrgyzstan, Tajikistan, Ukraine, and Uzbekistan. The Roaming Tiger campaign was discovered by experts at […]

Pierluigi Paganini August 02, 2015
Operation Potao – hackers used a trojanized version of TrueCrypt

ESET issued a report on a cyber espionage campaign dubbed Operation Potao that relied on the diffusion of a trojanized Russian language version of TrueCrypt. Despite TrueCrypt development was mysteriously interrupted last year, the popular open-source encryption tool still represents the ideal choice for individuals that need to encrypt their data. Recently ESET published an interesting report […]

Pierluigi Paganini May 27, 2015
Linux-based Moose worm turns routers into social network bots

Linux/Moose is a malware family that targets Linux-based consumer routers turning them into social network bots to use for illegal activities. ESET released a study about a new malware known as Moose worm that is compromising devices that have a weak or default credentials. The principal target of the Moose worm are the linux-based routers, […]

Pierluigi Paganini April 10, 2015
Operation Buhtrap: New Spyware is targeting Russian Banking Sector

ESET has discovered a new hacking campaign dubbed Operation Buhtrap based on a family of spyware targeting vulnerabilities within the Russian Windows System. Late in 2014 analysts at ESET uncovered CVE-2012-0158, a buffer overflow vulnerability in the ListView / TreeView ActiveX controls in the MSCOMCTL.OCX library.  This particular malicious code can be activated by a […]

Pierluigi Paganini January 12, 2015
Hackers running Linux Operation Windigo are changing tactics targeting porn sites

Security Experts at ESET firm discovered that Windigo campaign is still active and that bad actors are changing their tactics to remain under the radar. Windigo is a sophisticated malware-based campaign uncovered by security Experts at ESET in March 2014, hackers behind the campaign that exploited the Linux/Ebury backdoor compromising more than 500,000 computers and 25,000 dedicated servers. The […]