Eset Archives - Security Affairs

Pierluigi Paganini April 10, 2025

An APT group exploited ESET flaw to execute malware

At least one APT group has exploited a vulnerability in ESET software to stealthily execute malware, bypassing security measures. Kaspersky researchers reported that an APT group, tracked as ToddyCat, has exploited a vulnerability in ESET software to stealthily execute malware, bypassing security. The vulnerability, tracked as CVE-2024-11859, is a DLL Search Order Hijacking issue that potentially allow […]

Pierluigi Paganini September 23, 2024

ESET fixed two privilege escalation flaws in its products

ESET addressed two local privilege escalation vulnerabilities in security products for Windows and macOS operating systems. Cybersecurity firm ESET released security patches for two local privilege escalation vulnerabilities impacting Windows and macOS products. The first vulnerability, tracked as CVE-2024-7400 (CVSS score of 7.3), could allow an attacker to misuse ESET’s file operations during the removal […]

Pierluigi Paganini February 18, 2024

ESET fixed high-severity local privilege escalation bug in Windows products

Cybersecurity firm ESET has addressed a high-severity elevation of privilege vulnerability in its Windows security solution. ESET addressed a high-severity vulnerability, tracked as CVE-2024-0353 (CVSS score 7.8), in its Windows products. The vulnerability is a local privilege escalation issue that was submitted to the company by the Zero Day Initiative (ZDI). According to the advisory, […]

Pierluigi Paganini December 21, 2023

ESET fixed a high-severity bug in the Secure Traffic Scanning Feature of several products

ESET fixes a high-severity flaw in Secure Traffic Scanning Feature that could have been exploited to cause web browsers to trust sites that should not be trusted. ESET has addressed a vulnerability (CVE-2023-5594, CVSS score 7.5) in the Secure Traffic Scanning Feature, preventing potential exploitation that could lead web browsers to trust websites using certificates […]

Pierluigi Paganini February 02, 2022

ESET releases fixes for local privilege escalation bug in Windows Applications

Antivirus firm ESET addressed a local privilege escalation vulnerability, tracked CVE-2021-37852, impacting its Windows clients. Antivirus firm ESET released security patches to address a high severity local privilege escalation vulnerability, tracked CVE-2021-37852, impacting its Windows clients. An attacker can exploit the vulnerability to misuse the AMSI scanning feature to elevate privileges in specific scenarios. “According […]

Pierluigi Paganini September 03, 2017

Google removed almost 300 Android apps involved in DDoS attack

Google removed almost 300 Android apps from the official Play Store after expert at ESET reported they were abused for a DDoS attack. This week Google has removed at least 300 apps from the Official Play Store after learning that apps were being hijacked to power DDoS attacks. “We identified approximately 300 apps associated with […]

Pierluigi Paganini July 06, 2016

Espionage SBDH Toolkit used to target European Countries

ESET security firm has uncovered an espionage toolkit dubbed SBDH that was used in espionage campaigns targeting government organizations in Europe. Security experts from ESET security firm have spotted an espionage toolkit dubbed SBDH that was used by threat actors in hacking operations targeting government organizations in Europe. The research observed infections in many countries, including […]

Pierluigi Paganini December 24, 2015

Roaming Tiger Hackers targets Russian organizations for espionage

Security researchers from ESET uncovered the Roaming Tiger hacking campaign, bad actors in the wild are targeting Russian organizations. Roaming Tiger is the name of a cyber espionage campaign targeting high profile organizations in Russia and former Soviet Union countries, including Belarus, Kazakhstan, Kyrgyzstan, Tajikistan, Ukraine, and Uzbekistan. The Roaming Tiger campaign was discovered by experts at […]

Pierluigi Paganini August 02, 2015

Operation Potao – hackers used a trojanized version of TrueCrypt

ESET issued a report on a cyber espionage campaign dubbed Operation Potao that relied on the diffusion of a trojanized Russian language version of TrueCrypt. Despite TrueCrypt development was mysteriously interrupted last year, the popular open-source encryption tool still represents the ideal choice for individuals that need to encrypt their data. Recently ESET published an interesting report […]

Pierluigi Paganini May 27, 2015

Linux-based Moose worm turns routers into social network bots

Linux/Moose is a malware family that targets Linux-based consumer routers turning them into social network bots to use for illegal activities. ESET released a study about a new malware known as Moose worm that is compromising devices that have a weak or default credentials. The principal target of the Moose worm are the linux-based routers, […]

Eset

An APT group exploited ESET flaw to execute malware

ESET fixed two privilege escalation flaws in its products

ESET fixed high-severity local privilege escalation bug in Windows products

ESET fixed a high-severity bug in the Secure Traffic Scanning Feature of several products

ESET releases fixes for local privilege escalation bug in Windows Applications

Google removed almost 300 Android apps involved in DDoS attack

Espionage SBDH Toolkit used to target European Countries

Roaming Tiger Hackers targets Russian organizations for espionage

Operation Potao – hackers used a trojanized version of TrueCrypt

Linux-based Moose worm turns routers into social network bots

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

Disrupting the operations of cryptocurrency mining botnets

Prometei botnet activity has surged since March 2025

The U.S. House banned WhatsApp on government devices due to security concerns

QUICK LINKS

Eset

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!