October 29, 2024 at 09:07AM The U.S. charged Russian national Maxim Rudometov, a key figure in the RedLine malware operation, which stole credentials and financial data. Part of an international crackdown, authorities disrupted the malware platform and arrested two in Belgium. Rudometov faces multiple charges with potential maximum sentences totaling 35 years in prison. ### … Read more
October 21, 2024 at 09:16AM ESET is investigating a situation where a product distributor in Israel sent emails containing wiper malware. This incident involved the abuse of the distributor’s systems. The details are reported in a post by SecurityWeek. ### Meeting Notes Takeaways: 1. **Investigation Initiated**: ESET has launched an investigation regarding a security incident … Read more
October 18, 2024 at 02:27PM Hackers breached ESET’s Israeli partner, sending phishing emails to businesses that disguised data wipers as antivirus software. The emails, appearing legitimate, originated from the compromised eset.co.il domain. Malicious files included legitimate DLLs and a harmful Setup.exe. The attack aimed to disrupt, reflecting ongoing cybersecurity threats in Israel. **Meeting Takeaways: ESET … Read more
October 18, 2024 at 01:30PM ESET denies reports of a cyberattack that compromised its platforms to target Israeli customers with wiper malware. The company addressed a recent security incident involving a malicious email campaign, which was blocked quickly. ESET asserts its technology is secure, while continuing to investigate the situation with its partner. ### Meeting … Read more
October 18, 2024 at 07:08AM ESET has denied being compromised following allegations of a wiper campaign originating from its infrastructure. An infosec researcher reported an email targeting cybersecurity professionals in Israel, linked to a campaign by the pro-Palestine Handala group, but ESET stated it blocked the threat within ten minutes and is investigating the incident. … Read more
October 8, 2024 at 11:56AM The APT hacking group GoldenJackal breached air-gapped government systems in Europe using custom toolsets to steal sensitive data, including emails, encryption keys, and documents. The attacks occurred at least twice, targeting government and diplomatic entities for espionage. GoldenJackal also developed a new modular toolset to optimize covert operations. Multiple tools … Read more
October 8, 2024 at 06:07AM GoldenJackal, a little-known threat actor, has been linked to cyber attacks on embassies and governmental organizations. They aim to infiltrate air-gapped systems using bespoke toolsets. The attacks targeted a South Asian embassy in Belarus and a European Union government organization. The group has displayed advanced capabilities, using multiple malware families … Read more
October 2, 2024 at 12:15PM CeranaKeeper, a new threat actor, has been conducting data exfiltration attacks in Southeast Asia, targeting countries like Thailand, Myanmar, the Philippines, Japan, and Taiwan. Utilizing backdoors through legitimate cloud and file-sharing services, the group demonstrates a relentless and creative approach, with an extensive custom toolset for massive data siphoning. ESET … Read more
September 23, 2024 at 10:00AM ESET released patches for high-severity CVE-2024-7400 impacting Windows products, enabling privilege escalation through file deletion. The fix was automatically distributed to customers. The security flaw affected multiple end-user and enterprise products. ESET also addressed medium-severity CVE-2024-6654, which could cause denial-of-service attacks on macOS security tools, with patches for Cyber Security … Read more
September 23, 2024 at 07:55AM macOS 15 Sequoia’s release has caused disruptions for cybersecurity software and network connectivity. Users reported issues with security solutions from CrowdStrike, ESET, Microsoft, and SentinelOne, as well as connectivity problems and browser malfunctions. Apple was aware of the problems, yet still released the update. Workarounds and risks have been suggested … Read more