Award-winning news, views, and insight from the ESET security community
Malware Researcher
ESET research
RomCom exploits Firefox and Windows zero days in the wild
Separating the bee from the panda: CeranaKeeper making a beeline for Thailand
Analysis of two arbitrary code execution vulnerabilities affecting WPS Office
HotPage: Story of a signed, vulnerable, ad-injecting driver
ESET Research details the analysis of a previously unknown vulnerability in Mozilla products exploited in the wild and another previously unknown Microsoft Windows vulnerability, combined in a zero-click exploit
Damien Schaeffer and Romain Dumont • 26 Nov 2024 • 13 min. read
ESET Research details the tools and activities of a new China-aligned threat actor, CeranaKeeper, focusing on massive data exfiltration in Southeast Asia
Romain Dumont • 02 Oct 2024 • 11 min. read
Demystifying CVE-2024-7262 and CVE-2024-7263
Romain Dumont • 28 Aug 2024 • 14 min. read
A study of a sophisticated Chinese browser injector that leaves more doors open!
Romain Dumont • 18 Jul 2024 • 23 min. read
A dive into Turla PowerShell usage
ESET researchers analyze new TTPs attributed to the Turla group that leverage PowerShell to run malware in-memory only
Matthieu Faou and Romain Dumont • 29 May 2019 • 12 min. read
OceanLotus: macOS malware update
Latest ESET research describes the inner workings of a recently found addition to OceanLotus’s toolset for targeting Mac users
Romain Dumont • 09 Apr 2019 • 6 min. read
Fake or Fake: Keeping up with OceanLotus decoys
ESET researchers detail the latest tricks and techniques OceanLotus uses to deliver its backdoor while staying under the radar
Romain Dumont • 20 Mar 2019 • 12 min. read
Phishing anniversary: Here’s a free $50/month subscription
Adidas “prize” used as bait in attempt to lure people into biting
Romain Dumont • 14 Jun 2018 • 8 min. read