Articles from ESET

BRATISLAVA, Slovakia, Nov. 07, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity solutions, today announced a new major integration of its ESET PROTECT Platform with ConnectWise Asio, a modern remote monitoring and management (RMM) solution.

BRATISLAVA, Slovakia, Nov. 06, 2025 (GLOBE NEWSWIRE) -- ESET Research has released its latest APT Activity Report, which highlights activities of select APT groups that were documented by ESET researchers from April through September 2025. During the monitored period, China-aligned APT groups continued to advance Beijing’s geopolitical objectives. ESET observed increasing use of the adversary-in-the-middle technique for both initial access and lateral movement in what appears to be a response to the Trump administration’s strategic interest in Latin America and possibly influenced by the ongoing US-China power struggle. The FamousSparrow group embarked on an attack on Latin America, targeting multiple governmental entities in the region. Across Europe, governmental entities remained a primary focus of cyberespionage by Russia-aligned APT groups as they intensified their operations against Ukraine and several European Union member states.

PRAGUE and BRATISLAVA, Slovakia, Oct. 23, 2025 (GLOBE NEWSWIRE) -- ESET researchers have recently observed a new instance of Operation DreamJob – a campaign that ESET tracks under the umbrella of North Korea-aligned Lazarus group – in which several European companies active in the defense industry were targeted. Some of these are heavily involved in the unmanned aerial vehicle (UAV / drones) sector, suggesting that the operation may be linked to North Korea’s current efforts to scale up its drone program. The in-the-wild attacks successively targeted three companies active in the defense sector in Central and Southeastern Europe. Initial access was almost certainly achieved via social engineering. The main payload deployed to the targets was ScoringMathTea, a remote-access trojan (RAT) that offers the attackers full control over the compromised machine. The suspected primary goal of the attackers was exfiltration of proprietary information and manufacturing know-how.

BRATISLAVA, Slovakia, Oct. 21, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity solutions, today announces its upgraded consumer offering, ESET HOME Security and its Small Office/Home Office (SOHO) offering, ESET Small Business Security. Launched earlier in 2025 for businesses and enterprises, today’s release makes ESET’s award-winning Ransomware Remediation feature available to consumers and SOHOs. ESET Ransomware Remediation seamlessly creates encrypted backups - enabling users to detect, block, and recover from ransomware attacks with minimal disruption.

MONTREAL and BRATISLAVA, Slovakia, Oct. 02, 2025 (GLOBE NEWSWIRE) -- ESET researchers have uncovered two Android spyware campaigns targeting individuals interested in secure communication apps, namely Signal and ToTok. These campaigns distribute malware through deceptive websites and social engineering and appear to target residents of the United Arab Emirates (UAE). ESET’s investigation led to the discovery of two previously undocumented spyware families: Android/Spy.ProSpy impersonates upgrades or plugins for the Signal app and the controversial and discontinued ToTok app, and Android/Spy.ToSpy impersonates the ToTok app. The ToSpy campaigns are ongoing, as suggested by C&C servers that remain active.

SAN DIEGO, Oct. 01, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity, today released a new and improved version of its free ESET Basic Cybersecurity Awareness Training. The revamped Basic course introduces an immersive storyline, interactive modules, and refreshed content designed to empower employees to be the first line of defense and help organizations of all sizes reduce employee-related cyber risks.

PRAGUE and BRATISLAVA, Slovakia, Sept. 25, 2025 (GLOBE NEWSWIRE) -- ESET Research has released new findings on DeceptiveDevelopment, also known as Contagious Interview – a threat group aligned with North Korea that has grown increasingly active in recent years. The group is primarily focused on cryptocurrency theft, targeting freelance developers across Windows, Linux, and macOS platforms. The newly published research paper traces the group’s evolution from early malware families to more advanced toolsets. These campaigns rely heavily on sophisticated social engineering tactics, including fake job interviews and the ClickFix technique, to deliver malware and exfiltrate cryptocurrency. ESET also analyzed open-source intelligence (OSINT) data that sheds light on the operations of North Korean IT workers involved in fraudulent employment schemes and their ties to DeceptiveDevelopment. These findings are being presented today at the annual Virus Bulletin (VB) Conference.

MONTREAL and BRATISLAVA, Slovakia, Sept. 19, 2025 (GLOBE NEWSWIRE) -- ESET Research has uncovered the first known cases of collaboration between Gamaredon and Turla. Both threat groups are associated with the main Russian intelligence agency, the FSB, and in tandem attacked high-profile targets in Ukraine. On the affected machines, Gamaredon deployed a wide range of tools, and on one of those machines, Turla was able to issue commands via Gamaredon implants.

San Diego-based tech company to debut interactive gameday experiences and invest in future-ready career development programs for Aztec student-athletes

San Diego-based tech company to debut interactive gameday experiences and invest in future-ready career development programs for Aztec student-athletes

BRATISLAVA, Slovakia, Sept. 12, 2025 (GLOBE NEWSWIRE) -- ESET Research has discovered a HybridPetya bootkit and ransomware uploaded from Poland to the malware-scanning platform VirusTotal. The sample is a copycat of the infamous Petya/NotPetya malware; however, it adds the capability of compromising UEFI-based systems and weaponizing CVE-2024-7344 to bypass UEFI Secure Boot on outdated systems.

Stellar Cyber and ESET partner for booth crawl, pizza oven giveaways and sushi social evening

BRATISLAVA, Slovakia, Sept. 04, 2025 (GLOBE NEWSWIRE) -- ESET Research has discovered a new threat actor, which it has named GhostRedirector. In June 2025, this threat actor compromised at least 65 Windows servers, mainly in Brazil, Thailand, Vietnam, and the United States. Other victims were located in Canada, Finland, India, the Netherlands, the Philippines, and Singapore. GhostRedirector used two previously undocumented, custom tools: a passive C++ backdoor that ESET has named Rungan, and a malicious Internet Information Services (IIS) module it has named Gamshen. GhostRedirector is very likely a China-aligned threat actor. While Rungan has the capability of executing commands on a compromised server, the purpose of Gamshen is to provide SEO fraud as-a-service to manipulate Google search engine results, boosting the page ranking of a configured target website. Its purpose is to artificially promote various gambling websites.

BRATISLAVA, Slovakia, Aug. 27, 2025 (GLOBE NEWSWIRE) -- ESET researchers have uncovered a new type of ransomware that leverages generative artificial intelligence (GenAI) to execute attacks. Named PromptLock, the malware runs a locally accessible AI language model to generate malicious scripts in real time. During infection, the AI autonomously decides which files to search, copy, or encrypt — marking a potential turning point in how cybercriminals operate.

BRATISLAVA, Slovakia, Aug. 11, 2025 (GLOBE NEWSWIRE) -- ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. According to ESET telemetry, malicious archives were used in spearphishing campaigns between July 18 to July 21, 2025, targeting financial, manufacturing, defense, and logistics companies in Europe and Canada. The aim of the attacks was cyberespionage. This is at least the third time that RomCom has been caught exploiting a significant zero-day vulnerability in the wild.

SAN DIEGO, Calif., Aug. 07, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity, announced today that CRN®, a brand of The Channel Company, has named ESET PROTECT Elite a winner in the 2025 CRN Tech Innovator Awards for the Endpoint Protection/Extended Detection and Response Security category. The annual CRN Tech Innovator Awards spotlight innovative technology vendors across 33 categories, including storage, networking, and security, that are driving progress across the IT channel.

Industry-leading expertise helps businesses qualify for cyber insurance and secure discounts on risk-reducing Managed Detection and Response (MDR)

PRAGUE and BRATISLAVA, Slovakia, July 15, 2025 (GLOBE NEWSWIRE) -- ESET Research is releasing its analysis of AsyncRAT — a remote access tool (RAT) designed to remotely monitor and control other devices. Over the years, AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasive threat that has evolved into a sprawling network of its variants and forks (customized and improved versions of the original tool). The published analysis provides an overview of the most relevant forks of AsyncRAT, drawing connections between them and showing how they have evolved.

BRATISLAVA, Slovakia, July 02, 2025 (GLOBE NEWSWIRE) -- ESET Research has released a white paper about Gamaredon’s updated cyberespionage toolset, new stealth-focused techniques, and aggressive spearphishing operations observed across the previous year. Gamaredon, attributed by the Security Service of Ukraine (SSU) to the 18th Center of Information Security of Russia’s Federal Security Service (FSB), has targeted Ukrainian governmental institutions since at least 2013. In 2024, Gamaredon exclusively attacked Ukrainian institutions. ESET’s latest research shows that the group remains highly active, consistently targeting Ukraine, but has notably adapted its tactics and tools. The group’s objective is cyberespionage aligned with Russian geopolitical interests. Last year, the group significantly increased the scale and frequency of spearphishing campaigns, employing new delivery methods, and one attack payload was used solely to spread Russian propaganda.

SAN DIEGO and TORONTO, June 30, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity, is proud to announce the winners of its tenth annual Women in Cybersecurity Scholarship. Selected from a highly competitive pool of applicants across the US and Canada, the ten scholarship recipients impressed the review panel with their academic achievements, passion for cybersecurity, and commitment to making a positive impact in STEM fields.

BRATISLAVA, Slovakia, June 26, 2025 (GLOBE NEWSWIRE) -- ESET has released its latest Threat Report, which summarizes threat landscape trends seen in ESET telemetry and from the perspective of both ESET threat detection and research experts, from December 2024 through May 2025. One of the most striking developments this period was the emergence of ClickFix, a new, deceptive attack vector that skyrocketed by over 500% compared to H2 2024 in ESET telemetry. This makes it one of the most rapidly rising threats, accounting for nearly 8% of all blocked attacks in H1 2025 and is now the second most common attack vector after phishing.

BRATISLAVA, Slovakia, June 17, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity solutions, is proud to announce its recognition as the Customers’ Choice in the 2025 Gartner® Peer Insights™ “Voice of the Customer” report1 for Endpoint Protection Platforms, in the category of Organizations with Annual Revenue between 50M - 1B USD. This distinction reflects the positive feedback and high satisfaction ratings from verified end users who rely on ESET´s solutions to defend against evolving cyber threats.

MONTREAL and BRATISLAVA, Slovakia, June 05, 2025 (GLOBE NEWSWIRE) -- The Iran-aligned threat group BladedFeline has targeted Kurdish and Iraqi government officials in a recent cyber-espionage campaign, according to ESET researchers. The group deployed a range of malicious tools discovered within the compromised systems, indicating a continued effort to maintain and expand access to high-ranking officials and government organizations in Iraq and the Kurdish region. The latest campaign highlights BladedFeline’s evolving capabilities, featuring two tunneling tools (Laret and Pinar), various supplementary tools, and, most notably, a custom backdoor Whisper and a malicious Internet Information Services (IIS) module PrimeCache, both identified and named by ESET.

SAN DIEGO, June 02, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity, today announced that Ryan Grant has been promoted to Country Manager for US and Canada, effective June 1. Reporting to Palo Balaj, Chief Business Officer at ESET, Grant will provide leadership across sales and marketing functions, lead team development and market engagement, support operational alignment with ESET’s global headquarters, and represent ESET’s North America business.

PRAGUE and BRATISLAVA, Czech Republic, May 22, 2025 (GLOBE NEWSWIRE) -- ESET has participated in a major infrastructure disruption of the notorious infostealer, Danabot, by the US Department of Justice, the FBI, and US Department of Defense’s Defense Criminal Investigative Service. U.S. agencies were working closely with Germany’s Bundeskriminalamt, the Netherlands' National Police, and the Australian Federal Police. ESET took part in the effort alongside Amazon, CrowdStrike, Flashpoint, Google, Intel471, PayPal, Proofpoint, Team Cymru and Zscaler. ESET Research, which has been tracking Danabot since 2018, contributed assistance that included providing technical analysis of the malware and its backend infrastructure, as well as identifying Danabot’s C&C servers. During that period, ESET analyzed various Danabot campaigns all over the world, with Poland, Italy, Spain and Turkey historically being one of the most targeted countries. The joint takedown effort also led to the identification of individuals responsible for Danabot development, sales, administration, and more.

PRAGUE and BRATISLAVA, Slovakia, May 21, 2025 (GLOBE NEWSWIRE) -- ESET has collaborated with Microsoft, BitSight, Lumen, Cloudflare, CleanDNS, and GMO Registry in a global disruption operation against Lumma Stealer, an infamous Malware-as-a-Service infostealer. The operation targeted Lumma Stealer infrastructure, specifically all known C&C servers of the past year, making the botnet, in large part, inoperative.

MONTREAL and BRATISLAVA, Slovakia, May 20, 2025 (GLOBE NEWSWIRE) -- ESET researchers have uncovered a Russia-aligned espionage operation, which ESET named RoundPress, targeting webmail servers via XSS vulnerabilities. Behind it is most likely the Russia-aligned Sednit (also known as Fancy Bear or APT28) cyberespionage group, holding the ultimate goal of stealing confidential data from specific email accounts. Most of the targets are related to the current war in Ukraine; they are either Ukrainian governmental entities or defense companies in Bulgaria and Romania. Notably, some of these defense companies are producing Soviet-era weapons to be sent to Ukraine. Other targets include African, EU, and South American governments.

BRATISLAVA, Slovakia, May 20, 2025 (GLOBE NEWSWIRE) -- ESET Research has released its latest APT Activity Report, which highlights activities of select APT groups that were documented by ESET researchers from October 2024 through March 2025. During the monitored period, Russia-aligned threat actors, notably Sednit and Gamaredon, maintained aggressive campaigns primarily targeting Ukraine and EU countries. Ukraine was subjected to the greatest intensity of cyberattacks against the country’s critical infrastructure and governmental institutions. The Russia-aligned Sandworm group intensified destructive operations against Ukrainian energy companies, deploying a new wiper named ZEROLOT. China-aligned threat actors continued engaging in persistent espionage campaigns with a focus on European organizations.

SAN DIEGO, May 02, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity, is proud to announce that ESET Ransomware Remediation has won a 2025 SC Award for Best Business Continuity, Disaster, Ransomware Recovery Solution. Presented on April 29 during the SC Awards Reception at RSAC™ 2025, this award recognizes ESET’s advanced Ransomware Remediation technology and its pivotal role in helping organizations mitigate ransomware threats and recover swiftly from attacks. The SC Awards program, now in its 28th year, recognizes the solutions, organizations, and individuals that have demonstrated outstanding achievement in advancing the security of information systems.

SAN DIEGO, April 30, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity, is warning organizations to stay alert as “EDR killers” - tools designed to disable Endpoint Detection and Response (EDR) solutions- grow more accessible and more widely used by ransomware affiliates. While not a new threat, these tools are becoming easier to deploy, making them relevant for enterprises and mid-sized organizations alike.

SAN DIEGO, April 30, 2025 (GLOBE NEWSWIRE) -- ESET researchers have analyzed Spellbinder, a lateral movement tool used to perform adversary-in-the-middle attacks by the China-aligned threat actor TheWizards. Spellbinder enables adversary-in-the-middle attacks through IPv6 stateless address autoconfiguration spoofing, which allows the attackers to redirect the update protocols of legitimate Chinese software to malicious servers. Then the legitimate software is tricked into downloading and executing the malicious components that launch the backdoor WizardNet.

BRATISLAVA, Slovakia, April 29, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity solutions, today announced the availability of ESET PROTECT solutions in the Microsoft Azure Marketplace, an online store providing applications and services for use on Azure. ESET customers can now take advantage of the productive and trusted Azure cloud platform, with streamlined deployment and management. 

SAN FRANCISCO, April 28, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity solutions, today announced a new major integration of its ESET Endpoint Management Platform (ESET PROTECT) with Splunk, a leading security information and event management (SIEM) platform.

SAN DIEGO, April 24, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity solutions, today announced its participation in the upcoming RSAC ™ Conference in San Francisco from April 28-May 1, 2025. On May 1 at 9:40am PT, ESET Malware Researcher Robert Lipovský will lead a session titled, “Typhoons? Bears? Ransomware Gangs? Threats That Keep Defenders Up at Night.” The session will examine the latest tactics, techniques and procedures (TTPs) of leading threat groups—including Salt Typhoon’s telco attacks, Russian campaigns by Sandworm and Gamaredon targeting Signal, and RansomHub’s use of EDR killers—exploring what unites them, how they innovate, and what defenders should watch for next.

BRATISLAVA, Slovakia, April 22, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity solutions, today announced the launch of another major integration, this time, with the Kaseya VSA X remote monitoring and management (RMM) software.

BRATISLAVA, Slovakia, April 22, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity solutions, is continuing to increase its number of integrations, this time, by connecting with Wazuh, a popular open-source security platform.

LAS VEGAS, April 02, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity, is growing its Corporate Solutions business in North America with the appointment of Charles (Chuck) Everette as Field Chief Information Security Officer (CISO). Following the recent appointment of ESET’s global Chief Corporate Solutions Officer Martin Talian, today’s news marks a significant milestone as the division looks to rapidly gain further traction in North America.

LAS VEGAS, April 01, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity solutions, released new updates for the ESET PROTECT Platform, including Ransomware Remediation, a new way to prevent ransomware encryption from causing long-term business disruption, as well as new functionalities for ESET Cloud Office Security and the ESET AI Advisor. These new cybersecurity features were launched at ESET World 2025, which took place in Las Vegas from March 24 to 26, 2025, at the ARIA Resort & Casino.

LAS VEGAS, April 01, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity solutions, has expanded its award-winning Cyber Threat Intelligence services, including new feeds and APT Report tiers. ESET’s offerings address modern cybersecurity needs with features like APT monitoring, threat hunting, and built-in AI that automates threat investigation. Announced at ESET World 2025 in Las Vegas, ESET enhanced its services to accommodate the requirements of companies of all sizes that now view threat intelligence as an essential component of a next-gen, prevention-focused cybersecurity stack.

SAN DIEGO, March 07, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity, today announced the tenth anniversary of its Women in Cybersecurity North American Scholarship originally launched in 2016 to support and empower women pursuing careers in cybersecurity. For a decade, ESET North America has encouraged and uplifted women to pursue careers in cybersecurity, offering financial assistance to help achieve their aspirations. In solidarity with the 2025 International Women’s Day’s #AccelerateAction theme, the Women in Cybersecurity North American Scholarship program expands its scope with additional awards, enhanced evaluation criteria, and a renewed focus on recognizing both technical excellence and emerging potential.

SAN DIEGO, Calif., Feb. 27, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity, today announced a collaboration with the Cyber Center of Excellence (CCOE) and the Boys & Girls Clubs of Greater San Diego (BGCGSD) to provide an opportunity for San Diego middle school youth to learn about cybersecurity skills, safety, risks and potential careers the field.

SAN DIEGO, Feb. 19, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity, today announced that CRN®, a brand of The Channel Company, has named Ryan Grant, Senior Vice President of Sales and Marketing, to its 2025 CRN® Channel Chiefs list. This list recognizes the executives who are driving strategy, setting the channel agenda for their companies and working tirelessly to ensure mutual success with their partners and customers. 2025 marks the third year in a row that Grant has been named a Channel Chief.

BRATISLAVA, Slovakia, Jan. 31, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity solutions, is proud to announce that ESET HOME Security Essential has been named AV-Comparatives' Product of the Year for 2024. This prestigious award recognizes ESET HOME Security Essential for Windows for its outstanding performance and reliability in protecting consumers against a wide range of cyber threats.