3CX breach linked to previous supply chain compromise

Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture. In the meantime, we now also know that: The source of the 3CX breach was a compromised installer for X… Continue reading 3CX breach linked to previous supply chain compromise

3CX Breach Was a Double Supply Chain Compromise

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks. Continue reading 3CX Breach Was a Double Supply Chain Compromise

Researchers discover sensitive corporate data on decommissioned routers

Looking at configuration data, 56% of decommissioned routers disposed of and sold on the secondary market contained sensitive corporate data, according to ESET. Of the networks that had complete configuration data available: 22% contained customer data… Continue reading Researchers discover sensitive corporate data on decommissioned routers

Data loss prevention company hacked by Tick cyberespionage group

ESET researchers have uncovered a compromise of an East Asian data loss prevention (DLP) company. The attackers utilized at least three malware families during the intrusion, compromising both the internal update servers and third-party tools utilized … Continue reading Data loss prevention company hacked by Tick cyberespionage group

China-aligned APT is exploring new technology stacks for malicious tools

ESET researchers have analyzed MQsTTang, a custom backdoor that they attribute to the China-aligned Mustang Panda APT group. This backdoor is part of an ongoing campaign that ESET can trace back to early January 2023. Execution graph showing the subpro… Continue reading China-aligned APT is exploring new technology stacks for malicious tools

BlackLotus UEFI bootkit disables Windows security mechanisms

ESET researchers have published the first analysis of a UEFI bootkit capable of circumventing UEFI Secure Boot, a critical platform security feature. The functionality of the bootkit and its features make researchers believe that it is a threat known a… Continue reading BlackLotus UEFI bootkit disables Windows security mechanisms

ESET’s threat intelligence services provide organisation with guidance on potential risks

ESET has launched its threat intelligence services, designed to extend an organizations’ security intelligence. These new commercially available reports provide deeper insights and actionable guidance from ESET’s renowned global research te… Continue reading ESET’s threat intelligence services provide organisation with guidance on potential risks

The impact of Russia’s Ukraine invasion on digital threats

Russia’s invasion of Ukraine continues to have a major impact on energy prices, inflation, and cyberthreats, with the ransomware scene experiencing some of the biggest shifts, according to ESET. “The ongoing war in Ukraine has created a div… Continue reading The impact of Russia’s Ukraine invasion on digital threats

A glut of wiper malware hits Ukrainian targets

ESET researchers have discovered yet another wiper malware used to target Ukrainian organizations. Dubbed SwiftSlicer, it is thought to be wielded by the Sandworm APT. Simultaneously, the Ukranian CERT has confirmed that the attackers who recently aime… Continue reading A glut of wiper malware hits Ukrainian targets