An APT group exploited ESET flaw to execute malware – Source: securityaffairs.com https://ciso2ciso.com/an-apt-group-exploited-eset-flaw-to-execute-malware-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #ToddyCatAPT #Security #hacking #BYOVD #eset #APT

An #APT group exploited #ESET flaw to execute #malware
https://securityaffairs.com/176364/security/an-apt-group-exploited-eset-flaw-to-execute-malware.html
#securityaffairs #hacking

#ToddyCat: #Malware nutzt Sicherheitsleck in Antivirensoftware | Security https://www.heise.de/news/ToddyCat-Malware-nutzt-Sicherheitsleck-in-Antivirensoftware-10344279.html #Eset #Patchday

https://www.europesays.com/de/18530/ ToddyCat: Malware nutzt Sicherheitsleck in Antivirensoftware #Antivirus #Deutschland #Eset #Germany #IT #Kaspersky #Malware #Science #Science&Technology #Security #Sicherheitslücken #Sicherheitsupdates #Technik #Technology #Virus #Wissenschaft #Wissenschaft&Technik

Join #ESETresearch and our very own @matthieu_faou during #Northsec conference in Montreal for “Weaponizing XSS: Cyberespionage tactics in webmail exploitation” talk. Learn how XSS vulnerabilities let attackers inject malicious scripts into webmails.
#ESET team spent 2 years studying these vulnerabilities in webmail portals, finding zero-day flaws in Roundcube & MDaemon. Discover how Russia-aligned Sednit, GreenCube, and Belarus-aligned Winter Vivern exploited XSS flaws in Roundcube, Zimbra,MDaemon & Horde to steal emails from high-value targets.
Don't miss the presentation on May 15 at 13:45 Montreal time. #CyberSecurity #Infosec https://nsec.io/session/2025-weaponizing-xss-cyberespionage-tactics-in-webmail-exploitation.html

ESET Vulnerability Exploited for Stealthy Malware Execution https://www.securityweek.com/eset-vulnerability-exploited-for-stealthy-malware-execution/ #Vulnerabilities #vulnerability #exploited #ToddyCat #ESET

ESET Vulnerability Exploited for Stealthy Malware Execution https://www.securityweek.com/eset-vulnerability-exploited-for-stealthy-malware-execution/ #Vulnerabilities #vulnerability #exploited #ToddyCat #ESET

Android financial threats: What businesses need to know to protect themselves and their customers https://www.helpnetsecurity.com/2025/03/28/android-financial-threats/ #financialindustry #Expertanalysis #authentication #cryptocurrency #cybersecurity #onlinebanking #Expertcorner #Don'tmiss #Hotstuff #Android #opinion #threats #News #ESET

Enemies with benefits: RansomHub and rival gangs share EDRKillShifter tool https://www.helpnetsecurity.com/2025/03/26/ransomhub-edrkillshifter-tool/ #ransomware #cybercime #research #News #ESET

China-linked FamousSparrow APT group resurfaces with enhanced capabilities https://www.helpnetsecurity.com/2025/03/26/famoussparrow-cyberespionage-attacks-united-states/ #cybersecurity #cybercrime #Don'tmiss #research #China #News #ESET #APT #USA

Operation FishMedley targeting governments, NGOs, and think tanks

ESET researchers have uncovered a global espionage operation called Operation FishMedley, conducted by the FishMonger APT group, which is operated by the Chinese contractor I-SOON. The campaign targeted governments, NGOs, and think tanks across Asia, Europe, and the United States during 2022. The attackers used implants like ShadowPad, SodaMaster, and Spyder, which are common or exclusive to China-aligned threat actors. The operation involved sophisticated tactics including lateral movement, credential theft, and custom malware deployment. Seven victims were identified across various countries and sectors. The analysis provides technical details on the malware used, initial access methods, and command and control infrastructure.

Pulse ID: 67dd406f6ba9eecd280aa95e
Pulse Link: https://otx.alienvault.com/pulse/67dd406f6ba9eecd280aa95e
Pulse Author: AlienVault
Created: 2025-03-21 10:33:19

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

Threat Actor Claims Access to UAE Power Company’s Network https://dailydarkweb.net/threat-actor-claims-access-to-uae-power-companys-network/ #UnauthorizedAccesses #infrastructure #ZeroSevenGroup #watersystems #electric #Company #access #ESET #UAE #C2

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday – Source: krebsonsecurity.com https://ciso2ciso.com/microsoft-6-zero-days-in-march-2025-patch-tuesday-source-krebsonsecurity-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #KrebsonSecurity #KrebsOnSecurity #CVE-2025-24983 #CVE-2025-24984 #CVE-2025-24985 #CVE-2025-24991 #CVE-2025-24993 #CVE-2025-26633 #FilipJurčacko #SecurityTools #AdamBarnett #TimetoPatch #Rapid7 #eset

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/ #SecurityTools #FilipJurčacko #CVE202524983 #CVE202524984 #CVE202524985 #CVE202524991 #CVE202524993 #CVE202526633 #TimetoPatch #AdamBarnett #Rapid7 #ESET

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday - Microsoft today issued more than 50 security updates for its various Windows opera... https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/ #cve-2025-24983 #cve-2025-24984 #cve-2025-24985 #cve-2025-24991 #cve-2025-24993 #cve-2025-26633 #securitytools #filipjurčacko #timetopatch #adambarnett #rapid7 #eset

#Tecnologia Falso CapCut con IA, instala software espía #Virus #Software #ESET
https://enter504.com/falso-capcut-con-ia-instala-software-espia/

#eset #security @ESET @ESETresearch
https://www.eset.de/zero-trust-umfrage

Freelance Software Developers in North Korean Malware Crosshairs – Source: www.securityweek.com https://ciso2ciso.com/freelance-software-developers-in-north-korean-malware-crosshairs-source-www-securityweek-com/ #rssfeedpostgeneratorecho #DeceptiveDevelopment #CyberSecurityNews #Malware&Threats #securityweekcom #fakeITworkers #securityweek #NationState #NorthKorea #LinkedIn #AnyDesk #eset

Freelance Software Developers in North Korean Malware Crosshairs https://www.securityweek.com/freelance-software-developers-in-north-korean-malware-crosshairs/ #DeceptiveDevelopment #Malware&Threats #fakeITworkers #NationState #NorthKorea #LinkedIn #AnyDesk #ESET