@mathieu.tarta.re
Malware Researcher at ESET
#ESETresearch has conducted a comprehensive technical analysis of new malicious tools and significant updates observed in 2024 in the arsenal of the Russia-aligned #Gamaredon #APTgroup targeting Ukraine🇺🇦. www.welivesecurity.com/en/eset-rese... 1/9
02.07.2025 10:49 — 👍 11 🔁 8 💬 1 📌 0
ESET’s Matthieu Faou exposed “Operation Texonto”, a pro-Russian disinformation operation aimed at Ukrainian speakers. He shared the full breakdown at #CYBERWARCON.
Watch his talk >> www.youtube.com/watch?v=X5lL...
Read the research >> www.welivesecurity.com/en/eset-rese...
#IO #Cybersecurity
"La mathématisation du monde est une forme de négation du rôle et de la nature humaine dans ce monde. Si tout devient quantifiable, mesurable, objectivable, alors tout devient process, automatisme, donnée. Tout peut potentiellement être confié aux algorithmes."
06.06.2025 06:28 — 👍 5 🔁 2 💬 0 📌 0🚨 Après plusieurs années passées à travailler sur les enjeux cyber, je nourrissais depuis quelques temps le désir de me rapprocher du « terrain ». C'est désormais chose faite: j'ai le privilège de rejoindre cette semaine @esetresearch.bsky.social à titre de Strategic Threat Intelligence Analyst !
16.05.2025 17:46 — 👍 2 🔁 1 💬 2 📌 0Bienvenue parmi nous @alexis-rapin.bsky.social !
16.05.2025 19:06 — 👍 1 🔁 0 💬 0 📌 0
#ESETresearch publishes its investigation of Operation RoundPress, which uses XSS vulnerabilities to target high-value webmail servers. We attribute the operation to Sednit with medium confidence. www.welivesecurity.com/en/eset-rese... 1/5
15.05.2025 07:36 — 👍 13 🔁 12 💬 1 📌 0
#ESETResearch analyzed the toolset of the China-aligned APT group that we have named #TheWizards. It can move laterally on compromised networks by performing adversary-in-the-middle (AitM) attacks to hijack software updates. www.welivesecurity.com/en/eset-rese... 1/6
30.04.2025 11:30 — 👍 20 🔁 12 💬 2 📌 0
We at Wired put together six stories on lesser known hacker groups who have quietly become some of the most harmful in the world.
Case in point: The turncoat Ukrainian spies working for Russia who some analysts say are the top cyberespionage threat to Ukraine today. www.wired.com/story/gamare...
31.03.2025 15:23 — 👍 1 🔁 0 💬 0 📌 0
In July 2024, #ESETresearch discovered that the China-aligned #FamousSparrow APT group, thought at the time to have been inactive since 2022, compromised the network of a US trade group and a Mexican research institute. www.welivesecurity.com/en/eset-rese... 1/5
26.03.2025 15:03 — 👍 13 🔁 11 💬 2 📌 1
#ESETresearch published its investigation of Operation FishMedley, a global espionage operation by the China-aligned APT group FishMonger. We identified seven victims – including governments, NGOs, and think tanks – across Asia, Europe, and the US.
www.welivesecurity.com/en/eset-rese... 1/3
#ESETresearch has uncovered the #MirrorFace Operation AkaiRyū, which extends the group’s usual focus beyond Japan into Europe. The initial lure centered around Expo 2025 in Japan, compromising a Central European diplomatic institute. 1/8
www.welivesecurity.com/en/eset-rese...
If I had a dollar for every single time something is attributed vaguely to “”Mustang Panda”” I could buy a flat in London
14.02.2025 12:39 — 👍 22 🔁 4 💬 4 📌 1A lire absolument, pour ceux qui souhaitent comprendre l'ampleur de ce que les #databrokers obtiennent comme info sur les internautes.
#adint #cybercriminalité #sensibilisation
Merci #LeMonde pour cet excellent article.
www.lemonde.fr/pixels/artic...
"ChatGPT and other Large Language Models are not a decision-making technology, they are decision-removing technologies. They generate text, but most powerfully, they generate pretext."
Wonderful insight by @eryk.bsky.social, as usual.
mail.cyberneticforests.com/a-fork-in-th...
Intelligence Online links the MOONSHINE framework that we discussed in our Earth Minotaur report (www.trendmicro.com/en_us/resear...) to a Chinese company www.intelligenceonline.com/surveillance... (article is free but needs registration to access it). Happy new year UPSEC ! 😘
29.01.2025 10:08 — 👍 9 🔁 11 💬 1 📌 0#ESETresearch discovered + named 🇨🇳 China-aligned #APT group #PlushDaemon who did a supply-chain compromise of a 🇰🇷 South Korean #VPN provider, trojanizing its legitimate software installer with a Windows backdoor we named #SlowStepper www.welivesecurity.com/en/eset-rese...
🧵1/6
JSAC202 conference logo.
Join #ESETresearch at #JSAC2025!
Facundo Munoz will talk about China-aligned PlushDaemon APT compromising the supply chain of a 🇰🇷 South Korean VPN. In 2024, several users downloaded a trojanized NSIS installer from the official website of a South Korean VPN company. 🧵 1/3
Sur le S1eg He1l de Musk et son euphémisation réflexe par la profession, voilà ce que j'écrivais *il y a un an et demi*.
La presse n'est (majoritairement) pas équipée idéologiquement pour identifier la violence suprémaciste chez les oligarques occidentaux.
www.arretsurimages.net/chroniques/c...
Trumpisme, biais racistes et menace écologique : « L’intelligence artificielle n’est pas une technique, c’est une idéologie ». Entretien avec l'excellent Thibault Prévost(@wnstnsmith.bsky.social), plume technocritique acérée
www.mediapart.fr/journal/inte...
"The media theorist Marshall McLuhan once said of technology that every augmentation is also an amputation. We chose our digitally enhanced world. We did not realize the significance of what was being amputated."
On the political economy of aloneness. Brilliant
www.theatlantic.com/magazine/arc...
🇷🇺 #DoubleTap Campaign: #Russia-nexus APT possibly related to #APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations
https://buff.ly/3WEwPG7
ESET Threat Report H2 2024: New MaaS threats rising to prominence, a novel attack vector targeting mobile users, and deepfake scams flooding social media. Read more in the full report, out now
www.welivesecurity.com/en/eset-rese...
#ESETresearch
"For century-scale storage, you aren’t fighting against mere mortal enemies—you’re waging a battle against the raging and unkind powers of geology, physics, and chemistry, not to mention the inexhaustible fallibility of humanity as a species."
Magnificent essay.
lil.law.harvard.edu/century-scal...
In December 11 and 12, 2024, a spearphishing campaign targeted at least 20 Autonomous System (AS) owners, predominantly Internet Service Providers (ISPs), and purported to come from the Network Operations Center (NOC) of a prominent European ISP.
🧵⤵️
Attack chain showing attacker generating link on Moonshine, then sending it through targeted application to the victim, which after clicking the links gets compromised and delivered the DarkNimbus backdoor
Validation flow that fingerprints the target by looking at user agent and delivering the proper exploit
multiple Chrome vulnerabilities exploited in the third-party applications
List of Android applications being targeted Most are very popular in South East Asia
Our latest report presents Earth Minotaur, a threat actor targeting Tibetans and Uyghurs using Moonshine, an exploitation framework for Android apps described in 2019 by
@citizenlab.ca
leveraging vulnerabilities in applications embedding old versions of Chromium trendmicro.com/en_us/resear...
#ESETresearch reveals the first Linux UEFI bootkit, Bootkitty. It disables kernel signature verification and preloads two ELFs unknown during our analysis. Also discovered, a possibly related unsigned LKM – both were uploaded to VT early this month. www.welivesecurity.com/en/eset-rese... 🧵
27.11.2024 08:34 — 👍 29 🔁 17 💬 1 📌 1
