vulnerability

ESET Discovers UEFI Secure Boot Bypass Vulnerability

January 20, 2025

Editor

ESET researchers have discovered a vulnerability, affecting the majority of UEFI-based systems, that allows actors to bypass UEFI Secure Boot. This vulnerability, assigned CVE-2024-7344, was found in a UEFI application signed by Microsoft’s “Microsoft Corporation

Cyber Security

ESET Research Uncovers Vulnerability in WPS Office for Windows

September 6, 2024

Editor

ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). It was being exploited by APT-C-60, a South Korea-aligned cyberespionage group, to target East Asian countries.

News

ESET Discovered Zero-Day Exploit, EvilVideo Targeting Telegram App

July 23, 2024

Editor

ESET researchers has discovered a zero-day exploit, which targets the Telegram app for Android, that appeared for sale for an unspecified price in an underground forum post from June 2024. Using the exploit to abuse a vulnerability that ESET named “EvilVideo,” attackers

Positive Technologies Helps To Fix Dangerous Vulnerability In Popular Videoconferencing Service Yealink

Cyber Security

Positive Technologies Helps To Fix Dangerous Vulnerability In Yealink

January 30, 2024

Deepak

Yealink has thanked Positive Technologies for discovering the critical vulnerability BDU:2024-00482 in its Yealink Meeting Server videoconferencing system. Yealink is a prominent VoIP provider and is among five major online conferencing vendors. Its products are used in 140 countries. The vendor was notified of the threat per the responsible disclosure policy and released a software patch. PT SWARM experts found that an adversary who compromised Yealink Meeting Server at the external perimeter could develop the attack on the LAN if the latter lacked an adequately set […]

Cyber Security

ESET to highlight its latest research at Black Hat USA 2020

August 6, 2020

Editor

ESET, will highlight its latest research during Black Hat USA 2020. ESET researchers Robert Lipovský, Štefan Svorenčík and Vladislav Hrčka will present this today, on “KrØØk: Serious Vulnerability Affected Encryption of Billion+ Wi-Fi Devices” and “Stantinko Deobfuscation Arsenal.”

Cyber Security

ESET discovers a previously unknown vulnerability, Kr00k

March 3, 2020

Editor

ESET researchers have discovered Kr00k (CVE-2019-15126), a previously unknown vulnerability in Wi-Fi chips used in many client devices, Wi-Fi access points and routers.

Renaud Deraison, co-founder and chief technology officer, Tenable

Industrial Security

Vulnerability discovered in Siemens Critical Infrastructure Design software

July 10, 2019

Editor

Tenable, today announced its research team discovered a critical vulnerability in Siemens STEP 7 TIA Portal, design and automation software for industrial control systems (ICS). The vulnerability, which impacts the same family of devices compromised in the STUXNET attack,

Expert Corner

How to Avoid Falling for Online Betting Scams

January 30, 2025

Howsick

Phil Muncaster, guest writer at ESET, emphasizes don’t roll the dice on your online safety – watch out for bogus sports betting apps and other traps commonly set by scammers

Share this video