Information

Since April 2024, Sednit’s advanced development team has reemerged with a modern toolkit centered on two paired implants, BeardShell and Covenant, each using a different cloud provider for resilience. This dual‑implant approach enabled long‑term surveillance of Ukrainian military personnel. Interestingly, these current toolsets show a direct code lineage to the group’s 2010‑era implants. Key points of this blogpost: ESET researchers traced the reactivation of Sednit’s advanced implant team to a 2024 case in Ukraine, where…

Read More

Business Security The ability to continue operating safely in an unsafe environment where competitors cannot is a competitive advantage that is rarely measured or discussed Tomáš Foltýn 06 Mar 2026  •  , 5 min. read Cybersecurity is one of the few business functions where success is typically quiet. From the outside, it may even look uneventful. On the inside, however, it reflects a sequence of seemingly unremarkable processes and controls doing what they were designed…

Read More

Corporate IT and security teams have the unenviable task of keeping relentless and increasingly sophisticated adversaries at bay. They’re often faced with limited resources and expanding attack surfaces, but recruiting and retaining top-tier security professionals to run an in-house Security Operations Centre (SOC) is out of reach for many organizations. At the same time, threats continue to evolve and adversaries hone their techniques, leading to incidents that often grind business operations to a halt. To…

Read More

Business Security The education sector is notoriously short on cash, but rich in assets for threat actors to target. How can managed detection and response (MDR) help learning institutions regain the initiative? Phil Muncaster 04 Mar 2026  •  , 5 min. read For the education sector, cybersecurity isn’t just about preserving reputation and minimizing financial damage. It plays a critical role in protecting student wellbeing and ensuring every child and young adult fulfils their learning…

Read More

In this roundup, Tony looks at how opportunistic threat actors are taking advantage of weak authentication, unmanaged exposure, and popular AI tools 28 Feb 2026 With the second month of 2026 (almost) behind us, it’s time for ESET Chief Security Evangelist Tony Anscombe to look at cybersecurity stories that moved the needle and offered vital lessons over the past four weeks. Here’s Tony’s rundown of some of what stood out in February 2026: Threat actors…

Read More

Mobile Security Start using a new app and you’ll often be asked to grant it permissions. But blindly accepting them could expose you to serious privacy and security risks. Phil Muncaster 27 Feb 2026  •  , 5 min. read App permissions are almost like an invisible sentry, governing what type of data and device access your apps get. If you’ve ever downloaded a new app or activated a new feature, the chances are you will…

Read More