Discover ESET

Our vision, values and technology.

Newsroom

Get the latest ESET updates.

Press releases

Company news at your fingertips.

Press contacts

Contact information for media and agencies.

Careers

Build a career with ESET.

ESET comes to RSA Conference 2021 with research on Android stalkerware and XP exploits

Next story

BRATISLAVA – May 14, 2021 – ESET will highlight its latest and as yet unpublished research during the RSA Conference 2021 taking place virtually during May 17-20. ESET researchers Jean-Ian Boutin, Zuzana Hromcová and Lukáš Štefanko will provide a deep dive into Windows XP exploits and Android stalkerware.

Both presentations will take place on the opening day of the conference on May 17. ESET researcher Lukáš Štefanko will address “Security: The Hidden Cost of Android Stalkerware” from 11:20 to 12:00 PDT (20:20 to 21:00 CEST). Stalkerware is used to spy on users by gathering, transmitting, and storing their personally identifiable information. ESET Research has discovered serious vulnerabilities in Android stalkerware apps, and their monitoring servers, that could result in serious user impact if exploited.

“Mobile stalkerware is a popular threat sold legally on various websites,” explains Štefanko. “Based on ESET telemetry, the number of detections of stalkerware in 2020 rose by 48% compared to 2019. I will cover more than 80 different families of Android stalkerware and focus on security issues and privacy flaws in their code.”

Immediately following Štefanko, Head of Threat Research at ESET Jean-Ian Boutin and ESET researcher Zuzana Hromcová will take the virtual stage with “Beyond Living-Off-the-Land: Why XP Exploits Still Matter” from 12:05 to 12:45 PDT (21:00 to 21:40 CEST). Living-Off-the-Land refers to a technique where attackers use legitimate, preinstalled tools to carry out their malicious operations. "This presentation will introduce evolution of this technique and explain how vulnerable binaries can be leveraged to replace the well-known and well-mapped living-off-the-land binaries", says Zuzana Hromcová. “A vulnerable Windows XP DLL can quickly turn incident response into a nightmare, even on non-XP machines. Learn from ESET’s experience and leverage our guidance to fortify your defenses against this emerging trend,” adds Jean-Ian Boutin.

To watch the presentations live, register at the RSA Conference 2021 website. Check the RSA agenda to find out which pass is the most accommodating to your interest.  

However, if you cannot join the event live, ESET will release a white paper during the RSA Conference on Android stalkerware by Lukáš Štefanko. Check out WeLiveSecurity where the piece will be published. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

 


About ESET
For more than 30 years, ESET® has been developing industry-leading IT security software and services to protect businesses, critical infrastructure and consumers worldwide from increasingly sophisticated digital threats. With solutions ranging from endpoint and mobile security to encryption, multi-factor authentication and endpoint detection and response, ESET’s high-performing, easy-to-use products unobtrusively protect and monitor 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an intelligent IT security company that enables the safe use of technology. This aim is backed by ESET’s R&D centers worldwide, working in support of our shared future. For more information, visit www.eset.com or follow us on LinkedInFacebook and Twitter.