Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-02-16 08:00:07 |
Spam and phishing in 2022 (lien direct) |
Statistics on spam and phishing with the key trends in 2022: two-stage spear phishing, hijacking of social network and instant messaging accounts, import substitution, and survey phishing. |
Spam
|
|
★★★
|
|
2023-02-15 10:00:53 |
IoC detection experiments with ChatGPT (lien direct) |
We decided to check what ChatGPT already knows about threat research and whether it can help with identifying simple adversary tools and classic indicators of compromise, such as well-known malicious hashes and domains. |
Threat
|
ChatGPT
|
★★
|
|
2023-02-10 10:00:33 |
Good, Perfect, Best: how the analyst can enhance penetration testing results (lien direct) |
What is the analyst on a penetration testing team, what role they perform at Kaspersky, and why is their job vital to the success of the project? |
|
|
★★
|
|
2023-02-07 08:00:09 |
Web beacons on websites and in e-mail (lien direct) |
Explaining web beacons (web bugs, spy or tracking pixels), what companies use these on websites and in e-mail, how and why. |
General Information
|
|
★★
|
|
2023-01-31 08:00:41 |
Prilex modification now targeting contactless credit card transactions (lien direct) |
Kaspersky discovers three new variants of the Prilex PoS malware capable of blocking contactless NFC transactions on an infected device. |
Malware
|
|
★
|
|
2023-01-30 10:00:30 |
Come to the dark side: hunting IT professionals on the dark web (lien direct) |
We have analyzed more than 800 IT job ads and resumes on the dark web. Here is what the dark web job market looks like. |
|
|
★★★
|
|
2023-01-23 10:00:08 |
What your SOC will be facing in 2023 (lien direct) |
Supply chain and reoccurring attacks, data destruction, lack of staff - what challenges will your security operations center be facing in 2023? |
|
|
★★
|
|
2023-01-19 10:00:06 |
Roaming Mantis implements new DNS changer in its malicious mobile app in 2022 (lien direct) |
Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal data. In 2022, we observed a DNS changer function implemented in its Android malware Wroba.o. |
Malware
|
|
★★★
|
|
2023-01-18 08:00:45 |
What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks (lien direct) |
Kaspersky's predictions about the threats to corporations in 2023: media blackmail, fake leaks, cloud attacks, and more advanced ransomware. |
|
|
★★★
|
|
2023-01-09 10:38:33 |
How much security is enough? (lien direct) |
A common perception in the infosec community is that there can never be too much security, but it is understood that "too much" security is expensive - and sometimes, prohibitively so - from a business perspective. So, where is that fine line that defines "just enough" security? |
|
|
★★★
|
|
2022-12-27 08:00:26 |
BlueNoroff introduces new methods bypassing MoTW (lien direct) |
We continue to track the BlueNoroff group's activities and this October we observed the adoption of new malware strains in its arsenal. |
Malware
|
|
★★
|
|
2022-12-22 08:00:32 |
Ransomware and wiper signed with stolen certificates (lien direct) |
In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations. |
Ransomware
|
|
★★★
|
|
2022-12-19 16:15:49 |
CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange (lien direct) |
At the end of September, GTSC reported the finding of two 0-day vulnerabilities in Microsoft Exchange Server, CVE-2022-41040 and CVE-2022-41082. The cybersecurity community dubbed the pair of vulnerabilities ProxyNotShell. |
|
|
★★★
|
|
2022-12-14 10:00:18 |
Reassessing cyberwarfare. Lessons learned in 2022 (lien direct) |
In this report, we propose to go over the various activities that were observed in cyberspace in relation to the conflict in Ukraine, understand their meaning in the context of the current conflict, and study their impact on the cybersecurity field as a whole. |
|
|
★★★
|
|
2022-12-09 13:00:23 |
How to train your Ghidra (lien direct) |
Brief introduction to setting up Ghidra, and then configuring it with a familiar UI and shortcuts, so that you would not need to re-learn all the key sequences you have got used to over the years. |
|
|
★★★
|
|
2022-12-08 10:00:49 |
DeathStalker targets legal entities with new Janicab variant (lien direct) |
While hunting for less common Deathstalker intrusions, we identified a new Janicab variant used in targeting legal entities in the Middle East throughout 2020. |
|
|
★★★
|
|
2022-12-06 10:00:01 |
Main phishing and scamming trends and techniques (lien direct) |
Phishing in social networks and messengers, marketplace fraud, exploitation of Google Forms and other services: we uncover what's trending among attackers in 2022 |
|
|
★★
|
|
2022-12-05 10:00:58 |
If one sheep leaps over the ditch… (lien direct) |
In this report, Kaspersky researchers discuss propagation methods of several ransomware families, and a vulnerable driver abuse case that may become a trend. |
Ransomware
|
|
★★★
|
|
2022-12-02 08:00:07 |
Indicators of compromise (IOCs): how we collect and use them (lien direct) |
How exactly can indicators of compromise help information security specialists in their everyday work? To find the answer we asked three Kaspersky experts to share their experience. |
|
|
★★★
|
|
2022-12-01 11:00:36 |
Kaspersky Security Bulletin 2022. Statistics (lien direct) |
Key statistics for 2022: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT. |
|
|
★★★
|
|
2022-11-28 08:00:47 |
Privacy predictions 2023 (lien direct) |
We think the geopolitical and economic events of 2022, as well as new technological trends, will be the major factors influencing the privacy landscape in 2023. Here we take a look at the most important developments that, in our opinion, will affect online privacy in 2023. |
|
|
★★★
|
|
2022-11-28 08:00:24 |
Consumer cyberthreats: predictions for 2023 (lien direct) |
Kaspersky consumer cyberthreat predictions: console shortage, scams related to new games and shows, cyberattacks in the metaverse, and threats related to online education. |
|
|
★★★
|
|
2022-11-25 08:00:07 |
Who tracked internet users in 2021–2022 (lien direct) |
A review of Do Not Track (DNT) statistics for the most widely used web tracking services in 2021 and 2022. |
|
|
★★★★
|
|
2022-11-23 08:00:00 |
Black Friday shoppers beware: online threats so far in 2022 (lien direct) |
Online shopping security threat statistics and trends in 2022: phishing, scams, banking Trojans-things that you should be aware of as the Black Friday sales are approaching. |
Threat
|
|
★★
|
|
2022-11-22 08:00:51 |
ICS cyberthreats in 2023 – what to expect (lien direct) |
The coming year looks to be much more complicated. In the post we share some of our thoughts on potential developments of 2023, though we cannot claim to be providing either a complete picture or a high degree of precision. |
Studies
|
|
★★★★
|
|
2022-11-22 08:00:30 |
Policy trends: where are we today on regulation in cyberspace? (lien direct) |
This is the first edition of our policy analysis and observations of trends in the regulation of cyberspace, and cybersecurity, within the Kaspersky Security Bulletin. |
|
|
★★
|
|
2022-11-22 08:00:12 |
Crimeware and financial cyberthreats in 2023 (lien direct) |
This report assesses how accurately we predicted the developments in the financial threats landscape in 2022 and ponder at what to expect in 2023. |
Studies
|
|
★★★
|
|
2022-11-18 08:10:34 |
(Déjà vu) IT threat evolution in Q3 2022. Non-mobile statistics (lien direct) |
PC malware statistics for Q3 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices. |
Threat
Malware
|
|
|
|
2022-11-18 08:05:33 |
IT threat evolution in Q3 2022. Mobile statistics (lien direct) |
In Q3 2022, a total of 5,623,670 mobile malware, adware, and riskware attacks were blocked, and 438,035 malicious installation packages were detected. |
Threat
|
|
|
|
2022-11-18 08:00:32 |
IT threat evolution Q3 2022 (lien direct) |
Recent APT campaigns, a sophisticated UEFI rootkit, new ransomware for Windows, Linux and ESXi, attacks on foreign and crypto-currency exchanges, and malicious packages in online code repositories. |
Threat
Ransomware
|
|
|
|
2022-11-15 10:00:28 |
DTrack activity targeting Europe and Latin America (lien direct) |
In recent campaigns DTrack targets organizations in Europe and Latin America, and uses more delivery stages. |
|
|
★★★★★
|
|
2022-11-14 08:00:24 |
Advanced threat predictions for 2023 (lien direct) |
We polled our experts from the GReAT team and have gathered a small number of key insights about what APT actors are likely to focus on in 2023. |
Threat
|
|
|
|
2022-11-10 08:00:38 |
The state of cryptojacking in the first three quarters of 2022 (lien direct) |
In 2022 cryptocurrencies dropped, but cryptojacking (illicit cryptocurrency mining) activity grew. In this report we provide statistics on cryptojacking in 2022. |
|
|
|
|
2022-11-09 08:00:23 |
Cybersecurity threats: what awaits us in 2023? (lien direct) |
We invited notable experts to share their insights and unbiased opinions on what we should expect from cybersecurity in the following year. |
|
|
|
|
2022-11-07 08:00:31 |
DDoS attacks in Q3 2022 (lien direct) |
In Q3 2022, the situation on the DDoS market stabilized, and sophisticated attacks on HTTP(S) began to hold sway over simple TCP attacks. |
|
|
|
|
2022-11-02 08:00:22 |
Server-side attacks, C&C in public clouds and other MDR cases we observed (lien direct) |
This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. We hope that it helps you to stay up to date on the modern threat landscape and to be better prepared for attacks. |
Threat
|
|
|
|
2022-11-01 08:00:06 |
(Déjà vu) APT trends report Q3 2022 (lien direct) |
This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022. |
Threat
|
|
|
|
2022-10-31 08:00:54 |
APT10: Tracking down LODEINFO 2022, part II (lien direct) |
In the second part of this report, we discuss improvements made to the LODEINFO backdoor shellcode in 2022. |
|
APT 10
|
|
|
2022-10-31 08:00:52 |
APT10: Tracking down LODEINFO 2022, part I (lien direct) |
The first part of this report will provide technical analysis of the new infection methods such as SFX files and DOWNIISSA, a new downloader shellcode used to deploy the LODEINFO backdoor. |
|
APT 10
|
|
|
2022-10-17 18:37:05 |
DiceyF deploys GamePlayerFramework in online casino development studio (lien direct) |
In this report we provide technical analysis of the GamePlayerFramework deployed by an APT we call DiceyF, which is targeting online casinos in Southeast Asia. |
|
|
|
|
2022-10-13 08:00:21 |
Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day) (lien direct) |
We investigated CVE-2022-41352 and were able to confirm that unknown APT groups have actively been exploiting this vulnerability in the wild, one of which is systematically infecting servers in Central Asia. |
Vulnerability
|
|
|
|
2022-10-12 08:00:16 |
Malicious WhatsApp mod distributed through legitimate apps (lien direct) |
The malicious version of YoWhatsApp messenger, containing Triada trojan, was spreading through ads in the popular Snaptube app and the Vidmate app's internal store. |
|
|
|
|
2022-10-07 10:00:47 |
TOP 10 unattributed APT mysteries (lien direct) |
TajMahal, DarkUniverse, PuzzleMaker, ProjectSauron (aka Strider), USB Thief, TENSHO (aka White Tur), PlexingEagle, SinSono, MagicScroll (aka AcidBox), Metador-all these targeted attacks are still unattributed. |
|
|
|
|
2022-10-06 08:00:38 |
A look at the 2020–2022 ATM/PoS malware landscape (lien direct) |
We looked at the number of affected ATMs and PoS terminals, geography of attacks and threat families used by cybercriminals to target victims in 2020-2022. |
Threat
Malware
|
|
★★
|
|
2022-10-05 09:00:14 |
Uncommon infection and malware propagation methods (lien direct) |
In this report, Kaspersky researchers discuss uncommon infection and propagation methods observed in certain crimeware families. |
Malware
|
|
|
|
2022-10-04 10:00:29 |
OnionPoison: infected Tor Browser installer distributed through popular YouTube channel (lien direct) |
Kaspersky researchers detected OnionPoison campaign: malicious Tor Browser installer spreading through a popular YouTube channel and targeting Chinese users. |
|
|
|
|
2022-10-03 07:00:15 |
DeftTorero: tactics, techniques and procedures of intrusions revealed (lien direct) |
In this report we focus on tactics, techniques, and procedures (TTPs) of the DeftTorero (aka Lebanese Cedar or Volatile Cedar) threat actor, which targets Middle East countries. |
Threat
|
|
|
|
2022-09-29 08:00:53 |
The secrets of Schneider Electric\'s UMAS protocol (lien direct) |
Kaspersky ICS CERT report on vulnerabilities in Schneider Electric's engineering software that enables UMAS protocol abuse. |
|
|
|
|
2022-09-28 08:00:41 |
Prilex: the pricey prickle credit card complex (lien direct) |
Prilex is a Brazilian threat actor focusing on ATM and PoS attacks. In this report, we provide an overview of its PoS malware. |
Threat
|
|
|
|
2022-09-26 08:00:10 |
NullMixer: oodles of Trojans in a single dropper (lien direct) |
NullMixer is a dropper delivering a number of Trojans, such as RedLine Stealer, SmokeLoader, Satacom, and others. |
|
|
|