What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-08-15 12:00:34 | IT threat evolution Q2 2022 (lien direct) | ToddyCat APT and WinDealer man-on-the-side attack, Spring4Shell and other vulnerabilities, ransomware trends and our in-depth analysis of the TTPs of the eight most widespread ransomware families. | Ransomware Threat | ||
|
2022-08-10 10:00:43 | VileRAT: DeathStalker\'s continuous strike at foreign and cryptocurrency exchanges (lien direct) | In late August 2020, we published an overview of DeathStalker’s profile and malicious activities, including their Janicab, Evilnum and PowerSing campaigns (PowerPepper was later documented in 2020). Notably, we exposed why we believe the threat actor may fit a group of mercenaries, offering hack-for-hire services, or acting as an information broker to support competitive and | Threat | ||
|
2022-07-28 10:00:37 | (Déjà vu) APT trends report Q2 2022 (lien direct) | This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q2 2022. | Threat | ||
|
2022-07-25 10:00:32 | CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit (lien direct) | In this report, we present a UEFI firmware rootkit that we called CosmicStrand and attribute to an unknown Chinese-speaking threat actor. | Threat | ||
|
2022-05-27 08:00:46 | IT threat evolution in Q1 2022. Mobile statistics (lien direct) | According to Kaspersky Security Network, in Q1 2022 516,617 mobile malware installation packages were detected, of which 53,947 packages were related to mobile banking trojans, and 1,942 packages were mobile ransomware trojans. | Ransomware Malware Threat | ★★★★★ | |
|
2022-05-27 08:00:43 | IT threat evolution Q1 2022 (lien direct) | Kaspersky IT threat review in Q1 2022: activity of APTs such as MoonBounce, BlueNororff, Lazarus and Roaming Mantis, attacks against Ukraine, phishing kits, Okta hack and more. | Hack Threat | APT 38 | ★★★ |
|
2022-05-27 08:00:05 | IT threat evolution in Q1 2022. Non-mobile statistics (lien direct) | PC malware statistics for the Q1 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices. | Malware Threat | ★★ | |
|
2022-05-17 14:00:03 | Evaluation of cyber activities and the threat landscape in Ukraine (lien direct) | With this article, our core aim is to share a threat landscape overview, which Kaspersky cybersecurity researchers are observing in relation to the conflict, with the wider international community and thus to contribute to broader ongoing cyber-stability discussions of threat-related insights. | Threat | ||
|
2022-04-27 10:00:34 | APT trends report Q1 2022 (lien direct) | This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q1 2022. | Threat | ||
|
2022-04-12 09:00:52 | The State of Stalkerware in 2021 (lien direct) | Every year Kaspersky analyzes the use of stalkerware around the world to better understand the threat it poses. We partner with stakeholders across public and private sectors to raise awareness and find solutions to best tackle this important issue. | Threat | ||
|
2022-03-03 10:00:51 | Threat landscape for industrial automation systems, H2 2021 (lien direct) | By 2021 everyone got used to pandemic limitations – industrial organization employees and IT security professionals and threat actors. If we compare the numbers from 2020 and 2021, we see that 2021 looks more stable, particularly in H2. | Threat | ||
|
2022-02-23 10:00:42 | Financial cyberthreats in 2021 (lien direct) | This report provides insight into 2021 financial threat trends and statistics, including data on banking malware for Windows and Android, banking, payment system and e-shop phishing, etc. | Malware Threat | ||
|
2021-11-26 12:00:43 | IT threat evolution in Q3 2021. Mobile statistics (lien direct) | In Q3 2021, 9,599,519 malware, adware and riskware attacks on mobile devices were prevented. | Threat | ||
|
2021-11-26 12:00:36 | IT threat evolution Q3 2021 (lien direct) | WildPressure and LuminousMoth threat actors, FinSpy implants, zero-day vulnerabilities and PrintNightmare, threats for Linux and macOS in our review of Q3 2021. | Threat | ||
|
2021-11-26 12:00:36 | (Déjà vu) IT threat evolution in Q3 2021. PC statistics (lien direct) | PC threat statistics for Q3 2021 contain data on miners, encrypting ransomware, financial malware, and threats to Windows, macOS and IoT. | Threat | ||
|
2021-11-23 10:00:55 | Threats to ICS and industrial enterprises in 2022 (lien direct) | In recent years, we have observed various trends in the changing threat landscape for industrial enterprises. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year. | Threat | ||
|
2021-11-17 10:00:04 | Advanced threat predictions for 2022 (lien direct) | Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict what might lie ahead in the coming year. | Threat | ||
|
2021-10-26 10:00:11 | APT trends report Q3 2021 (lien direct) | The APT trends reports are based on our threat intelligence research and provide a representative snapshot of what we have discussed in greater detail in our private APT reports. This is our latest installment, focusing on activities that we observed during Q3 2021. | Threat | ||
|
2021-10-12 16:00:34 | SAS 2021: Learning to ChaCha with APT41 (lien direct) | John Southworth gives insights about APT41 and the malware used by the threat actor – the Motnug loader and its descendant, the ChaCha loader; also, shares some thoughts on the actor's attribution and the payload, including the infamous CobaltStrike. | Malware Threat Guideline | APT 41 | |
|
2021-09-30 10:00:49 | GhostEmperor: From ProxyLogon to kernel mode (lien direct) | While investigating a recent rise of attacks against Exchange servers, we noticed a recurring cluster of activity that appeared in several distinct compromised networks. With a long-standing operation, high profile victims, advanced toolset and no affinity to a known threat actor, we decided to dub the cluster GhostEmperor. | Threat | ★★ | |
|
2021-08-12 10:00:37 | IT threat evolution Q2 2021 (lien direct) | Ferocious Kitten, TunnelSnake, PuzzleMaker and other threat actors, zero-day vulnerabilities, ransomware and banking Trojans - check out our review of Q2 2021. | Ransomware Threat | ||
|
2021-08-12 10:00:19 | IT threat evolution in Q2 2021. Mobile statistics (lien direct) | In Q2 2021, we prevented 14,465,672 mobile malware, adware and riskware attacks; 886,105 malicious installation packages were detected, of which 24,604 packages were mobile banking Trojans and 3,623 packages were mobile ransomware Trojans. | Ransomware Threat | ||
|
2021-08-12 10:00:12 | IT threat evolution in Q2 2021. PC statistics (lien direct) | PC threat statistics for Q2 2021 contain data on miners, encrypting ransomware, financial malware and threats to Windows, macOS and IoT. | Malware Threat | ||
|
2021-07-29 10:00:46 | APT trends report Q2 2021 (lien direct) | This is our latest summary of advanced persistent threat (APT) activity, focusing on significant events that we observed during Q2 2021: attacks against Microsoft Exchange servers, APT29 and APT31 activities, targeting campaigns, etc. | Threat | APT 29 APT 31 | |
|
2021-07-01 12:00:54 | Do cybercriminals play cyber games in quarantine? A look one year later (lien direct) | Last year, we took a look at how the pandemic influenced the threat landscape for gamers and the gaming industry. One year later, online gamers are even more active, and cybercriminals continue to exploit this. | Threat | ||
|
2021-06-16 10:00:07 | Ferocious Kitten: 6 years of covert surveillance in Iran (lien direct) | Ferocious Kitten is an APT group that has been targeting Persian-speaking individuals in Iran. Some of the TTPs used by this threat actor are reminiscent of other groups, such as Domestic Kitten and Rampant Kitten. In this report we aim to provide more details on these findings. | Threat | ||
|
2021-05-31 10:00:37 | IT threat evolution Q1 2021 (lien direct) | SolarWinds attacks, MS Exchange vulnerabilities, fake adblocker distributing miner, malware for Apple Silicon platform and other threats in Q1 2021. | Malware Threat | ||
|
2021-05-31 10:00:35 | IT threat evolution Q1 2021. Mobile statistics (lien direct) | In the first quarter of 2021 we detected 1.45M mobile installation packages, of which 25K packages were related to mobile banking Trojans and 3.6K packages were mobile ransomware Trojans. | Ransomware Threat | ||
|
2021-05-31 10:00:05 | IT threat evolution Q1 2021. Non-mobile statistics (lien direct) | In Q1 2021, we blocked more than 2 billion attacks launched from online resources across the globe, detected 77.4M unique malicious and potentially unwanted objects, and recognized 614M unique URLs as malicious. | Threat | ||
|
2021-05-25 07:00:20 | Evolution of JSWorm ransomware (lien direct) | There are times when a single ransomware family has evolved from a mass-scale operation to a highly targeted threat – all in the span of two years. In this post we want to talk about one of those families, named JSWorm. | Ransomware Threat | ||
|
2021-04-27 10:00:26 | APT trends report Q1 2021 (lien direct) | This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. | Threat | ||
|
2021-04-23 10:19:30 | Ransomware by the numbers: Reassessing the threat\'s global impact (lien direct) | In this report, we'll take a look at the numbers behind the ransomware threat from 2019 to 2020, what they mean - and what they foretell about ransomware's future. | Ransomware Threat | ||
|
2021-04-13 17:35:50 | Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild (lien direct) | CVE-2021-28310 is an out-of-bounds (OOB) write vulnerability in dwmcore.dll, which is part of Desktop Window Manager (dwm.exe). We believe it is exploited in the wild, potentially by several threat actors. | Vulnerability Threat | ||
|
2021-04-05 10:00:22 | The leap of a Cycldek-related threat actor (lien direct) | The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector. | Threat | ||
|
2021-03-31 14:00:06 | Financial Cyberthreats in 2020 (lien direct) | This research is a continuation of our annual financial threat reports providing an overview of the latest trends and key events across the financial threat landscape. The study covers the common phishing threats, along with Windows and Android-based financial malware. | Threat | ★★★★ | |
|
2021-03-29 10:00:01 | Doxing in the corporate sector (lien direct) | Corporate doxing poses a serious threat to the confidential data of a company. | Threat | ||
|
2021-03-15 10:00:41 | COVID-19: Examining the threat landscape a year later (lien direct) | On the anniversary of the global shutdown, Kaspersky experts decided to take a look back at how the threat landscape has evolved since the beginning of the pandemic - and what that means for users in the years to come. | Threat | ★★ | |
|
2020-12-23 10:00:08 | Lazarus covets COVID-19-related intelligence (lien direct) | As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that actors, such as the Lazarus group, are going after intelligence that could help these efforts by attacking entities related to COVID-19 research. | Threat Medical | APT 38 APT 28 | |
|
2020-12-03 11:00:25 | APT annual review: What the world\'s threat actors got up to in 2020 (lien direct) | We track the ongoing activities of more than 900 advanced threat actors. Here we try to focus on what we consider to be the most interesting trends and developments of the last 12 months. | Threat | ||
|
2020-12-02 12:00:24 | ICS threat predictions for 2021 (lien direct) | We present our vision of what challenges industrial cybersecurity will soon be (or already is) facing, and what to expect from cybercriminals in 2021. | Threat | ||
|
2020-11-20 10:10:15 | IT threat evolution Q3 2020. Non-mobile statistics (lien direct) | Kaspersky solutions blocked 1,416,295,227 attacks launched from online resources across the globe. Ransomware attacks were defeated on the computers of 121,579 unique users. | Ransomware Threat | ||
|
2020-11-20 10:05:31 | IT threat evolution Q3 2020 Mobile statistics (lien direct) | In Q3 2020, Kaspersky mobile protective solutions blocked 16,440,264 attacks on mobile devices, an increase of 2.2 million on Q2 2020. | Threat | ||
|
2020-11-20 10:00:58 | IT threat evolution Q3 2020 (lien direct) | MATA framework, Garmin attack, Operation PowerFall, DeathStalker group and other events of 2020. | Threat | ||
|
2020-11-19 10:00:48 | Advanced Threat predictions for 2021 (lien direct) | Trying to make predictions about the future is a tricky business. However, while we don't have a crystal ball that can reveal the future, we can try to make educated guesses using the trends that we have observed over the last 12 months to identify areas that attackers are likely to seek to exploit in the near future. | Threat | ||
|
2020-11-09 10:00:40 | Ghimob: a Tétrade threat actor moves to infect mobile devices (lien direct) | Guildma's new creation, the Ghimob banking trojan, has been a move toward infecting mobile devices, targeting financial apps from banks, fintechs, exchanges and cryptocurrencies. | Threat | ||
|
2020-11-03 10:00:37 | APT trends report Q3 2020 (lien direct) | For more than three years, GReAT at Kaspersky has been publishing quarterly summaries of advanced persistent threat activity. This is our latest installment, focusing on activities that we observed during Q3 2020. | Threat | ||
|
2020-10-15 10:00:09 | IAmTheKing and the SlothfulMedia malware family (lien direct) | The DHS CISA agency released information about a malware family called SlothfulMedia, which they attribute to a sophisticated threat actor. We have been tracking this set of activity through our private reporting service, and we would like to provide the community with additional context. | Malware Threat | ||
|
2020-10-05 10:00:45 | MosaicRegressor: Lurking in the Shadows of UEFI (lien direct) | We found a compromised UEFI firmware image that contained a malicious implant. To the best of our knowledge, this is the second known public case where malicious UEFI firmware in use by a threat actor was found in the wild. | Threat | ||
|
2020-09-29 14:00:47 | Why master YARA: from routine to extreme threat hunting cases. Follow-up (lien direct) | On 3rd of September, we were hosting our webinar, in which we shared best practices on YARA usage. Due to timing restrictions we were not able to answer all the questions, therefore we're trying to answer them here. | Threat | ||
|
2020-09-24 08:00:21 | Threat landscape for industrial automation systems. H1 2020 highlights (lien direct) | Beginning in H2 2019 we have observed a tendency for decreases in the percentages of attacked computers, both in the ICS and in the corporate and personal environments. The internet, removable media and email continue to be the main sources of threats in the ICS environment. | Threat |
To see everything:
Our RSS (filtrered)
