What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-25 08:00:07 | Who tracked internet users in 2021–2022 (lien direct) | A review of Do Not Track (DNT) statistics for the most widely used web tracking services in 2021 and 2022. | ★★★★ | ||
|
2022-11-23 08:00:00 | Black Friday shoppers beware: online threats so far in 2022 (lien direct) | Online shopping security threat statistics and trends in 2022: phishing, scams, banking Trojans-things that you should be aware of as the Black Friday sales are approaching. | Threat | ★★ | |
|
2022-11-22 08:00:51 | ICS cyberthreats in 2023 – what to expect (lien direct) | The coming year looks to be much more complicated. In the post we share some of our thoughts on potential developments of 2023, though we cannot claim to be providing either a complete picture or a high degree of precision. | Studies | ★★★★ | |
|
2022-11-22 08:00:30 | Policy trends: where are we today on regulation in cyberspace? (lien direct) | This is the first edition of our policy analysis and observations of trends in the regulation of cyberspace, and cybersecurity, within the Kaspersky Security Bulletin. | ★★ | ||
|
2022-11-22 08:00:12 | Crimeware and financial cyberthreats in 2023 (lien direct) | This report assesses how accurately we predicted the developments in the financial threats landscape in 2022 and ponder at what to expect in 2023. | Studies | ★★★ | |
|
2022-11-18 08:10:34 | (Déjà vu) IT threat evolution in Q3 2022. Non-mobile statistics (lien direct) | PC malware statistics for Q3 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices. | Malware Threat | ||
|
2022-11-18 08:05:33 | IT threat evolution in Q3 2022. Mobile statistics (lien direct) | In Q3 2022, a total of 5,623,670 mobile malware, adware, and riskware attacks were blocked, and 438,035 malicious installation packages were detected. | Threat | ||
|
2022-11-18 08:00:32 | IT threat evolution Q3 2022 (lien direct) | Recent APT campaigns, a sophisticated UEFI rootkit, new ransomware for Windows, Linux and ESXi, attacks on foreign and crypto-currency exchanges, and malicious packages in online code repositories. | Ransomware Threat | ||
|
2022-11-15 10:00:28 | DTrack activity targeting Europe and Latin America (lien direct) | In recent campaigns DTrack targets organizations in Europe and Latin America, and uses more delivery stages. | ★★★★★ | ||
|
2022-11-14 08:00:24 | Advanced threat predictions for 2023 (lien direct) | We polled our experts from the GReAT team and have gathered a small number of key insights about what APT actors are likely to focus on in 2023. | Threat | ||
|
2022-11-10 08:00:38 | The state of cryptojacking in the first three quarters of 2022 (lien direct) | In 2022 cryptocurrencies dropped, but cryptojacking (illicit cryptocurrency mining) activity grew. In this report we provide statistics on cryptojacking in 2022. | |||
|
2022-11-09 08:00:23 | Cybersecurity threats: what awaits us in 2023? (lien direct) | We invited notable experts to share their insights and unbiased opinions on what we should expect from cybersecurity in the following year. | |||
|
2022-11-07 08:00:31 | DDoS attacks in Q3 2022 (lien direct) | In Q3 2022, the situation on the DDoS market stabilized, and sophisticated attacks on HTTP(S) began to hold sway over simple TCP attacks. | |||
|
2022-11-02 08:00:22 | Server-side attacks, C&C in public clouds and other MDR cases we observed (lien direct) | This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. We hope that it helps you to stay up to date on the modern threat landscape and to be better prepared for attacks. | Threat | ||
|
2022-11-01 08:00:06 | (Déjà vu) APT trends report Q3 2022 (lien direct) | This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022. | Threat | ||
|
2022-10-31 08:00:54 | APT10: Tracking down LODEINFO 2022, part II (lien direct) | In the second part of this report, we discuss improvements made to the LODEINFO backdoor shellcode in 2022. | APT 10 | ||
|
2022-10-31 08:00:52 | APT10: Tracking down LODEINFO 2022, part I (lien direct) | The first part of this report will provide technical analysis of the new infection methods such as SFX files and DOWNIISSA, a new downloader shellcode used to deploy the LODEINFO backdoor. | APT 10 | ||
|
2022-10-17 18:37:05 | DiceyF deploys GamePlayerFramework in online casino development studio (lien direct) | In this report we provide technical analysis of the GamePlayerFramework deployed by an APT we call DiceyF, which is targeting online casinos in Southeast Asia. | |||
|
2022-10-13 08:00:21 | Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day) (lien direct) | We investigated CVE-2022-41352 and were able to confirm that unknown APT groups have actively been exploiting this vulnerability in the wild, one of which is systematically infecting servers in Central Asia. | Vulnerability | ||
|
2022-10-12 08:00:16 | Malicious WhatsApp mod distributed through legitimate apps (lien direct) | The malicious version of YoWhatsApp messenger, containing Triada trojan, was spreading through ads in the popular Snaptube app and the Vidmate app's internal store. | |||
|
2022-10-07 10:00:47 | TOP 10 unattributed APT mysteries (lien direct) | TajMahal, DarkUniverse, PuzzleMaker, ProjectSauron (aka Strider), USB Thief, TENSHO (aka White Tur), PlexingEagle, SinSono, MagicScroll (aka AcidBox), Metador-all these targeted attacks are still unattributed. | |||
|
2022-10-06 08:00:38 | A look at the 2020–2022 ATM/PoS malware landscape (lien direct) | We looked at the number of affected ATMs and PoS terminals, geography of attacks and threat families used by cybercriminals to target victims in 2020-2022. | Malware Threat | ★★ | |
|
2022-10-05 09:00:14 | Uncommon infection and malware propagation methods (lien direct) | In this report, Kaspersky researchers discuss uncommon infection and propagation methods observed in certain crimeware families. | Malware | ||
|
2022-10-04 10:00:29 | OnionPoison: infected Tor Browser installer distributed through popular YouTube channel (lien direct) | Kaspersky researchers detected OnionPoison campaign: malicious Tor Browser installer spreading through a popular YouTube channel and targeting Chinese users. | |||
|
2022-10-03 07:00:15 | DeftTorero: tactics, techniques and procedures of intrusions revealed (lien direct) | In this report we focus on tactics, techniques, and procedures (TTPs) of the DeftTorero (aka Lebanese Cedar or Volatile Cedar) threat actor, which targets Middle East countries. | Threat | ||
|
2022-09-29 08:00:53 | The secrets of Schneider Electric\'s UMAS protocol (lien direct) | Kaspersky ICS CERT report on vulnerabilities in Schneider Electric's engineering software that enables UMAS protocol abuse. | |||
|
2022-09-28 08:00:41 | Prilex: the pricey prickle credit card complex (lien direct) | Prilex is a Brazilian threat actor focusing on ATM and PoS attacks. In this report, we provide an overview of its PoS malware. | Threat | ||
|
2022-09-26 08:00:10 | NullMixer: oodles of Trojans in a single dropper (lien direct) | NullMixer is a dropper delivering a number of Trojans, such as RedLine Stealer, SmokeLoader, Satacom, and others. | |||
|
2022-09-23 08:00:13 | Mass email campaign with a pinch of targeted spam (lien direct) | Mass spam mailing posing as customer email delivers the Agent Tesla stealer disguised as a document to corporate users. | Spam | ||
|
2022-09-19 14:00:21 | External attack surface and ongoing cybercriminal activity in APAC region (lien direct) | We analyze external threats for organizations in APAC region based on the data collected by Kaspersky Digital Footprint Intelligence service. | |||
|
2022-09-15 08:00:14 | Self-spreading stealer attacks gamers via YouTube (lien direct) | A malicious bundle containing the RedLine stealer and a miner is distributed on YouTube through cheats and cracks ads for popular games. | |||
|
2022-09-08 07:59:54 | Threat landscape for industrial automation systems for H1 2022 (lien direct) | H1 2022 in numbers Geography In H1 2022, malicious objects were blocked at least once on 31.8% of ICS computers globally. Percentage of ICS computers on which malicious objects were blocked For the first time in five years of observations, the lowest percentage in the first half of the year was observed in March. During | |||
|
2022-09-06 08:18:10 | Good game, well played: an overview of gaming-related cyberthreats in 2022 (lien direct) | In this report, we analyze malware, potentially unwanted applications and phishing cases related to most popular video games and cheats for these games. | |||
|
2022-09-05 10:00:38 | The nature of cyber incidents (lien direct) | In this report Kaspersky provides incident response statistics for 2021, as well as conclusions based on investigations of the real incidents. | ★★★ | ||
|
2022-08-25 01:00:31 | Kimsuky\'s GoldDragon cluster and its C2 operations (lien direct) | Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related entities. In early 2022, we observed this group was attacking the media and a think-tank in South Korea. | Threat Cloud | APT 37 | |
|
2022-08-24 10:00:13 | Ransomware updates & 1-day exploits (lien direct) | In this report, we discuss the new multi-platform ransomware RedAlert (aka N13V) and Monster, as well as private 1-day exploits for the CVE-2022-24521 vulnerability. | Ransomware | ||
|
2022-08-17 13:00:25 | Black Hat USA 2022 and DEF CON 30 (lien direct) | Black Hat 2022 USA Briefings wrapped up this past week, along with its sister conference Defcon 30. Coming back from the COVID hiatus, the conferences were enthusiastically full compared to the 2021 ghost town. | |||
|
2022-08-16 12:00:59 | Two more malicious Python packages in the PyPI (lien direct) | We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI. They were masquerading as one of the most popular open-source packages named “requests“. | |||
|
2022-08-16 08:00:36 | Threat in your browser: what dangers innocent-looking extensions hold for users (lien direct) | In this research, we observed various types of threats that mimic useful web browser extensions, and the number of users attacked by them. | |||
|
2022-08-15 12:00:45 | (Déjà vu) IT threat evolution in Q2 2022. Mobile statistics (lien direct) | In Q2 2022, we detected 405,684 mobile malware installation packages, of which 55,614 packages were related to mobile banking trojans, and 3,821 packages were mobile ransomware trojans. | Ransomware Malware Threat | ||
|
2022-08-15 12:00:43 | (Déjà vu) IT threat evolution in Q2 2022. Non-mobile statistics (lien direct) | Our non-mobile malware statistics for Q2 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices. | Malware Threat | ||
|
2022-08-15 12:00:34 | IT threat evolution Q2 2022 (lien direct) | ToddyCat APT and WinDealer man-on-the-side attack, Spring4Shell and other vulnerabilities, ransomware trends and our in-depth analysis of the TTPs of the eight most widespread ransomware families. | Ransomware Threat | ||
|
2022-08-11 08:30:01 | OpenTIP, command line edition (lien direct) | We released Python-based command line tools for our OpenTIP service that also implement a client class that you can reuse in your own tools. | |||
|
2022-08-10 10:00:43 | VileRAT: DeathStalker\'s continuous strike at foreign and cryptocurrency exchanges (lien direct) | In late August 2020, we published an overview of DeathStalker’s profile and malicious activities, including their Janicab, Evilnum and PowerSing campaigns (PowerPepper was later documented in 2020). Notably, we exposed why we believe the threat actor may fit a group of mercenaries, offering hack-for-hire services, or acting as an information broker to support competitive and | Threat | ||
|
2022-08-09 10:00:46 | Andariel deploys DTrack and Maui ransomware (lien direct) | Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly. | Ransomware | ||
|
2022-08-08 08:00:10 | Targeted attack on industrial enterprises and public institutions (lien direct) | Kaspersky ICS CERT experts detected a wave of targeted attacks in several East European countries, as well as Afghanistan. Of the six backdoors identified on infected systems, five have been used earlier in attacks attributed to APT TA428. | |||
|
2022-08-03 08:00:22 | DDoS attacks in Q2 2022 (lien direct) | Politically-motivated cyberattacks dominated the DDoS landscape in the second quarter of 2022 just as they did in Q1. Also, we saw the continuation of a trend that began in spring: an increase in superlong attacks. | |||
|
2022-07-28 12:00:41 | LofyLife: malicious npm packages steal Discord tokens and bank card data (lien direct) | This week, we identified four suspicious packages in the Node Package Manager (npm) repository. All these packages contained highly obfuscated malicious Python and JavaScript code. We dubbed this malicious campaign “LofyLife”. | |||
|
2022-07-28 10:00:37 | (Déjà vu) APT trends report Q2 2022 (lien direct) | This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q2 2022. | Threat | ||
|
2022-07-25 10:00:32 | CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit (lien direct) | In this report, we present a UEFI firmware rootkit that we called CosmicStrand and attribute to an unknown Chinese-speaking threat actor. | Threat |
To see everything:
Our RSS (filtrered)
