What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-24 10:00:19 | Lifting the veil on DeathStalker, a mercenary triumvirate (lien direct) | DeathStalker is a unique threat group that appears to target law firms and companies in the financial sector. They don't deploy ransomware or steal payment information to resell it, their interest in gathering sensitive business information. | Ransomware Threat | ||
|
2020-08-20 10:00:13 | Transparent Tribe: Evolution analysis, part 1 (lien direct) | Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as 2013. | APT 36 | ||
|
2020-08-13 10:00:09 | CactusPete APT group\'s updated Bisonal backdoor (lien direct) | A new CactusPete campaign shows that the group's favored types of target remain the same. The victims of the new variant of the Bisonal backdoor were from financial and military sectors located in Eastern Europe. | |||
|
2020-08-12 07:00:28 | Internet Explorer and Windows zero-day exploits used in Operation PowerFall (lien direct) | Kaspersky prevented an attack on a South Korean company by a malicious script for Internet Explorer. Closer analysis revealed that the attack used a previously unknown full chain that consisted of two zero-day exploits. | |||
|
2020-08-10 10:00:11 | DDoS attacks in Q2 2020 (lien direct) | The second quarter is normally calmer than the first, but this year is an exception. The long-term downward trend in DDoS-attacks has unfortunately been interrupted, and this time we are witnessing an increase. | |||
|
2020-08-07 10:00:07 | Spam and phishing in Q2 2020 (lien direct) | In Q2 2020, the largest share of spam (51.45 percent) was recorded in April. The average percentage of spam in global email traffic was 50,18%, down by 4.43 percentage points from the previous reporting period. | Spam | ||
|
2020-08-06 10:00:34 | Incident Response Analyst Report 2019 (lien direct) | As an incident response service provider, Kaspersky delivers a global service that results in a global visibility of adversaries' cyber-incident tactics and techniques on the wild. In this report, we share our teams' conclusions and analysis based on incident responses and statistics from 2019. | |||
|
2020-07-31 11:00:30 | WastedLocker: technical analysis (lien direct) | According to currently available information, in the attack on Garmin a targeted build of the Trojan WastedLocker was used. We have performed technical analysis of the Trojan sample. | |||
|
2020-07-29 10:00:09 | APT trends report Q2 2020 (lien direct) | This summary is based on our threat intelligence research and provides a representative snapshot of what we have published and discussed, focusing on activities that we observed during Q2 2020. | Threat | ||
|
2020-07-28 10:00:27 | Lazarus on the hunt for big game (lien direct) | By investigating a number of targeted ransomware attacks and through discussions with some of our trusted industry partners, we feel that we now have a good grasp on how the ransomware ecosystem is structured. | Ransomware | APT 38 | |
|
2020-07-22 10:00:57 | MATA: Multi-platform targeted malware framework (lien direct) | The MATA malware framework possesses several components, such as loader, orchestrator and plugins. The framework is able to target Windows, Linux and macOS operating systems. | Malware | ||
|
2020-07-21 10:00:17 | GReAT thoughts: Awesome IDA Pro plugins (lien direct) | In the second 'GReAT Ideas. Powered by SAS' webinar, I'll be talking about awesome IDA Pro plugins that I regularly use. This article is a sneak peek into what I'll be discussing. | |||
|
2020-07-16 10:00:19 | The Streaming Wars: A Cybercriminal\'s Perspective (lien direct) | Cyber threats aren't relegated to the world of big businesses and large-scale campaigns. The most frequent attacks aren't APTs and massive data breaches-they're the daily encounters with malware and spam by everyday users. | Spam Malware | ||
|
2020-07-15 10:00:13 | GReAT Ideas follow-up (lien direct) | The two hours of our first “GReAT Ideas. Powered by SAS” session were not enough for answering all of the questions raised, therefore we try to answer them below. | |||
|
2020-07-14 10:00:17 | The Tetrade: Brazilian banking malware goes global (lien direct) | This article is a deep dive intended for a complete understanding of these four banking trojan families: Guildma, Javali, Melcoz and Grandoreiro, as they expand abroad, targeting users not just in Brazil, but in the wider Latin America and Europe. | Malware | ||
|
2020-07-08 12:00:34 | Redirect auction (lien direct) | We've already looked at links under old YouTube videos or in Wikipedia articles which at some point turned bad and began pointing to partner program pages, phishing sites, or even malware. It was as if the attackers were purposely buying up domains, but such a scenario always seemed to us too complicated. | |||
|
2020-07-06 10:00:11 | Pig in a poke: smartphone adware (lien direct) | Our support team continues to receive more and more requests from users complaining about intrusive ads on their smartphones from unknown sources. | |||
|
2020-06-24 10:00:16 | Magnitude exploit kit – evolution (lien direct) | Exploit kits still play a role in today's threat landscape and continue to evolve. For this blogpost I studied and analyzed the evolution of one of the most sophisticated exploit kits out there – Magnitude EK – for a whole year. | Threat | ||
|
2020-06-23 10:00:08 | Oh, what a boot-iful mornin\' (lien direct) | In mid-April, our threat monitoring systems detected malicious files being distributed under the name "on the new initiative of the World Bank in connection with the coronavirus pandemic" (in Russian) with the extension EXE or RAR. Inside the files was the well-known Rovnix bootkit. | Threat | ||
|
2020-06-22 10:00:53 | Web skimming with Google Analytics (lien direct) | Recently, we identified several cases where Google Analytics was misused: attackers injected malicious code into sites, which collected all the data entered by users, and then sent it via Analytics. | |||
|
2020-06-19 10:00:10 | Microcin is here (lien direct) | In February 2020, we observed a Trojan injected into the system process memory on a particular host. The target turned out to be a diplomatic entity. We attribute this campaign with high confidence to the SixLittleMonkeys (aka Microcin) threat actor. | Threat | ||
|
2020-06-17 10:00:24 | Do cybercriminals play cyber games during quarantine? (lien direct) | Thanks to the coronavirus pandemic, the role of the Internet in our lives has undergone changes, including irreversible ones. We decided to take a closer look at the changes around us through the prism of information security, starting with the video game industry. | |||
|
2020-06-15 10:00:05 | Explicit content and cyberthreats: 2019 report (lien direct) | Over the past two years we have reviewed how adult content has been used to spread malware and abuse users' privacy. This is a trend that's unlikely to go away, especially under current circumstances. While many pornography platforms are enjoying an influx of new users and providing legitimate and safe services, the security risks remain, if not increase. | Malware | ||
|
2020-06-09 10:00:37 | Looking at Big Threats Using Code Similarity. Part 1 (lien direct) | Today, we are announcing the release of KTAE, the Kaspersky Threat Attribution Engine. This code attribution technology, developed initially for internal use by the Kaspersky Global Research and Analysis Team, is now being made available to a wider audience. | Threat | ||
|
2020-06-03 10:00:32 | Cycldek: Bridging the (air) gap (lien direct) | While investigating attacks related to a group named Cycldek post 2018, we were able to uncover various pieces of information on its activities that were not known thus far. |
To see everything:
Our RSS (filtrered)
