| 2024-11-19 |
Scammer Black Friday offers: Online shopping threats and dark web sales |
Publications ‧ Kaspersky |
|
| 2024-11-14 |
Сrimeware and financial cyberthreats in 2025 |
Kaspersky Security Bulletin ‧ GReAT |
|
| 2024-11-13 |
Threats in space (or rather, on Earth): internet-exposed GNSS receivers |
Research ‧ Isabel Manjarrez |
|
| 2024-11-11 |
Ymir: new stealthy ransomware in the wild |
Malware descriptions ‧ Cristian Souza, Ashley Muñoz, Eduardo Ovalle |
|
| 2024-11-08 |
QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns |
Malware descriptions ‧ Saurabh Sharma |
|
| 2024-11-06 |
New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency |
Malware descriptions ‧ Kirill Korchemny |
|
| 2024-10-31 |
Loose-lipped neural networks and lazy scammers |
Research ‧ Vladislav Tushkanov |
|
| 2024-10-29 |
Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses |
SOC, TI and IR posts ‧ Victor Sergeev, Amged Wageh, Ahmed Khlief |
|
| 2024-10-29 |
Lumma/Amadey: fake CAPTCHAs want to know if you’re human |
Malware descriptions ‧ Vasily Kolesnikov |
|
| 2024-10-23 |
The Crypto Game of Lazarus APT: Investors vs. Zero-days |
SAS ‧ Boris Larin, Vasily Berdnikov |
|
| 2024-10-23 |
Grandoreiro, the global trojan with grandiose goals |
Malware descriptions ‧ GReAT |
|
| 2024-10-21 |
Stealer here, stealer there, stealers everywhere! |
Crimeware reports ‧ GReAT |
|
| 2024-10-18 |
Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia |
Crimeware reports ‧ Kaspersky |
|
| 2024-10-17 |
SAS CTF and the many ways to persist a kernel shellcode on Windows 7 |
SAS ‧ Igor Kuznetsov, Boris Larin |
|
| 2024-10-15 |
Beyond the Surface: the evolution and expansion of the SideWinder APT group |
APT reports ‧ Giampaolo Dedola, Vasily Berdnikov |
|
| 2024-10-14 |
Whispers from the Dark Web Cave. Cyberthreats in the Middle East |
SOC, TI and IR posts ‧ Vera Kholopova, Kaspersky Security Services |
|
| 2024-10-07 |
Awaken Likho is awake: new techniques of an APT group |
Crimeware reports ‧ Kaspersky |
|
| 2024-10-04 |
Scam Information and Event Management |
Malware descriptions ‧ Alexander Kryazhev, Denis Sitchikhin |
|
| 2024-10-02 |
Finding a needle in a haystack: Machine learning at the forefront of threat hunting research |
Publications ‧ Mohamad Amin Hasbini |
|
| 2024-10-01 |
Key Group: another ransomware group using leaked builders |
Crimeware reports ‧ Kaspersky |
|
| 2024-09-26 |
Threat landscape for industrial automation systems, Q2 2024 |
Industrial threats ‧ Kaspersky ICS CERT |
|
| 2024-09-25 |
From 12 to 21: how we discovered connections between the Twelve and BlackJack groups |
Crimeware reports ‧ Kaspersky |
|
| 2024-09-24 |
Web tracking report: who monitored users’ online activities in 2023–2024 the most |
Research ‧ Anna Larkina, Flavio Negrini |
|
| 2024-09-23 |
How the Necro Trojan infiltrated Google Play, again |
Malware descriptions ‧ Dmitry Kalinin |
|
| 2024-09-20 |
-=TWELVE=- is back |
Crimeware reports ‧ Kaspersky |
|
| 2024-09-18 |
Exotic SambaSpy is now dancing with Italian users |
Crimeware reports ‧ GReAT |
|
| 2024-09-09 |
Loki: a new private agent for the popular Mythic framework |
Malware descriptions ‧ Artem Ushkov |
|
| 2024-09-05 |
Tropic Trooper spies on government entities in the Middle East |
Malware descriptions ‧ Sherif Magdy |
|
| 2024-09-04 |
Mallox ransomware: in-depth analysis and evolution |
Crimeware reports ‧ Fedor Sinitsyn, Yanis Zinchenko |
|
| 2024-09-03 |
A deep dive into the most interesting incident response cases of last year |
SOC, TI and IR posts ‧ Eduardo Ovalle, Ahmad Zaidi Said, AbdulRhman Alfaifi |
|
| 2024-09-03 |
IT threat evolution in Q2 2024. Non-mobile statistics |
Malware reports ‧ AMR |
|
| 2024-09-03 |
IT threat evolution in Q2 2024. Mobile statistics |
Malware reports ‧ Anton Kivva |
|
| 2024-09-03 |
IT threat evolution Q2 2024 |
Malware reports ‧ David Emm |
|
| 2024-09-02 |
Head Mare: adventures of a unicorn in Russia and Belarus |
Crimeware reports ‧ Kaspersky |
|
| 2024-08-27 |
HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat |
Malware descriptions ‧ Sergey Puzan |
|
| 2024-08-22 |
Memory corruption vulnerabilities in Suricata and FreeRDP |
Vulnerability reports ‧ Dmitry Shmoylov, Evgeny Legerov, Denis Skvortsov |
|
| 2024-08-21 |
Exploits and vulnerabilities in Q2 2024 |
Vulnerability reports ‧ Vitaly Morgunov, Alexander Kolesnikov |
|
| 2024-08-20 |
Approach to mainframe penetration testing on z/OS |
SOC, TI and IR posts ‧ Denis Stepanov, Alexander Korotin |
|
| 2024-08-19 |
BlindEagle flying high in Latin America |
APT reports ‧ GReAT |
|
| 2024-08-16 |
Tusk: unraveling a complex infostealer campaign |
SOC, TI and IR posts ‧ Elsayed Elrefaei, AbdulRhman Alfaifi |
|
| 2024-08-14 |
EastWind campaign: new CloudSorcerer attacks on government organizations in Russia |
APT reports ‧ GReAT |
|
| 2024-08-13 |
APT trends report Q2 2024 |
APT reports ‧ GReAT |
|
| 2024-08-12 |
Indirect prompt injection in the real world: how people manipulate neural networks |
Research ‧ Vladislav Tushkanov |
|
| 2024-08-05 |
LianSpy: new Android spyware targeting Russian users |
Malware descriptions ‧ Dmitry Kalinin |
|
| 2024-08-01 |
How “professional” ransomware variants boost cybercrime groups |
Crimeware reports ‧ GReAT |
|
| 2024-07-29 |
Mandrake spyware sneaks onto Google Play again, flying under the radar for two years |
Malware descriptions ‧ Tatyana Shishkova, Igor Golovin |
|
| 2024-07-11 |
When spear phishing met mass phishing |
Spam and phishing ‧ Roman Dedenok |
|
| 2024-07-09 |
Developing and prioritizing a detection engineering backlog based on MITRE ATT&CK |
SOC, TI and IR posts ‧ Roman Nazarov, Andrey Tamoykin, Kaspersky Security Services |
|
| 2024-07-08 |
CloudSorcerer – A new APT targeting Russian government entities |
APT reports ‧ GReAT |
|
| 2024-07-02 |
Analysis of user password strength |
Research ‧ Alexey Antonov |
|
| 2024-06-25 |
Cybersecurity in the SMB space — a growing threat |
Research ‧ Kaspersky |
|
| 2024-06-24 |
XZ backdoor: Hook analysis |
Incidents ‧ Anderson Leite, Sergey Belov |
|
| 2024-06-18 |
Analysis of user password strength |
Research ‧ Alexey Antonov |
|
| 2024-06-13 |
Cinterion EHS5 3G UMTS/HSPA Module Research |
Research ‧ Kaspersky ICS CERT |
|
| 2024-06-11 |
QR code SQL injection and other vulnerabilities in a popular biometric terminal |
Research ‧ Georgy Kiguradze |
|
| 2024-06-10 |
Bypassing 2FA with phishing and OTP bots |
Spam and phishing ‧ Olga Svistunova |
|
| 2024-06-03 |
IT threat evolution in Q1 2024. Mobile statistics |
Malware reports ‧ Anton Kivva |
|
| 2024-06-03 |
IT threat evolution Q1 2024 |
Malware reports ‧ David Emm |
|
| 2024-06-03 |
IT threat evolution in Q1 2024. Non-mobile statistics |
Malware reports ‧ AMR |
|
| 2024-05-28 |
Trusted relationship attacks: trust, but verify |
SOC, TI and IR posts ‧ Dmitry Kachan, Alina Sukhanova |
|
| 2024-05-27 |
Message board scams |
Spam and phishing ‧ CFR team |
|
| 2024-05-27 |
Threat landscape for industrial automation systems, Q1 2024 |
Industrial threats ‧ Kaspersky ICS CERT |
|
| 2024-05-23 |
ShrinkLocker: Turning BitLocker into ransomware |
SOC, TI and IR posts ‧ Cristian Souza, Eduardo Ovalle, Ashley Muñoz, Christopher Zachor |
|
| 2024-05-23 |
A journey into forgotten Null Session and MS-RPC interfaces |
Research ‧ Haidar Kabibo |
|
| 2024-05-22 |
Stealers, stealers and more stealers |
Malware reports ‧ GReAT |
|
| 2024-05-15 |
QakBot attacks with Windows zero-day (CVE-2024-30051) |
Software ‧ Boris Larin, Mert Degirmenci |
|
| 2024-05-14 |
Incident response analyst report 2023 |
SOC, TI and IR posts ‧ Kaspersky GERT, Kaspersky Security Services |
|
| 2024-05-09 |
APT trends report Q1 2024 |
APT reports ‧ GReAT |
|
| 2024-05-08 |
State of ransomware in 2024 |
Publications ‧ Kaspersky |
|
| 2024-05-07 |
Exploits and vulnerabilities in Q1 2024 |
Publications ‧ Alexander Kolesnikov, Vitaly Morgunov |
|
| 2024-05-06 |
Financial cyberthreats in 2023 |
Publications ‧ Kaspersky |
|
| 2024-04-30 |
Managed Detection and Response in 2023 |
SOC, TI and IR posts ‧ Kaspersky Security Services |
|
| 2024-04-24 |
Assessing the Y, and How, of the XZ Utils incident |
Incidents ‧ GReAT |
|
| 2024-04-22 |
ToddyCat is making holes in your infrastructure |
APT reports ‧ Andrey Gunkin, Alexander Fedotov, Natalya Shornikova |
|
| 2024-04-18 |
DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware |
APT reports ‧ GReAT |
|
| 2024-04-17 |
SoumniBot: the new Android banker’s unique techniques |
Malware descriptions ‧ Dmitry Kalinin |
|
| 2024-04-15 |
Using the LockBit builder to generate targeted ransomware |
Malware descriptions ‧ Eduardo Ovalle, Francesco Figurelli, Cristian Souza, Ashley Muñoz |
|
| 2024-04-12 |
XZ backdoor story – Initial analysis |
Incidents ‧ GReAT |
|
| 2024-03-28 |
DinodasRAT Linux implant targeting entities worldwide |
Malware descriptions ‧ Anderson Leite, Lisandro Ubiedo |
|
| 2023-08-30 |
IT threat evolution in Q2 2023. Non-mobile statistics |
Malware reports ‧ AMR |
|
| 2023-08-30 |
IT threat evolution in Q2 2023. Mobile statistics |
Malware reports ‧ Anton Kivva |
|
| 2023-08-30 |
IT threat evolution in Q2 2023 |
Malware reports ‧ David Emm |
|
| 2023-08-25 |
Lockbit leak, research opportunities on tools leaked from TAs |
Research ‧ Eduardo Ovalle, Francesco Figurelli |
|
| 2023-08-14 |
Phishing with hacked sites |
Spam and phishing ‧ Tatyana Machneva, Olga Svistunova |
|
| 2023-08-10 |
Focus on DroxiDat/SystemBC |
APT reports ‧ Kurt Baumgartner |
|
| 2023-08-10 |
Common TTPs of attacks against industrial organizations |
Industrial threats ‧ Kirill Kruglov, Vyacheslav Kopeytsev, Artem Snegirev |
|
| 2023-08-03 |
What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot |
Malware reports ‧ GReAT |
|
| 2023-07-28 |
Anomaly detection in certificate-based TGT requests |
Research ‧ Alexander Rodchenko |
|
| 2023-07-27 |
APT trends report Q2 2023 |
APT reports ‧ GReAT |
|
| 2023-07-19 |
Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability |
Research ‧ Francesco Figurelli, Eduardo Ovalle |
|
| 2023-07-05 |
Email crypto phishing scams: stealing from hot and cold crypto wallets |
Spam and phishing ‧ Roman Dedenok, Konstantin Zykov |
|
| 2023-06-28 |
Andariel’s silly mistakes and a new malware family |
Malware reports ‧ GReAT, Kaspersky ICS CERT |
|
| 2023-06-27 |
How cybercrime is impacting SMBs in 2023 |
Publications ‧ Kaspersky |
|
| 2023-06-22 |
LockBit Green and phishing that targets organizations |
Malware reports ‧ GReAT |
|
| 2023-06-21 |
Dissecting TriangleDB, a Triangulation spyware implant |
Malware descriptions ‧ Georgy Kucherin, Leonid Bezvershenko, Igor Kuznetsov |
|
| 2023-06-20 |
A bowl full of security problems: Examining the vulnerabilities of smart pet feeders |
Research ‧ Roland Sako |
|
| 2023-06-15 |
Understanding Malware-as-a-Service |
SOC, TI and IR posts ‧ Kaspersky Security Services, Alexander Zabrovsky |
|
| 2023-06-12 |
Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency |
Malware reports ‧ GReAT, Sergey Lozhkin |
|
| 2023-06-07 |
IT threat evolution Q1 2023 |
Malware reports ‧ David Emm |
|
| 2023-06-07 |
IT threat evolution Q1 2023. Mobile statistics |
Malware reports ‧ Anton Kivva |
|
