Category: Securelist

The report covers the tactics, techniques and tools most commonly deployed by threat actors, the nature of incidents detected and their distribution among MDR customers. This article has been indexed from Securelist Read the original article: Managed Detection and Response…

Read more →

The report covers the tactics, techniques and tools most commonly deployed by threat actors, the nature of incidents detected and their distribution among MDR customers. This article has been indexed from Securelist Read the original article: Managed Detection and Response…

Read more →

In this article we analyze social engineering aspects of the XZ backdoor incident. Namely pressuring the XZ maintainer to pass on the project to Jia Cheong Tan, and then urging major downstream maintainers to commit the backdoored code to their…

Read more →

We continue to report on the APT group ToddyCat. This time, we’ll talk about traffic tunneling, constant access to a target infrastructure and data extraction from hosts. This article has been indexed from Securelist Read the original article: ToddyCat is…

Read more →

New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and CR4T backdoor in C and Go. This article has been indexed from Securelist Read the original article: DuneQuixote campaign targets Middle Eastern…

Read more →

We review the new mobile Trojan banker SoumniBot, which exploits bugs in the Android manifest parser to dodge analysis and detection. This article has been indexed from Securelist Read the original article: SoumniBot: the new Android banker’s unique techniques

Read more →

Kaspersky researchers revisit the leaked LockBit 3.0 builder and share insights into a real-life incident involving a custom targeted ransomware variant created with this builder. This article has been indexed from Securelist Read the original article: Using the LockBit builder…

Read more →

Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server process. This article has been indexed from Securelist Read the original article: XZ backdoor story – Initial analysis

Read more →

In this article, we share our analysis of a recent version of the DinodasRAT implant for Linux, which may have been active since 2022. This article has been indexed from Securelist Read the original article: DinodasRAT Linux implant targeting entities…

Read more →

In this report, we share our latest Android malware findings: the Tambir spyware, Dwphon downloader and Gigabud banking Trojan. This article has been indexed from Securelist Read the original article: Android malware, Android malware and more Android malware

Read more →

Kaspersky ICS CERT shares industrial threat statistics for H2 2023: most commonly detected malicious objects, threat sources, threat landscape by industry and region. This article has been indexed from Securelist Read the original article: Threat landscape for industrial automation systems.…

Read more →

In this report, we highlight the key points about a class of recently-patched elevation-of-privilege vulnerabilities affecting Microsoft Windows, and then focus on how to check if any of them have been exploited or if there have been any attempts to exploit them.…

Read more →

Infected versions of the text editors VNote and Notepad‐‐ for Linux and macOS, apparently loading a backdoor, are being distributed through a Chinese search engine. This article has been indexed from Securelist Read the original article: What’s in your notepad?…

Read more →

In this report, Kaspersky shares statistics on stalkerware detections, as well as insights into the impact of digital stalking in 2023 and the beginning of 2024, and advice for those affected. This article has been indexed from Securelist Read the…

Read more →

Our Security assessment team set up rankings that reflected our take on the most widespread and critical web application vulnerabilities as viewed through a prism of eight years’ experience. This article has been indexed from Securelist Read the original article:…

Read more →

This report contains spam and phishing statistics for 2023, along with descriptions of the main trends, among these artificial intelligence, instant messaging phishing, and multilingual BEC attacks. This article has been indexed from Securelist Read the original article: Spam and…

Read more →

While investigating an incident, we detected uncommon malicious activity inside one of the systems. We ran an analysis on the artifacts, only to find that the adversary had deployed and launched the QEMU hardware emulator. This article has been indexed…

Read more →

Security research into an AI robot for kids revealed several vulnerabilities enabling a cybercriminal to take over device control and to video-chat with the kid. This article has been indexed from Securelist Read the original article: An educational robot security…

Read more →

This report details statistics and key trends associated with mobile malware: Google Play Trojans, malicious messaging app mods, and others. This article has been indexed from Securelist Read the original article: The mobile malware threat landscape in 2023

Read more →

We will delve into the workings of the infection chain and explore the capabilities of the new Trojan that specifically targets users of more than 60 banking institutions, mainly from Brazil. This article has been indexed from Securelist Read the…

Read more →