Category: Securelist

The Efimer Trojan spreads through email and hacked WordPress websites, steals cryptocurrency, and substitutes wallets in the clipboard. This article has been indexed from Securelist Read the original article: Scammers mass-mailing the Efimer Trojan to steal crypto

Read more →

In an incident response case, Kaspersky experts discovered new malware that terminates AV processes by abusing the legitimate ThrottleStop driver. Kaspersky solutions successfully counter and detect this threat. This article has been indexed from Securelist Read the original article: Driver…

Read more →

A campaign targeting Russian entities leveraged social media, Microsoft Learn Challenge, Quora, and GitHub as intermediate C2 servers to deliver Cobalt Strike Beacon. This article has been indexed from Securelist Read the original article: Cobalt Strike Beacon delivered via GitHub…

Read more →

A campaign targeting Russian entities leveraged social media, Microsoft Learn Challenge, Quora, and GitHub as intermediate C2 servers to deliver Cobalt Strike Beacon. This article has been indexed from Securelist Read the original article: Cobalt Strike Beacon delivered via GitHub…

Read more →

Explaining the ToolShell vulnerabilities in SharePoint: how the POST request exploit works, why initial patches can be easily bypassed, and how to stay protected. This article has been indexed from Securelist Read the original article: ToolShell: a story of five…

Read more →

Kaspersky experts analyze an incident that saw APT41 launch a targeted attack on government IT services in Africa. This article has been indexed from Securelist Read the original article: The SOC files: Rumble in the jungle or APT41’s new target…

Read more →

Kaspersky experts analyze an incident that saw APT41 launch a targeted attack on government IT services in Africa. This article has been indexed from Securelist Read the original article: The SOC files: Rumble in the jungle or APT41’s new target…

Read more →

Kaspersky experts analyze an incident that saw APT41 launch a targeted attack on government IT services in Africa. This article has been indexed from Securelist Read the original article: Rumble in the jungle: APT41’s new target in Africa

Read more →

In an incident response case in Asia, Kaspersky researchers discovered a new backdoor for Microsoft Exchange servers, based on open-source tools and dubbed “GhostContainer”. This article has been indexed from Securelist Read the original article: GhostContainer backdoor: malware compromising Exchange…

Read more →

A Kaspersky GERT expert describes the UserAssist Windows artifact, including previously undocumented binary data structure, and shares a useful parsing tool. This article has been indexed from Securelist Read the original article: Forensic journey: Breaking down the UserAssist artifact structure

Read more →

Kaspersky GReAT experts uncover malicious extensions for Cursor AI that download the Quasar backdoor and a crypto stealer. This article has been indexed from Securelist Read the original article: Code highlighting with Cursor AI for $500,000

Read more →

Kaspersky experts have discovered a new spyware called Batavia, which steals data from corporate devices. This article has been indexed from Securelist Read the original article: Batavia spyware steals data from Russian organizations

Read more →

We have explored the RACF security package in z/OS and developed a utility to interact with its database. Now, we are assessing RACF configuration security for penetration testing. This article has been indexed from Securelist Read the original article: Approach…

Read more →

In its annual SMB threat report, Kaspersky shares insights into trends and statistics on malware, phishing, scams, and other threats to small and medium-sized businesses, as well as security tips. This article has been indexed from Securelist Read the original…

Read more →

In its annual SMB threat report, Kaspersky shares insights into trends and statistics on malware, phishing, scams, and other threats to small and medium-sized businesses, as well as security tips. This article has been indexed from Securelist Read the original…

Read more →

SparkKitty, a new Trojan spy for iOS and Android, spreads through untrusted websites, the App Store, and Google Play, stealing images from users’ galleries. This article has been indexed from Securelist Read the original article: SparkKitty, SparkCat’s little brother: A…

Read more →

Kaspersky GReAT experts discovered a new malicious implant: BrowserVenom. It enables a proxy in browsers like Chrome and Mozilla and spreads through a DeepSeek-mimicking phishing website. This article has been indexed from Securelist Read the original article: Toxic trend: Another…

Read more →

Kaspersky GReAT experts discovered a new malicious implant: BrowserVenom. It enables a proxy in browsers like Chrome and Mozilla and spreads through a DeepSeek-mimicking phishing website. This article has been indexed from Securelist Read the original article: Toxic trend: Another…

Read more →

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts. This article has been indexed from Securelist Read the original article: Sleep with…

Read more →

Kaspersky GReAT experts describe the new features of a Mirai variant: the latest botnet infections target TBK DVR devices with CVE-2024-3721. This article has been indexed from Securelist Read the original article: Analysis of the latest Mirai wave exploiting TBK…

Read more →