Category: Securelist

Kaspersky experts analyze the ToddyCat APT attacks targeting corporate email. We examine the new version of TomBerBil, the TCSectorCopy and XstReader tools, and methods for stealing access tokens from Outlook. This article has been indexed from Securelist Read the original…

Read more →

This report examines how employment and recruitment function on the dark web, based on over 2,000 job-related posts collected from shadow forums between January 2023 and June 2025. This article has been indexed from Securelist Read the original article: Inside…

Read more →

Kaspersky GReAT experts discovered a new campaign featuring the Tsundere botnet. Node.js-based bots abuse web3 smart contracts and are spread via MSI installers and PowerShell scripts. This article has been indexed from Securelist Read the original article: Blockchain and Node.js…

Read more →

The report features statistics on mobile threats for the third quarter of 2025, along with interesting findings and trends from the quarter, including an increase in ransomware activity in Germany, and more. This article has been indexed from Securelist Read…

Read more →

The report presents key trends and statistics on malware that targets personal computers running Windows and macOS, as well as Internet of Things (IoT) devices, during the third quarter of 2025. This article has been indexed from Securelist Read the…

Read more →

Kaspersky GReAT experts dive deep into the BlueNoroff APT’s GhostCall and GhostHire campaigns. Extensive research detailing multiple malware chains targeting macOS, including a stealer suite, fake Zoom and Microsoft Teams clients and ChatGPT-enhanced images. This article has been indexed from…

Read more →

Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks. This article has been indexed from Securelist Read the original article: Mem3nt0 mori – The Hacking Team…

Read more →

Kaspersky experts break down the recent BetterBank incident involving ESTEEM token bonus minting due to the lack of liquidity pool validation. This article has been indexed from Securelist Read the original article: Deep analysis of the flaw in BetterBank reward…

Read more →

Common email phishing tactics in 2025 include PDF attachments with QR codes, password-protected PDF documents, calendar phishing, and advanced websites that validate email addresses. This article has been indexed from Securelist Read the original article: The evolving landscape of email…

Read more →

Kaspersky GReAT experts break down a recent PassiveNeuron campaign that targets servers worldwide with custom Neursite and NeuralExecutor APT implants and Cobalt Strike. This article has been indexed from Securelist Read the original article: PassiveNeuron: a sophisticated campaign targeting servers…

Read more →

The npm registry contains a malicious package that downloads the AdaptixC2 agent onto victims’ devices, Kaspersky experts have found. The threat targets Windows, Linux, and macOS. This article has been indexed from Securelist Read the original article: Post-exploitation framework now…

Read more →

Are you seeing your website traffic drop, and security systems blocking it for pornographic content that is not there? Hidden links, a type of SEO spam, could be the cause. This article has been indexed from Securelist Read the original…

Read more →

A malware campaign was recently detected in Brazil, distributing a malicious LNK file using WhatsApp. It delivered a new Maverick banker, which features code overlaps with Coyote malware. This article has been indexed from Securelist Read the original article: Maverick:…

Read more →

Kaspersky GReAT experts describe the latest Mysterious Elephant APT activity. The threat actor exfiltrates data related to WhatsApp and employs tools such as BabShell and MemLoader HidenDesk. This article has been indexed from Securelist Read the original article: Mysterious Elephant:…

Read more →

Kaspersky researchers identified over 2000 unique hashtags across 11,000 hacktivist posts on the surface web and the dark web to find out how hacktivist campaigns function and whom they target. This article has been indexed from Securelist Read the original…

Read more →

With the end of Windows 10 support approaching, we discuss which forensic artifacts in Windows 11 may be of interest. This article has been indexed from Securelist Read the original article: The king is dead, long live the king! Windows…

Read more →

An expert at the Kaspersky AI expertise center explains how the team developed a machine-learning model to identify DLL hijacking attacks. This article has been indexed from Securelist Read the original article: How we trained an ML model to detect…

Read more →

We will tell you how we integrated a DLL Hijacking detection model into the Kaspersky SIEM platform and how it helped us uncover several incidents in their early stages. This article has been indexed from Securelist Read the original article:…

Read more →

Kaspersky experts share insights into how AmCache may prove useful during incident investigation, and provide a command line tool to extract data from this artifact. This article has been indexed from Securelist Read the original article: Forensic journey: hunting evil…

Read more →

We dissect a recent incident where npm packages with millions of downloads were infected by the Shai-Hulud worm. Kaspersky experts describe the starting point for the source of the infection. This article has been indexed from Securelist Read the original…

Read more →