Attackers put phishing HTML files in IPFS thus cutting back on web hosting costs. IPFS is used in both mass phishing and targeted (spearphishing) campaigns. This article has been indexed from Securelist Read the original article: How scammers employ IPFS…
Category: Securelist
Understanding metrics to measure SOC effectiveness
How do we ensure the services being provided by SOCs are meeting expectations? How do we know continuous improvement is being incorporated in daily operations? The answer lies in the measurement of SOC internal processes and services. This article has…
Developing an incident response playbook
Incident response playbooks help optimize the SOC processes, and are a major step forward to SOC maturity, but can be challenging for a company to develop. In this article, I want to share some insights on how to create the…
Bad magic: new APT found in the area of Russo-Ukrainian conflict
In October 2022, we identified an active infection of government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions. This article has been indexed from Securelist Read the original article: Bad magic: new APT found in the…
Business on the dark web: deals and regulatory mechanisms
How deals and arrangements are made on the dark web, what parties are involved, what escrow services and arbitration are and how these affect the security of deals. This article has been indexed from Securelist Read the original article: Business…
Malvertising through search engines
Kaspersky observes a growth in malvertising activity that exploits Google search ads to promote fake software websites that deliver stealers, such as RedLine and Rhadamantys. This article has been indexed from Securelist Read the original article: Malvertising through search engines
The state of stalkerware in 2022
In 2022, Kaspersky data shows that 29,312 unique individuals around the world were affected by stalkerware. We detected 182 different stalkerware apps, the most popular one was Reptilicus. This article has been indexed from Securelist Read the original article: The…
Threat landscape for industrial automation systems for H2 2022
In H2 2022, the percentage of ICS computers on which malicious objects were blocked increased by 3.5 percentage points compared to the previous six-month period, reaching 34.3%. This article has been indexed from Securelist Read the original article: Threat landscape…
The mobile malware threat landscape in 2022
Android threat report by Kaspersky for 2022: malware on Google Play and inside the Vidmate in-app store, mobile malware statistics. This article has been indexed from Securelist Read the original article: The mobile malware threat landscape in 2022
IoC detection experiments with ChatGPT
We decided to check what ChatGPT already knows about threat research and whether it can help with identifying simple adversary tools and classic indicators of compromise, such as well-known malicious hashes and domains. This article has been indexed from Securelist…
Spam and phishing in 2022
Statistics on spam and phishing with the key trends in 2022: two-stage spear phishing, hijacking of social network and instant messaging accounts, import substitution, and survey phishing. This article has been indexed from Securelist Read the original article: Spam and…
IoC detection experiments with ChatGPT
We decided to check what ChatGPT already knows about threat research and whether it can help with identifying simple adversary tools and classic indicators of compromise, such as well-known malicious hashes and domains. This article has been indexed from Securelist…
Good, Perfect, Best: how the analyst can enhance penetration testing results
What is the analyst on a penetration testing team, what role they perform at Kaspersky, and why is their job vital to the success of the project? This article has been indexed from Securelist Read the original article: Good, Perfect,…
Web beacons on websites and in e-mail
Explaining web beacons (web bugs, spy or tracking pixels), what companies use these on websites and in e-mail, how and why. This article has been indexed from Securelist Read the original article: Web beacons on websites and in e-mail
Web beacons on websites and in e-mail
Explaining web beacons (web bugs, spy or tracking pixels), what companies use these on websites and in e-mail, how and why. This article has been indexed from Securelist Read the original article: Web beacons on websites and in e-mail
Prilex modification now targeting contactless credit card transactions
Kaspersky discovers three new variants of the Prilex PoS malware capable of blocking contactless NFC transactions on an infected device. This article has been indexed from Securelist Read the original article: Prilex modification now targeting contactless credit card transactions
Prilex modification now targeting contactless credit card transactions
Kaspersky discovers three new variants of the Prilex PoS malware capable of blocking contactless NFC transactions on an infected device. This article has been indexed from Securelist Read the original article: Prilex modification now targeting contactless credit card transactions
Come to the dark side: hunting IT professionals on the dark web
We have analyzed more than 800 IT job ads and resumes on the dark web. Here is what the dark web job market looks like. This article has been indexed from Securelist Read the original article: Come to the dark…
What your SOC will be facing in 2023
Supply chain and reoccurring attacks, data destruction, lack of staff — what challenges will your security operations center be facing in 2023? This article has been indexed from Securelist Read the original article: What your SOC will be facing in…
Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal data. In 2022, we observed a DNS changer function implemented in its Android malware Wroba.o. This article…
What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks
Kaspersky’s predictions about the threats to corporations in 2023: media blackmail, fake leaks, cloud attacks, and more advanced ransomware. This article has been indexed from Securelist Read the original article: What threatens corporations in 2023: media blackmail, fake leaks and…
How much security is enough?
A common perception in the infosec community is that there can never be too much security, but it is understood that “too much” security is expensive — and sometimes, prohibitively so — from a business perspective. So, where is that fine line…