Category: Securelist

We analyze the built-in protection mechanisms in macOS: how they work, how threat actors can attack them or deceive users, and how to detect such attacks. This article has been indexed from Securelist Read the original article: How attackers adapt…

Read more →

This report provides statistical data on published vulnerabilities and exploits we researched in Q2 2025. It also includes summary data on the use of C2 frameworks. This article has been indexed from Securelist Read the original article: Exploits and vulnerabilities…

Read more →

Modern vehicles, their current and future threats, and approaches to automotive cybersecurity. This article has been indexed from Securelist Read the original article: Modern vehicle cybersecurity trends

Read more →

Kaspersky experts analyze GodRAT, a new Gh0st RAT-based tool attacking financial firms. It is likely a successor of the AwesomePuppet RAT connected to the Winnti group. This article has been indexed from Securelist Read the original article: GodRAT – New…

Read more →

Kaspersky experts analyze GodRAT, a new Gh0st RAT-based tool attacking financial firms. It is likely a successor of the AwesomePuppet RAT connected to the Winnti group. This article has been indexed from Securelist Read the original article: GodRAT – New…

Read more →

We examine the evolution of the PipeMagic backdoor and the TTPs of its operators – from the RansomExx incident in 2022 to attacks in Brazil and Saudi Arabia, and the exploitation of CVE-2025-29824 in 2025. This article has been indexed…

Read more →

Common tactics in phishing and scams in 2025: learn about the use of AI and deepfakes, phishing via Telegram, Google Translate and Blob URLs, biometric data theft, and more. This article has been indexed from Securelist Read the original article:…

Read more →

The Efimer Trojan spreads through email and hacked WordPress websites, steals cryptocurrency, and substitutes wallets in the clipboard. This article has been indexed from Securelist Read the original article: Scammers mass-mailing the Efimer Trojan to steal crypto

Read more →

In an incident response case, Kaspersky experts discovered new malware that terminates AV processes by abusing the legitimate ThrottleStop driver. Kaspersky solutions successfully counter and detect this threat. This article has been indexed from Securelist Read the original article: Driver…

Read more →

A campaign targeting Russian entities leveraged social media, Microsoft Learn Challenge, Quora, and GitHub as intermediate C2 servers to deliver Cobalt Strike Beacon. This article has been indexed from Securelist Read the original article: Cobalt Strike Beacon delivered via GitHub…

Read more →

A campaign targeting Russian entities leveraged social media, Microsoft Learn Challenge, Quora, and GitHub as intermediate C2 servers to deliver Cobalt Strike Beacon. This article has been indexed from Securelist Read the original article: Cobalt Strike Beacon delivered via GitHub…

Read more →

Explaining the ToolShell vulnerabilities in SharePoint: how the POST request exploit works, why initial patches can be easily bypassed, and how to stay protected. This article has been indexed from Securelist Read the original article: ToolShell: a story of five…

Read more →

Kaspersky experts analyze an incident that saw APT41 launch a targeted attack on government IT services in Africa. This article has been indexed from Securelist Read the original article: The SOC files: Rumble in the jungle or APT41’s new target…

Read more →

Kaspersky experts analyze an incident that saw APT41 launch a targeted attack on government IT services in Africa. This article has been indexed from Securelist Read the original article: The SOC files: Rumble in the jungle or APT41’s new target…

Read more →

Kaspersky experts analyze an incident that saw APT41 launch a targeted attack on government IT services in Africa. This article has been indexed from Securelist Read the original article: Rumble in the jungle: APT41’s new target in Africa

Read more →

In an incident response case in Asia, Kaspersky researchers discovered a new backdoor for Microsoft Exchange servers, based on open-source tools and dubbed “GhostContainer”. This article has been indexed from Securelist Read the original article: GhostContainer backdoor: malware compromising Exchange…

Read more →

A Kaspersky GERT expert describes the UserAssist Windows artifact, including previously undocumented binary data structure, and shares a useful parsing tool. This article has been indexed from Securelist Read the original article: Forensic journey: Breaking down the UserAssist artifact structure

Read more →

Kaspersky GReAT experts uncover malicious extensions for Cursor AI that download the Quasar backdoor and a crypto stealer. This article has been indexed from Securelist Read the original article: Code highlighting with Cursor AI for $500,000

Read more →

Kaspersky experts have discovered a new spyware called Batavia, which steals data from corporate devices. This article has been indexed from Securelist Read the original article: Batavia spyware steals data from Russian organizations

Read more →

We have explored the RACF security package in z/OS and developed a utility to interact with its database. Now, we are assessing RACF configuration security for penetration testing. This article has been indexed from Securelist Read the original article: Approach…

Read more →