Category: Securelist

On December 4, 2019, we discovered watering hole websites that were compromised to selectively trigger a drive-by download attack with fake Adobe Flash update warnings.   Advertise on IT Security News. Read the complete article: Holy water: ongoing targeted water-holing…

Read more →

A watering hole was discovered on January 10, 2020 utilizing a full remote iOS exploit chain to deploy a feature-rich implant named LightSpy. The site appears to have been designed to target users in Hong Kong based on the content…

Read more →

Kaspersky discovered a malicious campaign distributing a fully fledged C++ Trojan that we call Milum. All the victims we registered were organizations from the Middle East. At least some of them are related to industrial sector.   Advertise on IT…

Read more →

Kaspersky discovered a malicious campaign distributing a fully fledged C++ Trojan that we call Milum. All the victims we registered were organizations from the Middle East. At least some of them are related to industrial sector.   Advertise on IT…

Read more →

If you have wondered how to leverage YARA better and how to achieve a new level of knowledge in APT detection, mitigation and response, we can help a bit with a preview of the secret ingredients.   Advertise on IT…

Read more →

If you have wondered how to leverage YARA better and how to achieve a new level of knowledge in APT detection, mitigation and response, we can help a bit with a preview of the secret ingredients.   Advertise on IT…

Read more →

The other day, our Android traps ensnared an interesting specimen of software that can be used for stalking. On closer inspection, we found that this app outstrips all existing software of its class in terms of functionality.   Advertise on…

Read more →

The other day, our Android traps ensnared an interesting specimen of stalkerware. On closer inspection, we found that this app outstrips all existing software of its class in terms of functionality.   Advertise on IT Security News. Read the complete…

Read more →

We recently discovered a new strain of Android malware. Trojan-Spy.AndroidOS.Cookiethief turned out to be quite simple. Its main task was to acquire root rights on the victim device, and transfer cookies used by the browser and Facebook app to the…

Read more →

We recently discovered a new approach to the well-known distributing malware technique: visitors to infected sites were informed that some kind of security certificate had expired.   Advertise on IT Security News. Read the complete article: Mokes and Buerak distributed…

Read more →

Kaspersky has continued to track the Roaming Mantis campaign. The group’s attack methods have improved and new targets continuously added in order to steal more funds.   Advertise on IT Security News. Read the complete article: Roaming Mantis, part V

Read more →

In 2019, Kaspersky mobile products and technologies detected 3,503,952 malicious installation packages, 69,777 new mobile banking Trojans and 68,362 new mobile ransomware Trojans.   Advertise on IT Security News. Read the complete article: Mobile malware evolution 2019

Read more →

In 2019, Kaspersky mobile products and technologies detected 3,503,952 malicious installation packages, 69,777 new mobile banking Trojans and 68,362 new mobile ransomware Trojans.   Advertise on IT Security News. Read the complete article: Mobile malware evolution 2019

Read more →

It is about two and half years since we first open-sourced a tool for remote digital forensics called Bitscout. Today, I am happy to announce that we are releasing a new version of Bitscout, based on the upcoming release of…

Read more →

We discovered what appears to be one of AZORult’s most unusual campaigns: abusing the ProtonVPN service and dropping malware via fake ProtonVPN installers for Windows.   Advertise on IT Security News. Read the complete article: AZORult spreads as a fake…

Read more →

Resulta llamativo que en el último trimestre del año la cantidad de ataques y de servidores de comando fuera mucho menor, mientras que el número de ataques muy largos (de más de 400 horas) supera los índices históricos.   Advertise…

Read more →

We recently discovered malware that spread through injecting malicious code into Windows executable files; in other words, a virus. It is the first “living” virus in recent years that we have spotted in the wild. We named it KBOT.  …

Read more →

We recently discovered malware that spread through injecting malicious code into Windows executable files; in other words, a virus. It is the first “living” virus in recent years that we have spotted in the wild. We named it KBOT.  …

Read more →

Shortly before Christmas and New Year scammers send themed spam, and offer fake sales, promotions, and payouts.   Advertise on IT Security News. Read the complete article: Happy New Fear! Gift-wrapped spam and phishing

Read more →

For close to two years now, the Shlayer Trojan has been the most common threat on the macOS platform: in 2019, one in ten of our Mac security solutions encountered this malware at least once.   Advertise on IT Security…

Read more →

Cybercriminals use Trojan-Dropper.AndroidOS.Shopper.a to boost certain app’s rating and increase the number of installations and registrations. All this can be used, among other things, to dupe advertisers.   Advertise on IT Security News. Read the complete article: Smartphone shopaholic

Read more →

To attack macOS users, the Lazarus group has developed homemade macOS malware, and added an authentication mechanism to deliver the next stage payload very carefully, as well as loading the next-stage payload without touching the disk.   Advertise on IT…

Read more →