Category: Securelist

While pentesting KasperskyOS-based Thin Client and IoT Secure Gateway, we found several vulnerabilities in the Suricata and FreeRDP open-source projects. We shared details on these vulnerabilities with the community along with our fuzzer. This article has been indexed from Securelist…

Read more →

The report contains statistics on vulnerabilities and exploits, with an analysis of interesting vulnerabilities found in Q2 2024. This article has been indexed from Securelist Read the original article: Exploits and vulnerabilities in Q2 2024

Read more →

We explain how mainframes work, potential attack vectors, and what to focus on when pentesting such systems. This article has been indexed from Securelist Read the original article: Approach to mainframe penetration testing on z/OS

Read more →

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries. This article has been indexed from Securelist Read the original article: BlindEagle flying…

Read more →

Kaspersky researchers discovered Tusk campaign with ongoing activity that uses Danabot and StealC infostealers and clippers to obtain cryptowallet credentials and system data. This article has been indexed from Securelist Read the original article: Tusk: unraveling a complex infostealer campaign

Read more →

Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools. This article has been indexed from Securelist Read the original article: EastWind campaign: new CloudSorcerer attacks on government organizations in…

Read more →

The report features the most significant developments relating to APT groups in Q2 2024, including the new backdoor in Linux utility XZ, a new RAT called SalmonQT, and hacktivist activity. This article has been indexed from Securelist Read the original…

Read more →

We studied data from the internet and Kaspersky internal sources to find out how and why people use indirect prompt injection. This article has been indexed from Securelist Read the original article: Indirect prompt injection in the real world: how…

Read more →

Previously unknown spyware LianSpy targets Android devices by exploiting root privileges to steal data and leveraging Yandex Disk cloud service as C2. This article has been indexed from Securelist Read the original article: LianSpy: new Android spyware targeting Russian users

Read more →

Previously unknown spyware LianSpy targets Android devices by exploiting root privileges to steal data and leveraging Yandex Disk cloud service as C2. This article has been indexed from Securelist Read the original article: LianSpy: new Android spyware targeting Russian users

Read more →

Kaspersky researchers investigated three ransomware groups that tapped newly built malware samples based on Babuk, Lockbit, Chaos and others, while lacking professional resources. This article has been indexed from Securelist Read the original article: How “professional” ransomware variants boost cybercrime…

Read more →

Mandrake spyware threat actors resume attacks with new functionality targeting Android devices while being publicly available on Google Play. This article has been indexed from Securelist Read the original article: Mandrake spyware sneaks onto Google Play again, flying under the…

Read more →

Mandrake spyware threat actors resume attacks with new functionality targeting Android devices while being publicly available on Google Play This article has been indexed from Securelist Read the original article: Mandrake spyware sneaks onto Google Play again, flying under the…

Read more →

Kaspersky experts have discovered a new scheme that combines elements of spear and mass phishing This article has been indexed from Securelist Read the original article: When spear phishing met mass phishing

Read more →

How a SOC can efficiently manage priorities when writing detection logic for various MITRE ATT&CK techniques and what tools can help. This article has been indexed from Securelist Read the original article: Developing and prioritizing a detection engineering backlog based…

Read more →

Kaspersky discovered a new APT CloudSorcerer targeting Russian government entities and using cloud services as C2, just like the CloudWizard actor. This article has been indexed from Securelist Read the original article: CloudSorcerer – A new APT targeting Russian government…

Read more →

Kaspersky analysts explain which applications are targeted the most, and how enterprises can protect themselves from phishing and spam. This article has been indexed from Securelist Read the original article: Cybersecurity in the SMB space — a growing threat

Read more →

Kaspersky analysts explain which applications are targeted the most, and how enterprises can protect themselves from phishing and spam. This article has been indexed from Securelist Read the original article: Cybersecurity in the SMB space — a growing threat

Read more →

In this article, we analyze XZ backdoor behavior inside OpenSSH, after it has achieved RSA-related function hook. This article has been indexed from Securelist Read the original article: XZ backdoor: Hook analysis

Read more →

Kaspersky experts conducted a study of password resistance to attacks that use brute force and smart guessing techniques. This article has been indexed from Securelist Read the original article: Analysis of user password strength

Read more →