Category: Securelist

We performed the security analysis of a Telit Cinterion modem in course of a bigger project of security assessment of a popular model of a truck and found eight vulnerabilities. This article has been indexed from Securelist Read the original…

Read more →

The report analyzes the security properties of a popular biometric access control terminal made by ZkTeco and describes vulnerabilities found in it. This article has been indexed from Securelist Read the original article: QR code SQL injection and other vulnerabilities…

Read more →

Explaining how scammers use phishing and OTP bots to gain access to accounts protected with 2FA. This article has been indexed from Securelist Read the original article: Bypassing 2FA with phishing and OTP bots

Read more →

In this report, Kaspersky shares non-mobile malware statistics for Q1 2024, including ransomware, miner and macOS malware statistics. This article has been indexed from Securelist Read the original article: IT threat evolution in Q1 2024. Non-mobile statistics

Read more →

In this report, we review the most significant malware-related events of Q1 2024: the disclosure of the hardware vulnerability used in Operation Triangulation, a lightweight method to detect iOS malware and DinodasRAT Linux implant. This article has been indexed from…

Read more →

Mobile malware statistics for Q1 2024: most common threats for Android, mobile banking Trojans, and ransomware Trojans. This article has been indexed from Securelist Read the original article: IT threat evolution in Q1 2024. Mobile statistics

Read more →

We analyze the tactics and techniques of attackers targeting organizations through trusted relationships – that is, through contractors and external IT service providers. This article has been indexed from Securelist Read the original article: Trusted relationship attacks: trust, but verify

Read more →

Here’s how scams target buyers and sellers on online message boards, and how the gangs behind them operate. This article has been indexed from Securelist Read the original article: Message board scams

Read more →

In this report Kaspersky ICS CERT shares statistics on threats blocked on ICS computers globally and in separate regions in Q1 2024: share of attacked computers, most affected industries, most common types of threats. This article has been indexed from…

Read more →

The Kaspersky GERT has detected a new group that has been abusing Microsoft Windows features by modifying the system to lower the defenses and using the local MS BitLocker utility to encrypt entire drives and demand a ransom. This article…

Read more →

This is the first part of the research, devoted to null session vulnerability, unauthorized MS-RPC interface and domain user enumeration. This article has been indexed from Securelist Read the original article: A journey into forgotten Null Session and MS-RPC interfaces

Read more →

In this report, we discuss two new stealers: Acrid and ScarletStealer, and an evolution of the known Sys01 stealer, with the latter two dividing stealer functionality across several modules. This article has been indexed from Securelist Read the original article:…

Read more →

The report shares statistics and observations from incident response practice in 2023, analyzes trends and gives cybersecurity recommendations. This article has been indexed from Securelist Read the original article: Incident response analyst report 2023

Read more →

In April 2024, while researching CVE-2023-36033, we discovered another zero-day elevation-of-privilege vulnerability, which was assigned CVE-2024-30051 identifier and patched on May, 14 as part of Microsoft’s patch Tuesday. We have seen it exploited by QuakBot and other malware. This article…

Read more →

In April 2024, while researching CVE-2023-36033, we discovered another zero-day elevation-of-privilege vulnerability, which was assigned CVE-2024-30051 identifier and patched on May, 14 as part of Microsoft’s patch Tuesday. We have seen it exploited by QuakBot and other malware. This article…

Read more →

The report shares statistics and observations from incident response practice in 2023, analyzes trends and gives cybersecurity recommendations. This article has been indexed from Securelist Read the original article: Incident response analyst report 2023

Read more →

The report features the most significant developments relating to APT groups in Q1 2024, including the new malware campaigns DuneQuixote and Durian, and hacktivist activity. This article has been indexed from Securelist Read the original article: APT trends report Q1…

Read more →

As Anti-Ransomware Day approaches, Kaspersky shares insights into the ransomware threat landscape and trends in 2023, and recent anti-ransomware activities by governments and law enforcement. This article has been indexed from Securelist Read the original article: State of ransomware in…

Read more →

The report provides vulnerability and exploit statistics, key trends, and analysis of interesting vulnerabilities discovered in Q1 2024. This article has been indexed from Securelist Read the original article: Exploits and vulnerabilities in Q1 2024

Read more →

In this report, we share our insights into the 2023 trends and statistics on financial threats, such as phishing, PC and mobile banking malware. This article has been indexed from Securelist Read the original article: Financial cyberthreats in 2023

Read more →