Tag: Securelist

The report contains statistics on various threats detected and blocked on ICS computers in Q3 2025, including miners, ransomware, spyware, etc. This article has been indexed from Securelist Read the original article: Threat landscape for industrial automation systems in Q3…

Read more →

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant. This article has been indexed from Securelist Read the original article: Evasive Panda APT poisons DNS requests…

Read more →

We share the results of assessing the effectiveness of Kaspersky SIEM in real-world infrastructures and explore common challenges and solutions to these. This article has been indexed from Securelist Read the original article: Assessing SIEM effectiveness

Read more →

We dissect the new Webrat campaign where the Trojan spreads via GitHub repositories, masquerading as critical vulnerability exploits to target cybersecurity researchers. This article has been indexed from Securelist Read the original article: From cheats to exploits: Webrat spreading via…

Read more →

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas. This article has been indexed from Securelist Read the original article: Cloud Atlas activity in the first…

Read more →

Kaspersky expert describes how DCOM interfaces can be abused to load malicious DLLs into memory using the Windows Registry and Control Panel. This article has been indexed from Securelist Read the original article: Yet another DCOM object for lateral movement

Read more →

Kaspersky’s GReAT experts have uncovered a new wave of cyberattacks by the ForumTroll APT group, targeting Russian political scientists and delivering the Tuoni framework to their devices. This article has been indexed from Securelist Read the original article: Operation ForumTroll…

Read more →

Kaspersky researchers describe how they gained access to a vehicle’s head unit by exploiting a single vulnerability in its modem. This article has been indexed from Securelist Read the original article: God Mode On: how we attacked a vehicle’s head…

Read more →

Kaspersky researchers have discovered a new Android banking Trojan targeting Turkish users and posing as an app for accessing court case files via an official government webpage. The malware is being actively developed and may become MaaS in the future.…

Read more →

Kaspersky expert describes the Zigbee wireless protocol and presents two application-level attack vectors that allow Zigbee endpoints to be turned on and off. This article has been indexed from Securelist Read the original article: Turn me on, turn me off:…

Read more →

Kaspersky experts detail the journey of the victims’ data after a phishing attack. We break down the use of email-based phishing kits, Telegram bots, and customized administration panels. This article has been indexed from Securelist Read the original article: Following…

Read more →

We analyze the network activity of the Mythic framework, focusing on agent-to-C2 communication, and use signature and behavioral analysis to create detection rules for Network Detection and Response (NDR) solutions. This article has been indexed from Securelist Read the original…

Read more →

Threat actors are now exploiting CVE-2025-55182, and attacks are poised to grow. Here’s what you need to know about the vulnerability, how our honeypots are being targeted, what malware is being deployed, and how to protect your systems. This article…

Read more →

Kaspersky researchers analyze changes in the lifespan of a shadow Telegram channel, blocks, and migration to other platforms. This article has been indexed from Securelist Read the original article: Goodbye, dark Telegram: Blocks are pushing the underground out

Read more →

Kaspersky researchers uncover a new version of the Shai Hulud npm worm, which is attacking targets in Russia, India, Brazil, China, and other countries, and has wiper features. This article has been indexed from Securelist Read the original article: Shai…

Read more →

This report provides statistical data on vulnerabilities published and exploits we researched during the third quarter of 2025. It also includes summary data on the use of C2 frameworks. This article has been indexed from Securelist Read the original article:…

Read more →

Kaspersky Security Bulletin contains statistics on various cyberthreats for the period from November 2024 to October 2025, which are based on anonymized data voluntarily provided by Kaspersky users via Kaspersky Security Network (KSN). This article has been indexed from Securelist…

Read more →

Kaspersky discloses new tools and techniques discovered in 2025 Tomiris activities: multi-language reverse shells, Havoc and AdaptixC2 open-source frameworks, communications via Discord and Telegram. This article has been indexed from Securelist Read the original article: Tomiris wreaks Havoc: New tools…

Read more →

This article covers NTLM relay, credential forwarding, and other NTLM-related vulnerabilities and cyberattacks discovered in 2025. This article has been indexed from Securelist Read the original article: Old tech, new vulnerabilities: NTLM abuse, ongoing exploitation in 2025

Read more →

How cybercriminals prepare for Black Friday: phishing, scams and malware targeting online shoppers and gamers, fake sales in spam and real sales on the dark web. This article has been indexed from Securelist Read the original article: To buy or…

Read more →