Tag: Securelist

Kaspersky researchers identified a new Android Trojan dubbed BeatBanker targeting Brazil, posing as government apps and Google Play Store, and capable of both crypto mining and stealing banking data. This article has been indexed from Securelist Read the original article:…

Read more →

This report provides statistical data on published vulnerabilities and exploits we researched during Q4 2025. It also includes summary data on the use of C2 frameworks in APT attacks. This article has been indexed from Securelist Read the original article:…

Read more →

Statistics on Android malware and the most notable mobile threats of 2025: preinstalled backdoors Keenadu and Triada, spyware Trojans, the Kimwolf IoT botnet, and Mamont banking Trojans. This article has been indexed from Securelist Read the original article: Mobile malware…

Read more →

Kaspersky researchers analyze a C++ and Python stealer dubbed “Arkanix Stealer”, which was active for several months, targeted wide range of data, was distributed as MaaS and offered referral program to its partners. This article has been indexed from Securelist…

Read more →

Kaspersky experts have uncovered Keenadu, a sophisticated new backdoor targeting tablet firmware as well as system-level and Google Play apps. They also revealed connections between the world’s most prolific Android botnets. This article has been indexed from Securelist Read the…

Read more →

We disclose new details about campaigns involving RenEngine and HijackLoader malware. Since March 2025, attackers have been distributing the Lumma stealer in a complex chain of infections, and in February 2026, ongoing attacks using ACR Stealer became known. This article…

Read more →

The report contains statistics on spam and phishing in 2025, outlining the main trends: phishing and scam QR codes, ClickFix attacks, ChatGPT subscription lures and others. This article has been indexed from Securelist Read the original article: Spam and phishing…

Read more →

We analyze the recent Stan Ghouls campaign targeting organizations in Russia and Uzbekistan: Java-based loaders, the NetSupport RAT, and a potential interest in IoT. This article has been indexed from Securelist Read the original article: Stan Ghouls targeting Russia and…

Read more →

Kaspersky GReAT experts discovered previously undocumented infection chains used in the Notepad++ supply chain attacks. The article provides new IoCs related to those incidents which employ DLL sideloading and Cobalt Strike Beacon delivery. This article has been indexed from Securelist…

Read more →

On January 20, Kaspersky solutions detected malware used in eScan antivirus supply chain attack. In this article we provide available information on the threat: indicators of compromise, threat hunting and mitigating tips, etc. This article has been indexed from Securelist…

Read more →

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer. This article has been indexed from Securelist Read the original…

Read more →

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor. This article has been indexed from Securelist Read the original article: The HoneyMyte APT evolves…

Read more →

The report contains statistics on various threats detected and blocked on ICS computers in Q3 2025, including miners, ransomware, spyware, etc. This article has been indexed from Securelist Read the original article: Threat landscape for industrial automation systems in Q3…

Read more →

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant. This article has been indexed from Securelist Read the original article: Evasive Panda APT poisons DNS requests…

Read more →

We share the results of assessing the effectiveness of Kaspersky SIEM in real-world infrastructures and explore common challenges and solutions to these. This article has been indexed from Securelist Read the original article: Assessing SIEM effectiveness

Read more →

We dissect the new Webrat campaign where the Trojan spreads via GitHub repositories, masquerading as critical vulnerability exploits to target cybersecurity researchers. This article has been indexed from Securelist Read the original article: From cheats to exploits: Webrat spreading via…

Read more →

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas. This article has been indexed from Securelist Read the original article: Cloud Atlas activity in the first…

Read more →

Kaspersky expert describes how DCOM interfaces can be abused to load malicious DLLs into memory using the Windows Registry and Control Panel. This article has been indexed from Securelist Read the original article: Yet another DCOM object for lateral movement

Read more →

Kaspersky’s GReAT experts have uncovered a new wave of cyberattacks by the ForumTroll APT group, targeting Russian political scientists and delivering the Tuoni framework to their devices. This article has been indexed from Securelist Read the original article: Operation ForumTroll…

Read more →

Kaspersky researchers describe how they gained access to a vehicle’s head unit by exploiting a single vulnerability in its modem. This article has been indexed from Securelist Read the original article: God Mode On: how we attacked a vehicle’s head…

Read more →