Tag: Securelist

In this report, we review the most significant malware-related events of Q1 2024: the disclosure of the hardware vulnerability used in Operation Triangulation, a lightweight method to detect iOS malware and DinodasRAT Linux implant. This article has been indexed from…

Read more →

Mobile malware statistics for Q1 2024: most common threats for Android, mobile banking Trojans, and ransomware Trojans. This article has been indexed from Securelist Read the original article: IT threat evolution in Q1 2024. Mobile statistics

Read more →

We analyze the tactics and techniques of attackers targeting organizations through trusted relationships – that is, through contractors and external IT service providers. This article has been indexed from Securelist Read the original article: Trusted relationship attacks: trust, but verify

Read more →

Here’s how scams target buyers and sellers on online message boards, and how the gangs behind them operate. This article has been indexed from Securelist Read the original article: Message board scams

Read more →

In this report Kaspersky ICS CERT shares statistics on threats blocked on ICS computers globally and in separate regions in Q1 2024: share of attacked computers, most affected industries, most common types of threats. This article has been indexed from…

Read more →

The Kaspersky GERT has detected a new group that has been abusing Microsoft Windows features by modifying the system to lower the defenses and using the local MS BitLocker utility to encrypt entire drives and demand a ransom. This article…

Read more →

This is the first part of the research, devoted to null session vulnerability, unauthorized MS-RPC interface and domain user enumeration. This article has been indexed from Securelist Read the original article: A journey into forgotten Null Session and MS-RPC interfaces

Read more →

In this report, we discuss two new stealers: Acrid and ScarletStealer, and an evolution of the known Sys01 stealer, with the latter two dividing stealer functionality across several modules. This article has been indexed from Securelist Read the original article:…

Read more →

The report shares statistics and observations from incident response practice in 2023, analyzes trends and gives cybersecurity recommendations. This article has been indexed from Securelist Read the original article: Incident response analyst report 2023

Read more →

In April 2024, while researching CVE-2023-36033, we discovered another zero-day elevation-of-privilege vulnerability, which was assigned CVE-2024-30051 identifier and patched on May, 14 as part of Microsoft’s patch Tuesday. We have seen it exploited by QuakBot and other malware. This article…

Read more →

In April 2024, while researching CVE-2023-36033, we discovered another zero-day elevation-of-privilege vulnerability, which was assigned CVE-2024-30051 identifier and patched on May, 14 as part of Microsoft’s patch Tuesday. We have seen it exploited by QuakBot and other malware. This article…

Read more →

The report shares statistics and observations from incident response practice in 2023, analyzes trends and gives cybersecurity recommendations. This article has been indexed from Securelist Read the original article: Incident response analyst report 2023

Read more →

The report features the most significant developments relating to APT groups in Q1 2024, including the new malware campaigns DuneQuixote and Durian, and hacktivist activity. This article has been indexed from Securelist Read the original article: APT trends report Q1…

Read more →

As Anti-Ransomware Day approaches, Kaspersky shares insights into the ransomware threat landscape and trends in 2023, and recent anti-ransomware activities by governments and law enforcement. This article has been indexed from Securelist Read the original article: State of ransomware in…

Read more →

The report provides vulnerability and exploit statistics, key trends, and analysis of interesting vulnerabilities discovered in Q1 2024. This article has been indexed from Securelist Read the original article: Exploits and vulnerabilities in Q1 2024

Read more →

In this report, we share our insights into the 2023 trends and statistics on financial threats, such as phishing, PC and mobile banking malware. This article has been indexed from Securelist Read the original article: Financial cyberthreats in 2023

Read more →

The report covers the tactics, techniques and tools most commonly deployed by threat actors, the nature of incidents detected and their distribution among MDR customers. This article has been indexed from Securelist Read the original article: Managed Detection and Response…

Read more →

The report covers the tactics, techniques and tools most commonly deployed by threat actors, the nature of incidents detected and their distribution among MDR customers. This article has been indexed from Securelist Read the original article: Managed Detection and Response…

Read more →

In this article we analyze social engineering aspects of the XZ backdoor incident. Namely pressuring the XZ maintainer to pass on the project to Jia Cheong Tan, and then urging major downstream maintainers to commit the backdoored code to their…

Read more →

We continue to report on the APT group ToddyCat. This time, we’ll talk about traffic tunneling, constant access to a target infrastructure and data extraction from hosts. This article has been indexed from Securelist Read the original article: ToddyCat is…

Read more →