Tag: Securelist

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas. This article has been indexed from Securelist Read the original article: Cloud Atlas activity in the first…

Read more →

Kaspersky expert describes how DCOM interfaces can be abused to load malicious DLLs into memory using the Windows Registry and Control Panel. This article has been indexed from Securelist Read the original article: Yet another DCOM object for lateral movement

Read more →

Kaspersky’s GReAT experts have uncovered a new wave of cyberattacks by the ForumTroll APT group, targeting Russian political scientists and delivering the Tuoni framework to their devices. This article has been indexed from Securelist Read the original article: Operation ForumTroll…

Read more →

Kaspersky researchers describe how they gained access to a vehicle’s head unit by exploiting a single vulnerability in its modem. This article has been indexed from Securelist Read the original article: God Mode On: how we attacked a vehicle’s head…

Read more →

Kaspersky researchers have discovered a new Android banking Trojan targeting Turkish users and posing as an app for accessing court case files via an official government webpage. The malware is being actively developed and may become MaaS in the future.…

Read more →

Kaspersky expert describes the Zigbee wireless protocol and presents two application-level attack vectors that allow Zigbee endpoints to be turned on and off. This article has been indexed from Securelist Read the original article: Turn me on, turn me off:…

Read more →

Kaspersky experts detail the journey of the victims’ data after a phishing attack. We break down the use of email-based phishing kits, Telegram bots, and customized administration panels. This article has been indexed from Securelist Read the original article: Following…

Read more →

We analyze the network activity of the Mythic framework, focusing on agent-to-C2 communication, and use signature and behavioral analysis to create detection rules for Network Detection and Response (NDR) solutions. This article has been indexed from Securelist Read the original…

Read more →

Threat actors are now exploiting CVE-2025-55182, and attacks are poised to grow. Here’s what you need to know about the vulnerability, how our honeypots are being targeted, what malware is being deployed, and how to protect your systems. This article…

Read more →

Kaspersky researchers analyze changes in the lifespan of a shadow Telegram channel, blocks, and migration to other platforms. This article has been indexed from Securelist Read the original article: Goodbye, dark Telegram: Blocks are pushing the underground out

Read more →

Kaspersky researchers uncover a new version of the Shai Hulud npm worm, which is attacking targets in Russia, India, Brazil, China, and other countries, and has wiper features. This article has been indexed from Securelist Read the original article: Shai…

Read more →

This report provides statistical data on vulnerabilities published and exploits we researched during the third quarter of 2025. It also includes summary data on the use of C2 frameworks. This article has been indexed from Securelist Read the original article:…

Read more →

Kaspersky Security Bulletin contains statistics on various cyberthreats for the period from November 2024 to October 2025, which are based on anonymized data voluntarily provided by Kaspersky users via Kaspersky Security Network (KSN). This article has been indexed from Securelist…

Read more →

Kaspersky discloses new tools and techniques discovered in 2025 Tomiris activities: multi-language reverse shells, Havoc and AdaptixC2 open-source frameworks, communications via Discord and Telegram. This article has been indexed from Securelist Read the original article: Tomiris wreaks Havoc: New tools…

Read more →

This article covers NTLM relay, credential forwarding, and other NTLM-related vulnerabilities and cyberattacks discovered in 2025. This article has been indexed from Securelist Read the original article: Old tech, new vulnerabilities: NTLM abuse, ongoing exploitation in 2025

Read more →

How cybercriminals prepare for Black Friday: phishing, scams and malware targeting online shoppers and gamers, fake sales in spam and real sales on the dark web. This article has been indexed from Securelist Read the original article: To buy or…

Read more →

Kaspersky experts analyze the ToddyCat APT attacks targeting corporate email. We examine the new version of TomBerBil, the TCSectorCopy and XstReader tools, and methods for stealing access tokens from Outlook. This article has been indexed from Securelist Read the original…

Read more →

This report examines how employment and recruitment function on the dark web, based on over 2,000 job-related posts collected from shadow forums between January 2023 and June 2025. This article has been indexed from Securelist Read the original article: Inside…

Read more →

Kaspersky GReAT experts discovered a new campaign featuring the Tsundere botnet. Node.js-based bots abuse web3 smart contracts and are spread via MSI installers and PowerShell scripts. This article has been indexed from Securelist Read the original article: Blockchain and Node.js…

Read more →

The report features statistics on mobile threats for the third quarter of 2025, along with interesting findings and trends from the quarter, including an increase in ransomware activity in Germany, and more. This article has been indexed from Securelist Read…

Read more →