Tag: Securelist

A close look at the utilities, techniques, and infrastructure used by the hacktivist group Crypt Ghouls has revealed links to groups such as Twelve, BlackJack, etc. This article has been indexed from Securelist Read the original article: Analysis of the…

Read more →

In this article we solve the most difficult SAS CTF challenge based on the APT technique to introduce and persist a kernel shellcode on Windows 7. This article has been indexed from Securelist Read the original article: SAS CTF and…

Read more →

Kaspersky analyzes SideWinder APT’s recent activity: new targets in the MiddleEast and Africa, post-exploitation tools and techniques. This article has been indexed from Securelist Read the original article: Beyond the Surface: the evolution and expansion of the SideWinder APT group

Read more →

The Kaspersky Digital Footprint Intelligence team shares insights into the H1 2024 Middle Eastern cyberthreat landscape: hacktivism, initial access brokers, ransomware, stealers, and so on. This article has been indexed from Securelist Read the original article: Whispers from the Dark…

Read more →

Kaspersky experts have discovered a new version of the APT Awaken Likho RAT Trojan, which uses AutoIt scripts and the MeshCentral system to target Russian organizations. This article has been indexed from Securelist Read the original article: Awaken Likho is…

Read more →

Kaspersky experts have discovered a new version of the APT Awaken Likho RAT Trojan, which uses AutoIt scripts and the MeshCentral system to target Russian organizations. This article has been indexed from Securelist Read the original article: Awaken Likho is…

Read more →

Malicious actors are spreading miners through fake websites with popular software, Telegram channels and YouTube, installing Wazuh SIEM agent on victims’ devices for persistence. This article has been indexed from Securelist Read the original article: Scam Information and Event Management

Read more →

How Kaspersky implemented machine learning for threat hunting in Kaspersky Security Network (KSN) global threat data. This article has been indexed from Securelist Read the original article: Finding a needle in a haystack: Machine learning at the forefront of threat…

Read more →

Kaspersky experts studied the activity of Key Group, which utilizes publicly available builders for ransomware and wipers, as well as GitHub and Telegram. This article has been indexed from Securelist Read the original article: Key Group: another ransomware group using…

Read more →

In this report, we share statistics on threats to industrial control systems in Q2 2024, including statistics by region, industry, malware and other threat types. This article has been indexed from Securelist Read the original article: Threat landscape for industrial…

Read more →

An investigation of BlackJack’s software, TTPs, and motivations led Kaspersky experts to identify a possible connection with the Twelve group. This article has been indexed from Securelist Read the original article: From 12 to 21: how we discovered connections between…

Read more →

Kaspersky experts review Do Not Track (DNT) statistics for the most widely used web tracking services in 2023 and 2024 operated by companies like Google, Microsoft, etc. This article has been indexed from Securelist Read the original article: Web tracking…

Read more →

Kaspersky experts have discovered a new version of the Necro Trojan, which has attacked tens of thousands of Android devices through Google Play and Spotify and WhatsApp mods. This article has been indexed from Securelist Read the original article: How…

Read more →

Analysis of Twelve’s activities using the Unified Kill Chain method: from initial access to deployment of LockBit- and Chaos-based ransomware and wipers. This article has been indexed from Securelist Read the original article: -=TWELVE=- is back

Read more →

Kaspersky researchers detected a campaign exclusively targeting Italian users by delivering a new RAT dubbed SambaSpy This article has been indexed from Securelist Read the original article: Exotic SambaSpy is now dancing with Italian users

Read more →

Kaspersky experts have discovered a new version of the Loki agent for the open-source Mythic framework, which uses DLLs to attack Russian companies. This article has been indexed from Securelist Read the original article: Loki: a new private agent for…

Read more →

Kaspersky experts have discovered a new version of the Loki agent for the open-source Mythic framework, which uses DLLs to attack Russian companies. This article has been indexed from Securelist Read the original article: Loki: a new private agent for…

Read more →

Kaspersky experts found a new variant of the China Chopper web shell from the Tropic Trooper group that imitates an Umbraco CMS module and targets a government entity in the Middle East. This article has been indexed from Securelist Read…

Read more →

In this report, we provide an in-depth analysis of the Mallox ransomware, its evolution, ransom strategy, encryption scheme, etc. This article has been indexed from Securelist Read the original article: Mallox ransomware: in-depth analysis and evolution

Read more →

Kaspersky Global Emergency Response Team (GERT) shares the most interesting IR cases for the year 2023: insider attacks, ToddyCat-like APT, Flax Typhoon and more. This article has been indexed from Securelist Read the original article: A deep dive into the…

Read more →