PRINT
PRINT
SEND MAIL
SEND MAIL

Category: Featured

Security FeedsAPTPublicationsFeaturedVulnerabilities and exploitsCyber espionageTargeted Attacks

An overview of targeted attacks and APTs on Linux

Perhaps unsurprisingly, a lot has been written about targeted attacks on Windows systems. Windows is, due to its popularity, the platform for which we discover most APT attack tools. At the same time, there’s a widely held opinion that Linux is a secure-by-default operating system that isn’t susceptible to malicious code. It’s certainly true that Linux hasn’t faced the deluge of viruses, worms and Trojans faced by those running Windows systems over the years. However, there is certainly malware for Linux – including PHP…

RDPSecurity FeedsMalware StatisticsPublicationsFeaturedMalicious spamThematic phishing

Digital Education: The cyberrisks of the online classroom

This past spring, as the COVID-19 pandemic took hold, online learning became the new norm as universities and classrooms around the world were forced to close their doors. By April 29, 2020, more than 1.2 billion children across 186 countries were impacted by school closures. Shortly after schools began to transition to emergency remote learning, it became clear that many were not ready for the kind of full-time, digital education now needed. Not all students had the technology that was required, from laptops to…

Security FeedsMalware StatisticsFeaturedMobile MalwareMalware reportsTrojan BankerTrojan-DropperStalkerwareSMS Trojan

IT threat evolution Q2 2020. Mobile statistics

IT threat evolution Q2 2020. Review IT threat evolution Q2 2020. PC statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, the second quarter saw: 1,245,894 detected malicious installers, of which 38,951 packages were related to mobile banking trojans 3,805 packages proved to be mobile ransomware trojans A total of 14,204,345 attacks on mobile devices were blocked Quarterly highlights In summing up the results of the…

Security FeedsMalware StatisticsFinancial malwareInternet of ThingsFeaturedVulnerabilities and exploitsMalware reportsMinerApple MacOSVulnerability StatisticsTrojan-Dropper

IT threat evolution Q2 2020. PC statistics

IT threat evolution Q2 2020. Review IT threat evolution Q2 2020. Mobile statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, in Q2: Kaspersky solutions blocked 899,744,810 attacks launched from online resources in 191 countries across the globe. As many as 286,229,445 unique URLs triggered Web Anti-Virus components. Attempted infections by malware designed to steal money via online access to bank accounts were logged on the…

RDPSecurity FeedsMalware DescriptionsFeaturedTargeted AttacksMalware TechnologiesMalware reportsexploit kits

IT threat evolution Q2 2020

IT threat evolution Q2 2020. PC statistics IT threat evolution Q2 2020. Mobile statistics Targeted attacks PhantomLance: hiding in plain sight In April, we reported the results of our investigation into a mobile spyware campaign that we call ‘PhantomLance’. The campaign involved a backdoor Trojan that the attackers distributed via dozens of apps in Google Play and elsewhere. Dr Web first reported the malware in July 2019, but we decided to investigate because the Trojan was more sophisticated than most malware for stealing money…

Security FeedsFeaturedVulnerabilities and exploitsMalware TechnologiesZero-day vulnerabilitiesMicrosoft Windows

Operation PowerFall: CVE-2020-0986 and variants

In August 2020, we published a blog post about Operation PowerFall. This targeted attack consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer 11 and an elevation of privilege exploit targeting the latest builds of Windows 10. While we already described the exploit for Internet Explorer in the original blog post, we also promised to share more details about the elevation of privilege exploit in a follow-up post. Let’s take a look at vulnerability CVE-2020-0986, how it was exploited by…

Security FeedsMalware DescriptionsAPTAPT reportsFeaturedTargeted AttacksGoogle AndroidMalware TechnologiesRAT TrojanMicrosoft Office

Transparent Tribe: Evolution analysis,part 2

Background + Key findings Transparent Tribe, also known as PROJECTM or MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as 2013. In the last four years, this APT group has never taken time off. They continue to hit their targets, which typically are Indian military and government personnel. This is the second of two articles written to share the results of our recent investigations into Transparent Tribe. In the previous article, we described the various Crimson RAT…

Security FeedsMalware DescriptionsAPT reportsFeaturedTargeted AttacksCybercrimeMalware TechnologiesSpear Phishing

Lifting the veil on DeathStalker, a mercenary triumvirate

State-sponsored threat actors and sophisticated attacks are often in the spotlight. Indeed, their innovative techniques, advanced malware platforms and 0-day exploit chains capture our collective imagination. Yet these groups still aren’t likely to be a part of the risk model at most companies, nor should they be. Businesses today are faced with an array of much more immediate threats, from ransomware and customer information leaks, to competitors engaging in unethical business practices. In this blog post, we’ll be focusing on DeathStalker: a unique threat…

Security FeedsMalware DescriptionsAPTMalware StatisticsAPT reportsFeaturedWormTargeted AttacksMalware TechnologiesRAT TrojanKeyloggersTransparent Tribe

Transparent Tribe: Evolution analysis, part 1

Background and key findings Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as 2013. Proofpoint published a very good article about them in 2016, and since that day, we have kept an eye on the group. We have periodically reported their activities through our APT threat intelligence reports, and subscribers of that service already know that in the last four years, this APT group has never taken time off. They…