Announcement

Collapse
No announcement yet.

Articles

Collapse

CMS Home Page

  • Filter
  • Time
  • Show
Clear All
new posts

  • ShadowPad in corporate networks

    ShadowPad in corporate networks

    In July 2017, during an investigation, suspicious DNS requests were identified in a partner’s network. The source of the queries was a software package produced by NetSarang. Our analysis showed that recent versions of the software had been surreptitiously modified to include an encrypted payload that could be remotely activated by a knowledgeable attacker.

    More...
    See more | Go to post

  • APT Trends report Q2 2017

    APT Trends report Q2 2017

    Since 2014, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been providing threat intelligence reports to a wide-range of customers worldwide, leading to the delivery of a full and dedicated private reporting service. Prior to the new service offering, GReAT published research online for the general public in an effort to help combat the ever-increasing threat from nation-state and other advanced actors.

    More...
    See more | Go to post

  • The return of Mamba ransomware

    The return of Mamba ransomware

    At the end of 2016, there was a major attack against San Francisco's Municipal Transportation Agency. The attack was done using Mamba ransomware. This month, we noted that the group behind this ransomware has resumed their attacks against corporations.

    More...
    See more | Go to post

  • Steganography in contemporary cyberattacks

    Steganography in contemporary cyberattacks

    Today, a dangerous new trend is emerging: steganography is increasingly being used by actors creating malware and cyber-espionage tools. Most modern anti-malware solutions provide little, if any, protection from steganography, while any carrier in which a payload can be secretly carried poses a potential threat.

    More...
    See more | Go to post

  • DDoS attacks in Q2 2017

    DDoS attacks in Q2 2017

    The second quarter quite clearly showed that the DDoS-attack threat is perceived rather seriously. Some companies were prepared to pay cybercriminals literally after their first demand without waiting for the attack itself. This set off a whole new wave of fraud involving money extortion under threat of a DDoS attack, also known as “ransom DDoS”.

    More...
    See more | Go to post

  • A new era in mobile banking Trojans

    A new era in mobile banking Trojans

    In mid-July 2017, we found a new modification of the well-known mobile banking malware family Svpeng – Trojan-Banker.AndroidOS.Svpeng.ae. In this modification, the cybercriminals have added new functionality: it now also works as a keylogger, stealing entered text through the use of accessibility services.

    More...
    See more | Go to post

  • Spring Dragon – Updated Activity

    Spring Dragon – Updated Activity

    In the beginning of 2017, Kaspersky Lab became aware of new activities by an APT actor we have been tracking for several years called Spring Dragon (also known as LotusBlossom). Information about the new attacks arrived from a research partner in Taiwan and we decided to review the actor’s tools, techniques and activities.

    More...
    See more | Go to post

  • CowerSnail, from the creators of SambaCry

    CowerSnail, from the creators of SambaCry

    We recently reported about SambaCry, a new family of Linux Trojans exploiting a vulnerability in the Samba protocol. A week later, Kaspersky Lab analysts managed to detect a malicious program for Windows that was apparently created by the same group responsible for SambaCry.

    More...
    See more | Go to post

  • A King’s Ransom It is Not

    A King’s Ransom It is Not

    The first half of 2017 began with two intriguing ransomware events, both partly enabled by wormable exploit technology dumped by a group calling themselves “The ShadowBrokers”. These WannaCry and ExPetr ransomware events are the biggest in the sense that they spread the quickest and most effectively of known ransomware to date.

    More...
    See more | Go to post

  • The NukeBot banking Trojan: from rough drafts to real threats

    The NukeBot banking Trojan: from rough drafts to real threats

    This spring, the author of the NukeBot banking Trojan published the source code of his creation. Now, three months after the source code was published, we decided to have a look at what has changed in the banking malware landscape.

    More...
    See more | Go to post
There are no articles in this category.
  • Filter
  • Time
  • Show
Clear All
new posts
Please log in to your account to view your subscribed posts.

Categories

Collapse

Article Tags

Collapse

Latest Articles

Collapse

  • ShadowPad in corporate networks
    willie
    In July 2017, during an investigation, suspicious DNS requests were identified in a partner’s network. The source of the queries was a software package produced by NetSarang. Our analysis showed that recent versions of the software had been surreptitiously modified to include an encrypted payload that could be remotely activated by a knowledgeable attacker.

    More...
    Yesterday, 10:43 PM
  • APT Trends report Q2 2017
    willie
    Since 2014, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been providing threat intelligence reports to a wide-range of customers worldwide, leading to the delivery of a full and dedicated private reporting service. Prior to the new service offering, GReAT published research online for the general public in an effort to help combat the ever-increasing threat from nation-state and other advanced actors.

    More...
    08-10-2017, 12:16 PM
  • The return of Mamba ransomware
    willie
    At the end of 2016, there was a major attack against San Francisco's Municipal Transportation Agency. The attack was done using Mamba ransomware. This month, we noted that the group behind this ransomware has resumed their attacks against corporations.

    More...
    08-09-2017, 07:18 PM
  • Steganography in contemporary cyberattacks
    willie
    Today, a dangerous new trend is emerging: steganography is increasingly being used by actors creating malware and cyber-espionage tools. Most modern anti-malware solutions provide little, if any, protection from steganography, while any carrier in which a payload can be secretly carried poses a potential threat.

    More...
    08-03-2017, 10:54 PM
  • DDoS attacks in Q2 2017
    willie
    The second quarter quite clearly showed that the DDoS-attack threat is perceived rather seriously. Some companies were prepared to pay cybercriminals literally after their first demand without waiting for the attack itself. This set off a whole new wave of fraud involving money extortion under threat of a DDoS attack, also known as “ransom DDoS”.

    More...
    08-01-2017, 05:23 PM
  • A new era in mobile banking Trojans
    willie
    In mid-July 2017, we found a new modification of the well-known mobile banking malware family Svpeng – Trojan-Banker.AndroidOS.Svpeng.ae. In this modification, the cybercriminals have added new functionality: it now also works as a keylogger, stealing entered text through the use of accessibility services.

    More...
    07-31-2017, 02:20 PM
Working...
X