Announcement

Collapse
No announcement yet.

Articles

Collapse

CMS Home Page

  • Filter
  • Time
  • Show
Clear All
new posts

  • Energetic Bear/Crouching Yeti: attacks on servers

    Energetic Bear/Crouching Yeti: attacks on servers

    This report by Kaspersky Lab ICS CERT presents information on identified servers that have been infected and used by the Energetic Bear/Crouching Yeti group. The report also includes the findings of an analysis of several webservers compromised by the group during 2016 and in early 2017.

    More...
    See more | Go to post

  • Tens of thousands per Gram

    Tens of thousands per Gram

    In late 2017, information appeared on specialized resources about a Telegram ICO to finance the launch of its own blockchain platform. The lack of information provided fertile ground for scammers: the rumors prompted mailshots seemingly from official representatives of the platform, inviting people to take part in the ICO and purchase tokens.

    More...
    See more | Go to post

  • Leaking ads

    Leaking ads

    We found that because of third-party SDKs many popular apps are exposing user data to the internet, with advertising SDKs usually to blame. They collect user data so they can show relevant ads, but often fail to protect that data when sending it to their servers.

    More...
    See more | Go to post

  • Roaming Mantis uses DNS hijacking to infect Android smartphones

    Roaming Mantis uses DNS hijacking to infect Android smartphones

    In March 2018, Japanese media reported the hijacking of DNS settings on routers located in Japan, redirecting users to malicious IP addresses. The redirection led to the installation of Trojanized applications named facebook.apk and chrome.apk that contained Android Trojan-Banker. During our research we received some invaluable information about the true scale of this attack, we decided to call it ‘Roaming Mantis’.

    More...
    See more | Go to post

  • Operation Parliament, who is doing what?

    Operation Parliament, who is doing what?

    Kaspersky Lab has been tracking a series of attacks utilizing unknown malware since early 2017. The attacks appear to be geopolitically motivated and target high profile organizations. The objective of the attacks is clearly espionage – they involve gaining access to top legislative, executive and judicial bodies around the world.

    More...
    See more | Go to post

  • APT Trends report Q1 2018

    APT Trends report Q1 2018

    In the second quarter of 2017, Kaspersky’s Global Research and Analysis Team (GReAT) began publishing summaries of the quarter’s private threat intelligence reports in an effort to make the public aware of the research we have been conducting. This report serves as the next installment, focusing on the relevant activities that we observed during Q1 2018.

    More...
    See more | Go to post

  • Pocket cryptofarms

    Pocket cryptofarms

    In recent months, the topic of cryptocurrency has been a permanent news fixture — the value of digital money has been see-sawing spectacularly. Such pyrotechnics could hardly have escaped the attention of scammers, which is why cryptocurrency fluctuations have gone hand in hand with all kinds of stories. These include hacked exchanges, Bitcoin and Monero ransoms, and, of course, hidden mining.

    More...
    See more | Go to post

  • Your new friend, KLara

    Your new friend, KLara

    In R&D we use a lot of open-source projects and we believe giving back to the community is our way of saying ‘Thank you’. More and more security companies are releasing their open-source projects and we would like to contribute with our distributed YARA scanner.

    More...
    See more | Go to post

  • Threat Landscape for Industrial Automation Systems in H2 2017

    Threat Landscape for Industrial Automation Systems in H2 2017

    Kaspersky Lab ICS CERT publishes the findings of its research on the threat landscape for industrial automation systems conducted during the second half of 2017. The main objective of these publications is to provide information support to incident response teams, enterprise information security staff and researchers in the area of industrial facility security.

    More...
    See more | Go to post

  • Goodfellas, the Brazilian carding scene is after you

    Goodfellas, the Brazilian carding scene is after you

    There are three ways of doing things in the malware business: the right way, the wrong way and the way Brazilians do it. From the early beginnings, using skimmers on ATMs, compromising point of sales systems, or even modifying the hardware of processing devices, Latin America has been a fertile ground for collecting credit and debit cards en masse.

    More...
    See more | Go to post
There are no articles in this category.
  • Filter
  • Time
  • Show
Clear All
new posts
Please log in to your account to view your subscribed posts.

Categories

Collapse

Article Tags

Collapse

Latest Articles

Collapse

  • Calisto Trojan for macOS
    willie
    As researchers we interesting in developmental prototypes of malware that have had limited distribution or not even occurred in the wild. We recently came across one such sample: a macOS backdoor that we named Calisto.

    More...
    20-07-2018, 16:42
  • Online generators… of dashed expectations
    willie
    Quite recently, we started to designate an entire class of sites — gift card generators — as fraudulent, despite their not stealing any money or personal data from visitors. Why? Let's try to unpick these sites and see how they work.

    More...
    19-07-2018, 10:05
  • The return of Fantomas, or how we deciphered Cryakl
    willie
    This spring marked the fourth anniversary of the malware's first attacks. Against the backdrop of a general decline in ransomware activity (see our report), we decided to return to the topic of Cryakl and tell in detail about how one of the most eye-catching members of this endangered species evolved.

    More...
    17-07-2018, 13:10
  • In cryptoland, trust can be costly
    willie
    While the legal status of cryptocurrencies and laws to regulate them continue to be hammered out, scammers are busy exploiting the digital gold rush. Besides hacking cryptocurrency exchanges, exploiting smart-contract vulnerabilities, and deploying malicious miners, cybercriminals are also resorting to more traditional social-engineering methods that can reap millions of dollars.

    More...
    15-07-2018, 10:59
  • Coinvault, the court case
    willie
    Today, after almost 3 years of waiting, it was finally the day of the trial. In the Netherlands, where the whole case took place, the hearings are open to the public. Meaning anyone who is interested can visit. And it was quite busy.

    More...
    13-07-2018, 18:03
  • APT Trends Report Q2 2018
    willie
    These summaries are a representative snapshot of what has been discussed in greater detail in our private reports during Q2 2018. They aim to highlight the significant events and findings that we feel people should be aware of.

    More...
    11-07-2018, 10:36
Working...
X