Kaspersky Security Bulletin 2018. Top security stories
Introduction The internet is now woven into the fabric of our lives. Many people routinely bank, shop and socialize online and the internet is the lifeblood of commercial organizations. The dependence on technology of governments, businesses and consumers provides a broad attack surface for attackers with all kinds of motives – financial theft, theft of […] more…Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments
By Miguel Ang and Donald Castillo As cybersecurity defenses continue to improve, cybercriminals have learned to become more creative with malware. We recently encountered threats being packaged inside old yet rarely used file types in spam campaigns. Spam continues to be a cybercriminal favorite – this old-school infection vector makes up more than 48 percent […] more…Spam and phishing in Q1 2018
Quarterly highlights Data leaks Early 2018 will be remembered for a series of data leak scandals. The most high-profile saw Facebook CEO Mark Zuckerberg grilled by US Congress, with many public figures supporting the Delete Facebook campaign. As a result, Zuckerberg promised to get tough and make it more difficult to harvest data from third-party […] more…Inside of the WASP’s nest: deep dive into PyPI-hosted malware
Photo by Matheus Queiroz on Unsplash In late 2022 we decided to start monitoring PyPI, arguably the most important Python repository, as there were a number of reports on it hosting malware. PyPI took exceptional relevance amongst all repositories as, historically, it was trusted by default by many software developers. Any security breach or abuse […] more…APT43: An investigation into the North Korean group’s cybercrime operations
Introduction As recently reported by our Mandiant’s colleagues, APT43 is a threat actor believed to be associated with North Korea. APT43’s main targets include governmental institutions, research groups, think tanks, business services, and the manufacturing sector, with most victims located in the United States and South Korea. The group uses a variety of techniques and […] more…Russian-speaking cybercrime evolution: What changed from 2016 to 2021
Experts at Kaspersky have been investigating various computer incidents on a daily basis for over a decade. Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that […] more…Financial Cyberthreats in 2020
2020 was challenging for everyone: companies, regulators, individuals. Due to the limitations imposed by the epidemiological situation, particular categories of users and businesses were increasingly targeted by cybercriminals. While we were adjusting to remote work and the rest of the new conditions, so were scammers. As a result, 2020 was extremely eventful in terms of digital […] more…IT threat evolution Q3 2020
Targeted attacks MATA: Lazarus’s multi-platform targeted malware framework The more sophisticated threat actors are continually developing their TTPs (Tactics, Techniques and Procedures) and the toolsets they use to compromise the systems of their targets. However, malicious toolsets used to target multiple platforms are rare, because they required significant investment to develop and maintain them. In […] more…Malicious Optimizer and Utility Android Apps on Google Play Communicate with Trojans that Install Malware, Perform Mobile Ad Fraud
By Lorin Wu (Mobile Threats Analyst) We recently discovered several malicious optimizer, booster, and utility apps (detected by Trend Micro as AndroidOS_BadBooster.HRX) on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes, perform mobile ad fraud, and download as many as 3,000 malware variants or malicious […] more…Spam and phishing in 2016
The year in figures According to Kaspersky Lab, in 2016: The proportion of spam in email flows was 58.31%, which is 3.03 percentage points more than in 2015. 62.16% of spam emails were no more than 2 KB in size. 12.08% of spam was sent from the US. Trojan.Win32.Bayrob was the most popular malware family […] more…More information
- European Oil Port Terminals Hit by Cyberattack
- Google Offers $31,337 for RCE Vulnerabilities
- CEOs and Coffee Shops Are Mobile Computing’s Biggest Risks: Report
- EU Court Slaps Down UK’s Investigatory Powers Act
- Ransomware Attack Hits Nantucket, Martha’s Vineyard Ferry Service
- CHIPSEC Support against Vault 7 disclosure scanning
- Hack-proof RFID chips
- Zoom Acquires Keybase to Bring End-to-End Encryption to Video Platform
- Signal and other video chat apps found to have some major security flaws
- Resolved: Canvas Login Issue