Financial Cyberthreats in 2020
2020 was challenging for everyone: companies, regulators, individuals. Due to the limitations imposed by the epidemiological situation, particular categories of users and businesses were increasingly targeted by cybercriminals. While we were adjusting to remote work and the rest of the new conditions, so were scammers. As a result, 2020 was extremely eventful in terms of digital […] more…IT threat evolution Q3 2020
Targeted attacks MATA: Lazarus’s multi-platform targeted malware framework The more sophisticated threat actors are continually developing their TTPs (Tactics, Techniques and Procedures) and the toolsets they use to compromise the systems of their targets. However, malicious toolsets used to target multiple platforms are rare, because they required significant investment to develop and maintain them. In […] more…DDoS attacks in Q3 2020
News overview Q3 was relatively calm from a DDoS perspective. There were no headline innovations, although cybercriminals did continue to master techniques and develop malware already familiar to us from the last reporting period. For example, another DDoS botnet joined in the assault on Docker environments. The perpetrators infiltrated the target server, created an infected […] more…IT threat evolution Q1 2020. Statistics
These statistics are based on detection verdicts for Kaspersky products received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, Kaspersky solutions blocked 726,536,269 attacks launched from online resources in 203 countries across the globe. A total of 442,039,230 unique URLs were recognized as malicious by Web Anti-Virus components. […] more…Cyberthreats to financial institutions 2020: Overview and predictions
Kaspersky Security Bulletin 2019. Advanced threat predictions for 2020 Cybersecurity of connected healthcare 2020: Overview and predictions 5G technology predictions 2020 Corporate security prediction 2020 Key events 2019 Large-scale anti-fraud bypass: Genesis digital fingerprints market uncovered Multi-factor authentication (MFA) and biometric challenges Targeted attack groups specializing in financial institutions: splitting and globalization ATM malware becomes […] more…Russian-speaking cybercrime evolution: What changed from 2016 to 2021
Experts at Kaspersky have been investigating various computer incidents on a daily basis for over a decade. Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that […] more…IT threat evolution in Q2 2021. Mobile statistics
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly figures In Q2 2021, according to data from Kaspersky Security Network: 14,465,672 malware, adware and riskware attacks were prevented. The largest share of all detected threats accrued to RiskTool programs — 38.48%. 886,105 malicious installation […] more…Andariel evolves to target South Korea with ransomware
Executive summary In April 2021, we observed a suspicious Word document with a Korean file name and decoy. It revealed a novel infection scheme and an unfamiliar payload. While we were doing our research into these findings, Malwarebytes published a nice report with technical details about the same series of attacks, which they attributed to […] more…Gootkit: the cautious Trojan
Gootkit is complex multi-stage banking malware that was discovered for the first time by Doctor Web in 2014. Initially it was distributed via spam and exploits kits such as Spelevo and RIG. In conjunction with spam campaigns, the adversaries later switched to compromised websites where the visitors are tricked into downloading the malware. Gootkit is […] more…APT trends report Q1 2021
For four years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed […] more…VirusTotal Multisandbox += Sangfor ZSand
VirusTotal multisandbox project welcomes Sangfor ZSand. The ZSand currently focuses on PE files,with extensions to other popular file types like javascript and Microsoft office to be released soon. In their own words: ZSand, developed by Sangfor Technologies’ Cloud Computing & Security Team, is an agentless behavioral analysis engine incorporating multiple innovative techniques. At the systems […] more…What did DeathStalker hide between two ferns?
DeathStalker is a threat actor who has been active starting 2012 at least, and we exposed most of his past activities in a previous article, as well as during a GREAT Ideas conference in August 2020. The actor draught our attention in 2018, because of distinctive attacks characteristics that did not fit the usual cybercrime […] more…How Unsecure gRPC Implementations Can Compromise APIs, Applications
By David Fiser (Security Researcher) Enterprises are turning to microservice architecture to build future-facing applications. Microservices allow enterprises to efficiently manage infrastructure, easily deploy updates or improvements, and help IT teams innovate, fail, and learn faster. It also allows enterprises to craft applications that can easily scale with demand. Additionally, as enterprises switch architectures — […] more…Internet Explorer and Windows zero-day exploits used in Operation PowerFall
Executive summary In May 2020, Kaspersky technologies prevented an attack on a South Korean company by a malicious script for Internet Explorer. Closer analysis revealed that the attack used a previously unknown full chain that consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer and an elevation of privilege exploit for […] more…The Tetrade: Brazilian banking malware goes global
Introduction Brazil is a well-known country with plenty of banking trojans developed by local crooks. The Brazilian criminal underground is home to some of the world’s busiest and most creative perpetrators of cybercrime. Like their counterparts’ in China and Russia, their cyberattacks have a strong local flavor, and for a long time, they limited their […] more…Pig in a poke: smartphone adware
Our support team continues to receive more and more requests from users complaining about intrusive ads on their smartphones from unknown sources. In some cases, the solution is quite simple. In others, the task is far harder: the adware plants itself in the system partition, and trying to get rid of it can lead to […] more…More information
- TSM Server Slowness
- $66 billion deal for Nvidia to purchase Arm collapses
- Voice-activated drone, baby monitor win Amazon’s IoT contest
- The real concerns about artificial intelligence
- Swedish judge says US extradition unlikely if Assange shows
- Kevin Mandia to Talk About Fighting Hackers at Code/Enterprise
- Corporate Espionage Group ‘RedCurl’ Targeted at Least 14 Organizations
- How to read the minds of strangers.. just by using Facebook [VIDEO]
- Global Community Service Day 2018: Together for good
- Update: UCS 502 Errors