Same Old yet Brand-new: New File Types Emerge in Malware Spam Attachments
By Miguel Ang and Donald Castillo As cybersecurity defenses continue to improve, cybercriminals have learned to become more creative with malware. We recently encountered threats being packaged inside old yet rarely used file types in spam campaigns. Spam continues to be a cybercriminal favorite – this old-school infection vector makes up more than 48 percent […] more…CVE-2014-8439 Vulnerability: Trend Micro Solutions Ahead of the Game
Last November 25, Adobe issued an out-of-band patch for the CVE-2014-8439 vulnerability, which impacts Adobe Flash Player versions on Windows, Mac OS, and Linux. Adobe’s advisory describes this vulnerability as a “de-referenced memory pointer that could lead to code execution.” Despite efforts by Adobe to quickly patch their software vulnerabilities, we noticed that exploit kit […] more…IT threat evolution Q3 2020
Targeted attacks MATA: Lazarus’s multi-platform targeted malware framework The more sophisticated threat actors are continually developing their TTPs (Tactics, Techniques and Procedures) and the toolsets they use to compromise the systems of their targets. However, malicious toolsets used to target multiple platforms are rare, because they required significant investment to develop and maintain them. In […] more…IT threat evolution Q3 2020
Targeted attacks MATA: Lazarus’s multi-platform targeted malware framework The more sophisticated threat actors are continually developing their TTPs (Tactics, Techniques and Procedures) and the toolsets they use to compromise the systems of their targets. However, malicious toolsets used to target multiple platforms are rare, because they required significant investment to develop and maintain them. In […] more…IT threat evolution Q3 2020
Targeted attacks MATA: Lazarus’s multi-platform targeted malware framework The more sophisticated threat actors are continually developing their TTPs (Tactics, Techniques and Procedures) and the toolsets they use to compromise the systems of their targets. However, malicious toolsets used to target multiple platforms are rare, because they required significant investment to develop and maintain them. In […] more…Malicious Optimizer and Utility Android Apps on Google Play Communicate with Trojans that Install Malware, Perform Mobile Ad Fraud
By Lorin Wu (Mobile Threats Analyst) We recently discovered several malicious optimizer, booster, and utility apps (detected by Trend Micro as AndroidOS_BadBooster.HRX) on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes, perform mobile ad fraud, and download as many as 3,000 malware variants or malicious […] more…Kaspersky Security Bulletin 2018. Top security stories
Introduction The internet is now woven into the fabric of our lives. Many people routinely bank, shop and socialize online and the internet is the lifeblood of commercial organizations. The dependence on technology of governments, businesses and consumers provides a broad attack surface for attackers with all kinds of motives – financial theft, theft of […] more…Spam and phishing in Q1 2018
Quarterly highlights Data leaks Early 2018 will be remembered for a series of data leak scandals. The most high-profile saw Facebook CEO Mark Zuckerberg grilled by US Congress, with many public figures supporting the Delete Facebook campaign. As a result, Zuckerberg promised to get tough and make it more difficult to harvest data from third-party […] more…Ztorg: money for infecting your smartphone
This research started when we discovered an infected Pokémon GO guide in Google Play. It was there for several weeks and was downloaded more than 500,000 times. We detected the malware as Trojan.AndroidOS.Ztorg.ad. After some searching, I found some other similar infected apps that were being distributed from the Google Play Store. The first of […] more…PUA Operation Spreads Thousands of Explicit Apps in the Wild and on Legitimate App Stores
One of the most popular ways to make money online is through pornography—whether through legitimate distribution or different online scams. Last year we detected a new variant of the Marcher Trojan targeting users through porn sites, and the year before that popular porn apps were used as lures to compromise millions of mobile users in […] more…Cerber Version 6 Shows How Far the Ransomware Has Come (and How Far it’ll Go)
Additional analysis/insights by Alfredo Oliveira A little over a year after its first variants were found in the wild, Cerber (Detected by Trend Micro as RANSOM_CERBER family) now has the reputation for being the most prolific family of ransomware in the threat landscape. Since it first emerged in Russian underground marketplaces in March, 2016, Cerber has […] more…Spam and phishing in Q1 2017
Spam: quarterly highlights Spam from the Necurs botnet We wrote earlier about a sharp increase in the amount of spam with malicious attachments, mainly Trojan encryptors. Most of that spam was coming from the Necurs botnet, which is currently considered the world’s largest spam botnet. However, in late December 2016, the network’s activity almost ceased […] more…Spam and phishing in 2016
The year in figures According to Kaspersky Lab, in 2016: The proportion of spam in email flows was 58.31%, which is 3.03 percentage points more than in 2015. 62.16% of spam emails were no more than 2 KB in size. 12.08% of spam was sent from the US. Trojan.Win32.Bayrob was the most popular malware family […] more…IT threat evolution Q3 2016. Statistics
Download the full report (PDF) Statistics All the statistics used in this report were obtained using Kaspersky Security Network (KSN), a distributed antivirus network that works with various anti-malware protection components. The data was collected from KSN users who agreed to provide it. Millions of Kaspersky Lab product users from 213 countries and territories worldwide […] more…The Hunt for Lurk
In early June, 2016, the Russian police arrested the alleged members of the criminal group known as Lurk. The police suspected Lurk of stealing nearly three billion rubles, using malicious software to systematically withdraw large sums of money from the accounts of commercial organizations, including banks. For Kaspersky Lab, these arrests marked the culmination of […] more…KSN Report: Mobile ransomware in 2014-2016
Part 1. KSN Report: PC ransomware in 2014-2016 Download PDF version Statistics The activity of mobile ransomware, although not as widely covered in the media as PC ransomware, also skyrocketed over the period covered by this report. Especially in the second half. Fig. 12: The number of users encountering mobile ransomware at least once in […] more…More information
- Fighting Automation with Automation
- Robocalling Firm Exposes U.S. Voter Records
- S3 Ep15: Titan keys, Mimecast certs and Solarwinds [Podcast]
- US court says warrant for access to all content of email account is justified
- Bill Gates, Stephen Hawking say artificial intelligence represents real threat
- SSCC 206 – Who gave you permission to use my Wi-Fi? [PODCAST]
- Printers pulled into 9100 port attack spew PewDiePie propaganda
- Risky Business: Understand Your Assets and Align Security With the Business
- Signed PoS Malware Used In Pre-Holiday Attacks, Linked to Targeted Attacks
- RiskSense lands $7M for assessment service