2012 Web Malware Trends Report Summary
Sucuri is a website security company focused on the detection and remediation of web malware. In 2012, via our SiteCheck scanner, we scanned 9,953,729 unique domains. This small report is based on the data we were able to compile from that platform and our analysis of that same data. The Foundation Healthy Website View We […] more…The Trends in Targeted Attacks of 2012
Throughout 2012, we investigated a variety of targeted attacks including several APT campaigns such as LuckyCat and Ixeshe, as well as updates on some long running campaigns such as Lurid/Enfal and Taidoor. There was a lot of great research within the community related to targeted attacks published this year, and I’ve clustered the research I found to […] more…
Commoditization vs. Specialization
Another rebuttal to Mikko’s Flame related opinion column in Wired magazine, this time from Bruce Schneier. Schneier’s summary of Mikko’s argument: “His conclusion is simply that the attackers — in this case military intelligence agencies — are simply better than commercial-grade anti-virus programs.” But Schneier doesn’t buy it: A couple of points. First, regarding military […] more…COM Objects Hijacking
The COM Hijacking technique is often utilized by threat actors and various malware families to achieve both persistence and privilege escalation in target systems. It relies on manipulating Component Object Model (COM), exploiting the core architecture of Windows that enables communication between software components, by adding a new value on a specific registry key related […] more…Inside of the WASP’s nest: deep dive into PyPI-hosted malware
Photo by Matheus Queiroz on Unsplash In late 2022 we decided to start monitoring PyPI, arguably the most important Python repository, as there were a number of reports on it hosting malware. PyPI took exceptional relevance amongst all repositories as, historically, it was trusted by default by many software developers. Any security breach or abuse […] more…DDoS attacks in Q2 2021
News overview In terms of big news, Q2 2021 was relatively calm, but not completely eventless. For example, April saw the active distribution of a new DDoS botnet called Simps — the name under which it introduced itself to owners of infected devices. The malware creators promoted their brainchild on a specially set-up YouTube channel and Discord […] more…5G technology predictions 2020
Kaspersky Security Bulletin 2019. Advanced threat predictions for 2020 Cybersecurity of connected healthcare 2020: Overview and predictions Corporate security prediction 2020 Cyberthreats to financial institutions 2020: Overview and predictions It is estimated that data will reach 175 zettabytes worldwide by 2025, up from 1.2 zettabytes in 2010, when 4G was first being deployed globally. 5G […] more…The cybercrime ecosystem: attacking blogs
Executive summary The Cybercrime Ecosystem is a series of articles explaining how cybercriminals operate, what drives them, what techniques they use and how we, regular Internet users, are part of that ecosystem. The articles will also cover technical details and up-to-date research on the threat landscape to provide a more realistic understanding of why this […] more…Clop Ransomware
This new ransomware was discovered by Michael Gillespie on 8 February 2019 and it is still improving over time. This blog will explain the technical details and share information about how this new ransomware family is working. There are some variants of the Clop ransomware but in this report, we will focus on the main […] more…Operation ShadowHammer: a high-profile supply chain attack
In late March 2019, we briefly highlighted our research on ShadowHammer attacks, a sophisticated supply chain attack involving ASUS Live Update Utility, which was featured in a Kim Zetter article on Motherboard. The topic was also one of the research announcements made at the SAS conference, which took place in Singapore on April 9-10, 2019. […] more…Kaspersky Security Bulletin 2018. Top security stories
Introduction The internet is now woven into the fabric of our lives. Many people routinely bank, shop and socialize online and the internet is the lifeblood of commercial organizations. The dependence on technology of governments, businesses and consumers provides a broad attack surface for attackers with all kinds of motives – financial theft, theft of […] more…Operators of Counter Antivirus Service Scan4You Sentenced
In May 2017, one of the biggest facilitators of cybercrime, Scan4You, went offline after the two main suspects, Ruslans Bondars and Jurijs Martisevs, were arrested in Latvia and extradited to the U.S. by the Federal Bureau of Investigation (FBI). In May 2018, the case against the Scan4You’s operators concluded in a Virginia federal courtroom. The […] more…Operators of Counter Antivirus Service Scan4You Convicted
In May 2017, one of the biggest facilitators of cybercrime, Scan4You, went offline after the two main suspects, Ruslans Bondars and Jurijs Martisevs, were arrested in Latvia and extradited to the U.S. by the Federal Bureau of Investigation (FBI). In May 2018, the case against the Scan4You’s operators concluded in a Virginia federal courtroom. The […] more…Energetic Bear/Crouching Yeti: attacks on servers
Energetic Bear/Crouching Yeti is a widely known APT group active since at least 2010. The group tends to attack different companies with a strong focus on the energy and industrial sectors. Companies attacked by Energetic Bear/Crouching Yeti are geographically distributed worldwide with a more obvious concentration in Europe and the US. In 2016-2017, the number […] more…A Brief History of Cloud Computing and Security
According to recent research1, 50% of organizations use more than one public cloud infrastructure vendor, choosing between Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform and a series of others. 85% of those using more than one cloud infrastructure provider are managing up to four1, seeking the best fit for their applications and hedging […] more…World Wide Web – The journey from 1990
This year on my birthday, family and friends sent me gifts and flowers bought from online stores. Even my cake was ordered online! I wondered, “How would things have been without the World Wide Web?” August 1, 2017 was the 26th birthday of the World Wide Web and this is the right opportunity to thank […] more…More information
- Facebook gave certain companies special access to customer data
- Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards
- Police-taunting Facebook selfie poster jailed
- China-linked Hackers Targeting Air-Gapped Systems: Report
- SanDisk breaks the £1/GB flash storage barrier with InfiniFlash
- Attention Gmail Users: App Developers Can Potentially Read Your Private Emails
- New Backdoors Used by Hamas-Linked Hackers Abuse Facebook, Dropbox
- South Korea claims North hacked government officials’ smartphones
- Developer goes rogue, shoots four colleagues at ERP code maker
- Why Incident Response Must Adopt a Kill Chain Perspective