GReAT – Page 6 – WindowsTechs.com

New ransomware trends in 2022

Posted on May 11, 2022 by GReAT

This year, ransomware is no less active than before: cybercriminals continue to threaten nationwide retailers and enterprises, old variants of malware return while the new ones develop. Continue reading New ransomware trends in 2022→

APT trends report Q1 2022

Posted on April 27, 2022 by GReAT

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q1 2022. Continue reading APT trends report Q1 2022→

A Bad Luck BlackCat

Posted on April 7, 2022 by GReAT

A new ransomware actor started advertising its services on a Russian underground forum. They presented themselves as ALPHV, but the group is also known as BlackCat. Two recent BlackCat incidents stand out as particularly interesting. Continue reading A Bad Luck BlackCat→

Lazarus Trojanized DeFi app for delivering malware

Posted on March 31, 2022 by GReAT

We recently discovered a Trojanized DeFi application that was compiled in November 2021. This application contains a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a full-featured backdoor. Continue reading Lazarus Trojanized DeFi app for delivering malware→

Webinar on cyberattacks in Ukraine – summary and Q&A

Posted on March 14, 2022 by GReAT

Last week, Kaspersky’s GReAT shared their insights into the current (and past) cyberattacks in Ukraine. In this post we address the questions that we did not have the time to answer and provide IoCs. Continue reading Webinar on cyberattacks in Ukraine – summary and Q&A→

Elections GoRansom – a smoke screen for the HermeticWiper attack

Posted on March 1, 2022 by GReAT

We present our analysis of HermeticRansom (aka Elections GoRansom) ransomware that was likely used as a smokescreen for the HermeticWiper attack. Continue reading Elections GoRansom – a smoke screen for the HermeticWiper attack→

APT annual review 2021

Posted on November 30, 2021 by GReAT

For this annual review, we have tried to focus on what we consider to be the most interesting trends and developments of the last 12 months. Continue reading APT annual review 2021→

ScarCruft surveilling North Korean defectors and human rights activists

Posted on November 29, 2021 by GReAT

The ScarCruft group (also known as APT37 or Temp.Reaper) is a nation-state sponsored APT actor. Recently, we had an opportunity to perform a deeper investigation on a host compromised by this group. Continue reading ScarCruft surveilling North Korean defectors and human rights activists→

Advanced threat predictions for 2022

Posted on November 17, 2021 by GReAT

Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict what might lie ahead in the coming year. Continue reading Advanced threat predictions for 2022→

APT trends report Q3 2021

Posted on October 26, 2021 by GReAT

The APT trends reports are based on our threat intelligence research and provide a representative snapshot of what we have discussed in greater detail in our private APT reports. This is our latest installment, focusing on activities that we observed during Q3 2021. Continue reading APT trends report Q3 2021→