APT – WindowsTechs.com

BellaCPP: Discovering a new BellaCiao variant written in C++

Posted on December 20, 2024 by Mert Degirmenci

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”. Continue reading BellaCPP: Discovering a new BellaCiao variant written in C++→

Lazarus group evolves its infection chain with old and new malware

Posted on December 19, 2024 by Vasily Berdnikov, Sojun Ryu

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus. Continue reading Lazarus group evolves its infection chain with old and new malware→

Careto is back: what’s new after 10 years of silence?

Posted on December 12, 2024 by Georgy Kucherin, Marc Rivero

Kaspersky researchers analyze 2019, 2022 and 2024 attacks attributed to Careto APT with medium to high confidence. Continue reading Careto is back: what’s new after 10 years of silence?→

Exploits and vulnerabilities in Q3 2024

Posted on December 6, 2024 by Alexander Kolesnikov

The report contains statistics on vulnerabilities and exploits, with an analysis of interesting vulnerabilities found in Q3 2024, such as regreSSHion Continue reading Exploits and vulnerabilities in Q3 2024→

IT threat evolution Q3 2024

Posted on November 29, 2024 by David Emm

In this part of the malware report we discuss the most remarkable findings of Q3 2024, including APT and hacktivist attacks, ransomware, stealers, macOS malware and so on. Continue reading IT threat evolution Q3 2024→

IT threat evolution Q3 2024

Posted on November 29, 2024 by David Emm

APT trends report Q3 2024

Posted on November 28, 2024 by GReAT

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns. Continue reading APT trends report Q3 2024→

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

Posted on November 26, 2024 by Zeljka Zorz

Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows Task Scheduler, as zero-days earlier this year. “Chai… Continue reading RomCom hackers chained Firefox and Windows zero-days to deliver backdoor→

Faraway Russian hackers breached US organization via Wi-Fi

Posted on November 25, 2024 by Zeljka Zorz

Forest Blizzard, a threat group associated with Russia’s GRU military intelligence service, repeatedly breached a US-based organization via compromised computer systems of nearby firms, which they leveraged to authenticate to the target’s e… Continue reading Faraway Russian hackers breached US organization via Wi-Fi→

Advanced threat predictions for 2025

Posted on November 25, 2024 by

Kaspersky’s Global Research and Analysis Team monitors over 900 APT (Advanced Persistent Threat) groups and operations. In this piece of KSB series, we review the advanced threat trends from the past year and offer insights into what we can expect in 2025. Continue reading Advanced threat predictions for 2025→