EAGERBEE, with updated and novel components, targets the Middle East

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor. Continue reading EAGERBEE, with updated and novel components, targets the Middle East

Lazarus group evolves its infection chain with old and new malware

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus. Continue reading Lazarus group evolves its infection chain with old and new malware

APT trends report Q3 2024

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns. Continue reading APT trends report Q3 2024

Beyond the Surface: the evolution and expansion of the SideWinder APT group

Kaspersky analyzes SideWinder APT’s recent activity: new targets in the MiddleEast and Africa, post-exploitation tools and techniques. Continue reading Beyond the Surface: the evolution and expansion of the SideWinder APT group

BlindEagle flying high in Latin America

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries. Continue reading BlindEagle flying high in Latin America

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools. Continue reading EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

CloudSorcerer – A new APT targeting Russian government entities

Kaspersky discovered a new APT CloudSorcerer targeting Russian government entities and using cloud services as C2, just like the CloudWizard actor. Continue reading CloudSorcerer – A new APT targeting Russian government entities