APT (Targeted attacks) – WindowsTechs.com

BellaCPP: Discovering a new BellaCiao variant written in C++

Posted on December 20, 2024 by Mert Degirmenci

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”. Continue reading BellaCPP: Discovering a new BellaCiao variant written in C++→

Lazarus group evolves its infection chain with old and new malware

Posted on December 19, 2024 by Vasily Berdnikov, Sojun Ryu

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus. Continue reading Lazarus group evolves its infection chain with old and new malware→

Careto is back: what’s new after 10 years of silence?

Posted on December 12, 2024 by Georgy Kucherin, Marc Rivero

Kaspersky researchers analyze 2019, 2022 and 2024 attacks attributed to Careto APT with medium to high confidence. Continue reading Careto is back: what’s new after 10 years of silence?→

IT threat evolution Q3 2024

Posted on November 29, 2024 by David Emm

In this part of the malware report we discuss the most remarkable findings of Q3 2024, including APT and hacktivist attacks, ransomware, stealers, macOS malware and so on. Continue reading IT threat evolution Q3 2024→

IT threat evolution Q3 2024

Posted on November 29, 2024 by David Emm

APT trends report Q3 2024

Posted on November 28, 2024 by GReAT

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns. Continue reading APT trends report Q3 2024→

Advanced threat predictions for 2025

Posted on November 25, 2024 by

Kaspersky’s Global Research and Analysis Team monitors over 900 APT (Advanced Persistent Threat) groups and operations. In this piece of KSB series, we review the advanced threat trends from the past year and offer insights into what we can expect in 2025. Continue reading Advanced threat predictions for 2025→

Advanced threat predictions for 2025

Posted on November 25, 2024 by

QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns

Posted on November 8, 2024 by Saurabh Sharma

Kaspersky shares details on QSC modular cyberespionage framework, which appears to be linked to CloudComputating group campaigns. Continue reading QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns→

The Crypto Game of Lazarus APT: Investors vs. Zero-days

Posted on October 23, 2024 by Boris Larin, Vasily Berdnikov

Kaspersky GReAT experts break down the new campaign of Lazarus APT which uses social engineering and exploits a zero-day vulnerability in Google Chrome for financial gain. Continue reading The Crypto Game of Lazarus APT: Investors vs. Zero-days→