APT trends report Q1 2023

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. Continue reading APT trends report Q1 2023

APT trends report Q1 2023

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. Continue reading APT trends report Q1 2023

Tomiris called, they want their Turla malware back

We continued to track Tomiris as a separate threat actor over three new attack campaigns between 2021 and 2023, and our telemetry allowed us to shed light on the group. In this blog post, we’re excited to share what we now know of Tomiris with the broader community, and discuss further evidence of a possible connection to Turla. Continue reading Tomiris called, they want their Turla malware back

Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack

A DLL named guard64.dll, which was loaded into the infected 3CXDesktopApp.exe process, was used in recent deployments of a backdoor that we dubbed “Gopuram” and had been tracking internally since 2020. Continue reading Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack

Bad magic: new APT found in the area of Russo-Ukrainian conflict

In October 2022, we identified an active infection of government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions. Continue reading Bad magic: new APT found in the area of Russo-Ukrainian conflict

What your SOC will be facing in 2023

Supply chain and reoccurring attacks, data destruction, lack of staff — what challenges will your security operations center be facing in 2023? Continue reading What your SOC will be facing in 2023