backdoor – Page 2 – WindowsTechs.com

A deep dive into the most interesting incident response cases of last year

Posted on September 3, 2024 by Eduardo Ovalle, Ahmad Zaidi Said, AbdulRhman Alfaifi

Kaspersky Global Emergency Response Team (GERT) shares the most interesting IR cases for the year 2023: insider attacks, ToddyCat-like APT, Flax Typhoon and more. Continue reading A deep dive into the most interesting incident response cases of last year→

Head Mare: adventures of a unicorn in Russia and Belarus

Posted on September 2, 2024 by Kaspersky

Analysis of the hacktivist group Head Mare targeting companies in Russia and Belarus: exploitation of WinRAR vulnerability, custom tools PhantomDL and PhantomCore. Continue reading Head Mare: adventures of a unicorn in Russia and Belarus→

HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat

Posted on August 27, 2024 by Sergey Puzan

Kaspersky experts discovered a macOS version of the HZ Rat backdoor, which collects user data from WeChat and DingTalk messengers. Continue reading HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat→

From Offices to Hotels: Backdoor in Contactless Key Cards Enables Mass Cloning

Posted on August 21, 2024 by Waqas

Millions of office and hotel contactless access cards using Fudan Microelectronics chips are vulnerable to a hardware backdoor… Continue reading From Offices to Hotels: Backdoor in Contactless Key Cards Enables Mass Cloning→

Major Backdoor in Millions of RFID Cards Allows Instant Cloning

Posted on August 20, 2024 by Ryan Naraine

Backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics allows instantaneous cloning of RFID smart cards used to open office doors and hotel rooms around the world.
The post Major Backdoor in Millions of RFID Cards Allows Inst… Continue reading Major Backdoor in Millions of RFID Cards Allows Instant Cloning→

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

Posted on August 14, 2024 by GReAT

Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools. Continue reading EastWind campaign: new CloudSorcerer attacks on government organizations in Russia→

APT trends report Q2 2024

Posted on August 13, 2024 by GReAT

The report features the most significant developments relating to APT groups in Q2 2024, including the new backdoor in Linux utility XZ, a new RAT called SalmonQT, and hacktivist activity. Continue reading APT trends report Q2 2024→

FIN7 sells improved EDR killer tool

Posted on July 18, 2024 by Zeljka Zorz

The cybercrime-focused enterprise known as FIN7 (aka the Carbanak group) has come up with yet another trick to assure the effectiveness of its “EDR killer” tool, dubbed AvNeutralizer (i.e., AuKill) by researchers. By leveraging Windows&#821… Continue reading FIN7 sells improved EDR killer tool→

Iran’s MuddyWater APT targets Saudis and Israelis with BugSleep Backdoor

Posted on July 16, 2024 by Deeba Ahmed

New Backdoor ‘BugSleep’ Discovered in MuddyWater Phishing Attacks. Cybersecurity researchers uncover a custom-made backdoor used by the notorious… Continue reading Iran’s MuddyWater APT targets Saudis and Israelis with BugSleep Backdoor→

CloudSorcerer – A new APT targeting Russian government entities

Posted on July 8, 2024 by Sergey Lozhkin

Kaspersky discovered a new APT CloudSorcerer targeting Russian government entities and using cloud services as C2, just like the CloudWizard actor. Continue reading CloudSorcerer – A new APT targeting Russian government entities→