Collaborate Disseminate
Joe Sullivan, the former Chief Security Officer (CSO) of Uber, has been convicted of obstruction of proceedings of the Federal Trade Commission and misprision of felony in connection with the attempted cover-up of the hack Uber suffered in 2016. The co… Continue reading Former Uber CSO convicted for concealing data breach, theft from the authorities
Ransomware gangs are planning on trying out a new tactic, and it involves the destruction of the victims’ data. Targeting the data Researchers from Symantec, Cyderes and Stairwell have recently analyzed a new version of the Exmatter data exfiltra… Continue reading To encrypt or to destroy? Ransomware affiliates plan to try the latter
We analyze external threats for organizations in APAC region based on the data collected by Kaspersky Digital Footprint Intelligence service. Continue reading External attack surface and ongoing cybercriminal activity in APAC region
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI. They were masquerading as one of the most popular open-source packages named “requests“. Continue reading Two more malicious Python packages in the PyPI
In this research, we observed various types of threats that mimic useful web browser extensions, and the number of users attacked by them. Continue reading Threat in your browser: what dangers innocent-looking extensions hold for users
Kaspersky ICS CERT experts detected a wave of targeted attacks in several East European countries, as well as Afghanistan. Of the six backdoors identified on infected systems, five have been used earlier in attacks attributed to APT TA428. Continue reading Targeted attack on industrial enterprises and public institutions
Kaspersky ICS CERT experts detected a wave of targeted attacks in several East European countries, as well as Afghanistan. Of the six backdoors identified on infected systems, five have been used earlier in attacks attributed to APT TA428. Continue reading Targeted attack on industrial enterprises and public institutions
Two universal and seemingly innocuous browser features – the ability to create bookmarks (aka “favorites”) and browser synchronization – make users’ lives easier, but may also allow hackers to establish a covert data exfil… Continue reading Browser synchronization abuse: Bookmarks as a covert data exfiltration channel
This week, we identified four suspicious packages in the Node Package Manager (npm) repository. All these packages contained highly obfuscated malicious Python and JavaScript code. We dubbed this malicious campaign “LofyLife”. Continue reading LofyLife: malicious npm packages steal Discord tokens and bank card data
If your organization gets hit by a ransomware gang that has also managed to steal company data before hitting the “encrypt” button, which types of data are more likely to end up being disclosed as you debate internally on whether you should… Continue reading Which stolen data are ransomware gangs most likely to disclose?