Collaborate Disseminate
Kaspersky’s GERT experts describe an incident with initial access to enterprise infrastructures through a FortiClient EMS vulnerability that allowed SQL injections. Continue reading Attackers exploiting a patched FortiClient EMS vulnerability in the wild
Kaspersky’s GERT experts describe an incident with initial access to enterprise infrastructures through a FortiClient EMS vulnerability that allowed SQL injections. Continue reading Attackers exploiting a patched FortiClient EMS vulnerability in the wild
Kaspersky experts describe an Elpaco ransomware sample, a Mimic variant, which abuses the Everything search system for Windows and provides custom features via a GUI. Continue reading Analysis of Elpaco: a Mimic variant
In this report, we share our latest crimeware findings: the ASMCrypt cryptor/loader related to DoubleFinger, a new Lumma stealer and a new version of Zanubis Android banking trojan. Continue reading A cryptor, a stealer and a banking trojan
In this article we demonstrate a detection evasion technique using CLR that may be useful for penetration testing as well as a couple of tips for SOCs to help detect such attacks. Continue reading Detection evasion in CLR and tips on how to detect such attacks
In this article we demonstrate a detection evasion technique using CLR that may be useful for penetration testing as well as a couple of tips for SOCs to help detect such attacks. Continue reading Detection evasion in CLR and tips on how to detect such attacks
This tactic has the most techniques of any of the other tactics discussed in the MITRE ATT&CK Framework so far. What I find interesting about these techniques is that they expose the tradecraft of the various threat actors behind malware attacks. A… Continue reading The MITRE ATT&CK Framework: Defense Evasion