financial threats – Page 7 – WindowsTechs.com

Incident response analyst report 2020

Posted on September 13, 2021 by Kaspersky Security Services, Kaspersky GERT

We deliver a range of services: incident response, digital forensics and malware analysis. Data in the report comes from our daily practices with organizations seeking assistance with full-blown incident response or complementary expert activities for their internal incident response teams. Continue reading Incident response analyst report 2020→

IT threat evolution Q2 2021

Posted on August 12, 2021 by David Emm

Ferocious Kitten, TunnelSnake, PuzzleMaker and other threat actors, zero-day vulnerabilities, ransomware and banking Trojans – check out our review of Q2 2021. Continue reading IT threat evolution Q2 2021→

IT threat evolution in Q2 2021. Mobile statistics

Posted on August 12, 2021 by Victor Chebyshev

In Q2 2021, we prevented 14,465,672 mobile malware, adware and riskware attacks; 886,105 malicious installation packages were detected, of which 24,604 packages were mobile banking Trojans and 3,623 packages were mobile ransomware Trojans. Continue reading IT threat evolution in Q2 2021. Mobile statistics→

IT threat evolution in Q2 2021. PC statistics

Posted on August 12, 2021 by AMR

PC threat statistics for Q2 2021 contain data on miners, encrypting ransomware, financial malware and threats to Windows, macOS and IoT. Continue reading IT threat evolution in Q2 2021. PC statistics→

Arrests of members of Tetrade seed groups Grandoreiro and Melcoz

Posted on July 14, 2021 by GReAT

Spain’s Ministry of the Interior has announced the arrest of 16 individuals connected to the Grandoreiro and Melcoz cybercrime groups. Both are originally from Brazil and form part of the Tetrade umbrella, operating for a few years now in Latin America and Western Europe. Continue reading Arrests of members of Tetrade seed groups Grandoreiro and Melcoz→

REvil ransomware attack against MSPs and its clients around the world

Posted on July 5, 2021 by Kaspersky

An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims reportedly have been compromised a popular MSP software which led to encryption of their customers. Continue reading REvil ransomware attack against MSPs and its clients around the world→

Malicious spam campaigns delivering banking Trojans

Posted on June 24, 2021 by Anton Kuzmenko

In mid-March 2021, we observed two new spam campaigns delivering banking Trojans. The payload in most cases was IcedID, but we have also seen a few QBot (aka QakBot) samples. Continue reading Malicious spam campaigns delivering banking Trojans→

Black Kingdom ransomware

Posted on June 17, 2021 by Marc Rivero

Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. The ransomware was used by an unknown adversary for exploiting a Microsoft Exchange vulnerability (CVE-2021-27065). Continue reading Black Kingdom ransomware→

Andariel evolves to target South Korea with ransomware

Posted on June 15, 2021 by Seongsu Park

In April 2021, we observed a suspicious Word document with a Korean file name and decoy. It revealed a novel infection scheme and an unfamiliar payload. After a deep analysis, we came to a conclusion: the Andariel group was behind these attacks. Continue reading Andariel evolves to target South Korea with ransomware→

Gootkit: the cautious Trojan

Posted on June 7, 2021 by Anton Kuzmenko

Gootkit is complex multi-stage banking malware capable of stealing data from the browser, performing man-in-the-browser attacks, keylogging, taking screenshots and lots of other malicious actions. Its loader performs various virtual machine and sandbox checks and uses sophisticated persistence algorithms. Continue reading Gootkit: the cautious Trojan→