Internal threats – WindowsTechs.com

Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses

Posted on October 29, 2024 by Victor Sergeev, Amged Wageh, Ahmed Khlief

Kaspersky experts analyze cyberdefense weak points, including patch management, policy violations and MSSP issues, and real-world cases where compromise assessment helped detect and mitigate incidents. Continue reading Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses→

A deep dive into the most interesting incident response cases of last year

Posted on September 3, 2024 by Eduardo Ovalle, Ahmad Zaidi Said, AbdulRhman Alfaifi

Kaspersky Global Emergency Response Team (GERT) shares the most interesting IR cases for the year 2023: insider attacks, ToddyCat-like APT, Flax Typhoon and more. Continue reading A deep dive into the most interesting incident response cases of last year→

Incident response analyst report 2023

Posted on May 14, 2024 by Kaspersky GERT, Kaspersky Security Services

The report shares statistics and observations from incident response practice in 2023, analyzes trends and gives cybersecurity recommendations. Continue reading Incident response analyst report 2023→

Managed Detection and Response in 2023

Posted on April 30, 2024 by Kaspersky Security Services

The report covers the tactics, techniques and tools most commonly deployed by threat actors, the nature of incidents detected and their distribution among MDR customers. Continue reading Managed Detection and Response in 2023→

Network tunneling with… QEMU?

Posted on March 5, 2024 by Grigory Sablin, Alexander Rodchenko, Kirill Magaskin

While investigating an incident, we detected uncommon malicious activity inside one of the systems. We ran an analysis on the artifacts, only to find that the adversary had deployed and launched the QEMU hardware emulator. Continue reading Network tunneling with… QEMU?→

What to do if your company was mentioned on Darknet?

Posted on December 12, 2023 by Kaspersky Security Services

We created a list of companies worldwide from different industries and searched through Darknet trying to find out how likely these companies have suffered a breach, what kind of data leaked, and what to do with it. Continue reading What to do if your company was mentioned on Darknet?→

ChatGPT at work: how chatbots help employees, but threaten business

Posted on October 13, 2023 by Vladislav Tushkanov, Anna Larkina

We look at how user data privacy is handled by large language model-based chatbots: ChatGPT, Microsoft Bing, Google Bard, Anthropic Claude, You.com, and Bing. Continue reading ChatGPT at work: how chatbots help employees, but threaten business→

The nature of cyberincidents in 2022

Posted on May 16, 2023 by Kaspersky GERT, Kaspersky Security Services

Kaspersky Incident Response report for 2022: incident response statistics, key trends and conclusions, expert recommendations. Continue reading The nature of cyberincidents in 2022→

Managed Detection and Response in 2022

Posted on May 2, 2023 by Kaspersky Security Services

Managed Detection and Response in 2022: number and severity of incidents, detection rate, breakdown by country and industry, data on cyberattacks in different regions. Continue reading Managed Detection and Response in 2022→

IT threat evolution in Q2 2022. Non-mobile statistics

Posted on August 15, 2022 by AMR

Our non-mobile malware statistics for Q2 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices. Continue reading IT threat evolution in Q2 2022. Non-mobile statistics→