Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022)

This is the third part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022)

Windows CLFS and five exploits used by ransomware operators

We had never seen so many CLFS driver exploits being used in active attacks before, and then suddenly there are so many of them captured in just one year. Is there something wrong with the CLFS driver? Are all these vulnerabilities similar? These questions encouraged me to take a closer look at the CLFS driver and its vulnerabilities. Continue reading Windows CLFS and five exploits used by ransomware operators

Windows CLFS and five exploits used by ransomware operators (Exploit #1 – CVE-2022-24521)

This is the second part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #1 – CVE-2022-24521)

Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252)

This is part six of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252)

Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

We uncovered a novel multiplatform threat named “NKAbuse”. The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities. Continue reading Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

FakeSG campaign, Akira ransomware and AMOS macOS stealer

In this report, we share our latest crimeware findings: FakeSG malware distribution campaign delivering NetSupport RAT, new Conti-like Akira ransomware and AMOS stealer for macOS. Continue reading FakeSG campaign, Akira ransomware and AMOS macOS stealer

Story of the year: the impact of AI on cybersecurity

Generative AI has become the trendiest technology of 2023. Kaspersky reviews AI-related security concerns, and implementations of this technology in cyberdefense and red teaming, and provides predictions for 2024. Continue reading Story of the year: the impact of AI on cybersecurity