Securelist – WindowsTechs.com

Twenty-three SUNBURST Targets Identified

Posted on January 25, 2021 by Erik Hjelmvik

Remember when Igor Kuznetsov and Costin Raiu announced that two of the victims in FireEye’s SUNBURST IOC list were ***net.***.com and central.***.gov on Kaspersky’s Securelist blog in December? Reuters later reported that these victims were Cox Communi… Continue reading Twenty-three SUNBURST Targets Identified→

USB restricted mode, plus Calisto Trojan

Posted on July 22, 2018 by David Harley

USB restricted mode tightens a notch. Plus, the Calisto macOS Trojan.
The post USB restricted mode, plus Calisto Trojan appeared first on Security Boulevard.
Continue reading USB restricted mode, plus Calisto Trojan→

BadRabbit Ransomware Attacks Hitting Russia, Ukraine

Posted on October 24, 2017 by Michael Mimoso

A ransomware attack called BadRabbit has put a halt to business inside a handful of Russian and Ukrainian businesses. Continue reading BadRabbit Ransomware Attacks Hitting Russia, Ukraine→

Turla APT Used WhiteBear Espionage Tools Against Defense Industry, Embassies

Posted on August 30, 2017 by Michael Mimoso

The Turla APT’s WhiteBear toolset was used to attack defense organizations as recently as June, and diplomatic targets in Europe, Asia and South America during most of 2016. Continue reading Turla APT Used WhiteBear Espionage Tools Against Defense Industry, Embassies→

Modified Versions of Nukebot in Wild Since Source Code Leak

Posted on July 19, 2017 by Michael Mimoso

Criminals have made use of the leaked source code for the Nukebot banking Trojan, crafting modified versions of the malware to target banks in the U.S. and France. Continue reading Modified Versions of Nukebot in Wild Since Source Code Leak→

Tools Used by Lamberts APT Found in Vault 7 Dumps

Posted on April 11, 2017 by Michael Mimoso

Researchers at Kaspersky Lab today disclosed the activities of the Lamberts APT, a group using many of the tools and tactics found in the Vault 7 dumps. Continue reading Tools Used by Lamberts APT Found in Vault 7 Dumps→

FruityArmor APT Group Used Recently Patched Windows Zero Day

Posted on October 20, 2016 by Chris Brook

The FruityArmor APT group was using one of the Windows zero days patched by Microsoft last week to escape sandboxes and carry out targeted attacks. Continue reading FruityArmor APT Group Used Recently Patched Windows Zero Day→

StrongPity APT Covets Secrets of Crypto Users

Posted on October 10, 2016 by Michael Mimoso

Kaspersky Lab researchers have uncovered the StrongPity APT, a group that uses watering hole attacks to infect machines of users seeking encryption technologies such as WinRAR and TrueCrypt. Continue reading StrongPity APT Covets Secrets of Crypto Users→

ShadowBrokers’ Leak Has ‘Strong Connection’ to Equation Group

Posted on August 17, 2016 by Michael Mimoso

Researchers at Kaspersky Lab said there is a strong connection between the ShadowBrokers cache of exploits and those belonging to the Equation Group. Continue reading ShadowBrokers’ Leak Has ‘Strong Connection’ to Equation Group→

APT Groups Finding Success with Patched Microsoft Flaw

Posted on May 25, 2016 by Michael Mimoso

Researchers at Kaspersky Lab have identified six APT groups using exploits for a Microsoft Office flaw that was patched in September 2015. Continue reading APT Groups Finding Success with Patched Microsoft Flaw→