Attackers exploiting a patched FortiClient EMS vulnerability in the wild

Kaspersky’s GERT experts describe an incident with initial access to enterprise infrastructures through a FortiClient EMS vulnerability that allowed SQL injections. Continue reading Attackers exploiting a patched FortiClient EMS vulnerability in the wild

Attackers exploiting a patched FortiClient EMS vulnerability in the wild

Kaspersky’s GERT experts describe an incident with initial access to enterprise infrastructures through a FortiClient EMS vulnerability that allowed SQL injections. Continue reading Attackers exploiting a patched FortiClient EMS vulnerability in the wild

Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses

Kaspersky experts analyze cyberdefense weak points, including patch management, policy violations and MSSP issues, and real-world cases where compromise assessment helped detect and mitigate incidents. Continue reading Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses

Whispers from the Dark Web Cave. Cyberthreats in the Middle East

The Kaspersky Digital Footprint Intelligence team shares insights into the H1 2024 Middle Eastern cyberthreat landscape: hacktivism, initial access brokers, ransomware, stealers, and so on. Continue reading Whispers from the Dark Web Cave. Cyberthreats in the Middle East

A deep dive into the most interesting incident response cases of last year

Kaspersky Global Emergency Response Team (GERT) shares the most interesting IR cases for the year 2023: insider attacks, ToddyCat-like APT, Flax Typhoon and more. Continue reading A deep dive into the most interesting incident response cases of last year

Tusk: unraveling a complex infostealer campaign

Kaspersky researchers discovered Tusk campaign with ongoing activity that uses Danabot and StealC infostealers and clippers to obtain cryptowallet credentials and system data. Continue reading Tusk: unraveling a complex infostealer campaign

Trusted relationship attacks: trust, but verify

We analyze the tactics and techniques of attackers targeting organizations through trusted relationships – that is, through contractors and external IT service providers. Continue reading Trusted relationship attacks: trust, but verify

ShrinkLocker: Turning BitLocker into ransomware

The Kaspersky GERT has detected a new group that has been abusing Microsoft Windows features by modifying the system to lower the defenses and using the local MS BitLocker utility to encrypt entire drives and demand a ransom. Continue reading ShrinkLocker: Turning BitLocker into ransomware