Collaborate Disseminate
While the CrowdStrike incident is still fresh in our minds, Kaspersky experts look back on similar IT outages that happened in 2024 and predict potential threats for 2025. Continue reading Story of the Year: global IT outages and supply chain attacks
Kaspersky’s Global Research and Analysis Team monitors over 900 APT (Advanced Persistent Threat) groups and operations. In this piece of KSB series, we review the advanced threat trends from the past year and offer insights into what we can expect in 2025. Continue reading Advanced threat predictions for 2025
Kaspersky’s Global Research and Analysis Team monitors over 900 APT (Advanced Persistent Threat) groups and operations. In this piece of KSB series, we review the advanced threat trends from the past year and offer insights into what we can expect in 2025. Continue reading Advanced threat predictions for 2025
Checkmarx researchers discovered PyPI malware posing as crypto wallet tools. These malicious packages stole private keys and recovery… Continue reading New PyPI Malware Poses as Crypto Wallet Tools to Steal Private Keys
JFrog’s cybersecurity researchers have identified a new PyPI attack technique called “Revival Hijack,” which exploits package deletion policies. Over 22,000 packages are at risk, potentially impacting thousands of users. Stay informed! Continue reading New Supply Chain Attack “Revival Hijack” Risks Massive PyPI Takeovers
In this article we analyze social engineering aspects of the XZ backdoor incident. Namely pressuring the XZ maintainer to pass on the project to Jia Cheong Tan, and then urging major downstream maintainers to commit the backdoored code to their projects. Continue reading Assessing the Y, and How, of the XZ Utils incident
Read about a supply chain attack that involves XZ Utils, a data compressor widely used in Linux systems, and learn how to protect from this threat. Continue reading XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor
Attacks on a critical infrastructure target in South Africa, supply-chain attack on Linux machines, Telegram doppelganger used to target people in China. Continue reading IT threat evolution Q3 2023
Kaspersky researchers review APT predictions for 2023 and current trends in the advanced threat landscape, and try to predict how it will develop in 2024. Continue reading Advanced threat predictions for 2024
Kaspersky researchers analyzed a Linux backdoor disguised as Free Download Manager software that remained under the radar for at least three years. Continue reading Free Download Manager backdoored – a possible supply chain attack on Linux machines