Targeted Attacks – WindowsTechs.com

DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware

Posted on April 18, 2024 by GReAT

New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and CR4T backdoor in C and Go. Continue reading DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware→

Using the LockBit builder to generate targeted ransomware

Posted on April 15, 2024 by Eduardo Ovalle, Francesco Figurelli, Cristian Souza, Ashley Muñoz

Kaspersky researchers revisit the leaked LockBit 3.0 builder and share insights into a real-life incident involving a custom targeted ransomware variant created with this builder. Continue reading Using the LockBit builder to generate targeted ransomware→

ICS and OT threat predictions for 2024

Posted on January 31, 2024 by Evgeny Goncharov

Kaspersky experts make their predictions about ICS and OT threats: specifically, ransomware and hacktivist attacks, threats to logistics and transportation, etc. Continue reading ICS and OT threat predictions for 2024→

A lightweight method to detect potential iOS malware

Posted on January 16, 2024 by Maher Yamout

Analyzing Shutdown.log file as a lightweight method to detect indicators of infection with sophisticated iOS malware such as Pegasus, Reign and Predator. Continue reading A lightweight method to detect potential iOS malware→

Operation Triangulation: The last (hardware) mystery

Posted on December 27, 2023 by Boris Larin

Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs. Continue reading Operation Triangulation: The last (hardware) mystery→

IT threat evolution Q3 2023

Posted on December 1, 2023 by David Emm

Attacks on a critical infrastructure target in South Africa, supply-chain attack on Linux machines, Telegram doppelganger used to target people in China. Continue reading IT threat evolution Q3 2023→

HrServ – Previously unknown web shell used in APT attack

Posted on November 22, 2023 by Mert Degirmenci

In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021. Continue reading HrServ – Previously unknown web shell used in APT attack→

Advanced threat predictions for 2024

Posted on November 14, 2023 by GReAT

Kaspersky researchers review APT predictions for 2023 and current trends in the advanced threat landscape, and try to predict how it will develop in 2024. Continue reading Advanced threat predictions for 2024→

Ducktail fashion week

Posted on November 10, 2023 by AMR

The Ducktail malware, designed to hijack Facebook business and ads accounts, sends marketing professionals fake ads for jobs with major clothing manufacturers. Continue reading Ducktail fashion week→

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

Posted on November 9, 2023 by

Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups. Continue reading Modern Asian APT groups’ tactics, techniques and procedures (TTPs)→