APT review of the year

What were the most interesting developments in terms of APT activity throughout the year and what can we learn from them? Not an easy question to answer. Still, with the benefit of hindsight, let’s try to approach the problem from different angles to get a better understanding of what went on. Continue reading APT review of the year

Czech Republic Blames Russia for Yearlong Email Breach

The Czech government’s Security Information Service (BIS) revealed in a report that hackers associated with the Russian government are responsible for an email breach, compromising the email system of the country’s Ministry of Foreign Affa… Continue reading Czech Republic Blames Russia for Yearlong Email Breach

Kaspersky Security Bulletin 2018. Top security stories

All too often, both rely on manipulating human psychology as a way of compromising entire systems or individual computers. Increasingly, the devices targeted also include those that we don’t consider to be computers – from children’s toys to security cameras. Here is our annual round-up of major incidents and key trends from 2018 Continue reading Kaspersky Security Bulletin 2018. Top security stories

APT28 Gets the Spotlight, But Turla Remains Russia’s Elite Hacking Unit

Over the past two years, the Russian cyberespionage group known as APT28, Sofacy or Fancy Bear, has been the focus of many press reports, threat analyses, Western intelligence investigations and, more recently, U.S. prosecution efforts. Yet despite al… Continue reading APT28 Gets the Spotlight, But Turla Remains Russia’s Elite Hacking Unit

Shedding Skin – Turla’s Fresh Faces

Turla, also known as Venomous Bear, Waterbug, and Uroboros, may be best known for what was at the time an “ultra complex” snake rootkit focused on NATO-related targets, but their malware set and activity is much broader. Our current focus is on more recent and upcoming activity from this APT. Continue reading Shedding Skin – Turla’s Fresh Faces

Critical Vulnerability Patched in Apache Struts

The Apache Struts web development framework has received new security updates to address a critical vulnerability that could allow attackers to compromise web applications and servers. Apache Struts is widely used for developing web applications in en… Continue reading Critical Vulnerability Patched in Apache Struts

Decision Analysis Applications in Threat Analysis Frameworks

Cybersecurity is generally considered to be a highly reactive field where professionals struggle to keep up with new and emerging threats. As the profession works to become more human-centered and proactive, I have attempted to design a new modeling pr… Continue reading Decision Analysis Applications in Threat Analysis Frameworks