Vulnerabilities and exploits – WindowsTechs.com

Threats in space (or rather, on Earth): internet-exposed GNSS receivers

Posted on November 13, 2024 by Isabel Manjarrez

Internet-exposed GNSS receivers pose a significant threat to sensitive operations. Kaspersky shares statistics on internet-exposed receivers for July 2024 and advice on how to protect against GNSS attacks. Continue reading Threats in space (or rather, on Earth): internet-exposed GNSS receivers→

Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses

Posted on October 29, 2024 by Victor Sergeev, Amged Wageh, Ahmed Khlief

Kaspersky experts analyze cyberdefense weak points, including patch management, policy violations and MSSP issues, and real-world cases where compromise assessment helped detect and mitigate incidents. Continue reading Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses→

The Crypto Game of Lazarus APT: Investors vs. Zero-days

Posted on October 23, 2024 by Boris Larin, Vasily Berdnikov

Kaspersky GReAT experts break down the new campaign of Lazarus APT which uses social engineering and exploits a zero-day vulnerability in Google Chrome for financial gain. Continue reading The Crypto Game of Lazarus APT: Investors vs. Zero-days→

SAS CTF and the many ways to persist a kernel shellcode on Windows 7

Posted on October 17, 2024 by Igor Kuznetsov, Boris Larin

In this article we solve the most difficult SAS CTF challenge based on the APT technique to introduce and persist a kernel shellcode on Windows 7. Continue reading SAS CTF and the many ways to persist a kernel shellcode on Windows 7→

Whispers from the Dark Web Cave. Cyberthreats in the Middle East

Posted on October 14, 2024 by Vera Kholopova, Kaspersky Security Services

The Kaspersky Digital Footprint Intelligence team shares insights into the H1 2024 Middle Eastern cyberthreat landscape: hacktivism, initial access brokers, ransomware, stealers, and so on. Continue reading Whispers from the Dark Web Cave. Cyberthreats in the Middle East→

A deep dive into the most interesting incident response cases of last year

Posted on September 3, 2024 by Eduardo Ovalle, Ahmad Zaidi Said, AbdulRhman Alfaifi

Kaspersky Global Emergency Response Team (GERT) shares the most interesting IR cases for the year 2023: insider attacks, ToddyCat-like APT, Flax Typhoon and more. Continue reading A deep dive into the most interesting incident response cases of last year→

Memory corruption vulnerabilities in Suricata and FreeRDP

Posted on August 22, 2024 by Dmitry Shmoylov, Evgeny Legerov, Denis Skvortsov

While pentesting KasperskyOS-based Thin Client and IoT Secure Gateway, we found several vulnerabilities in the Suricata and FreeRDP open-source projects. We shared details on these vulnerabilities with the community along with our fuzzer. Continue reading Memory corruption vulnerabilities in Suricata and FreeRDP→

Exploits and vulnerabilities in Q2 2024

Posted on August 21, 2024 by Vitaly Morgunov, Alexander Kolesnikov

The report contains statistics on vulnerabilities and exploits, with an analysis of interesting vulnerabilities found in Q2 2024. Continue reading Exploits and vulnerabilities in Q2 2024→

Indirect prompt injection in the real world: how people manipulate neural networks

Posted on August 12, 2024 by Vladislav Tushkanov

We studied data from the internet and Kaspersky internal sources to find out how and why people use indirect prompt injection. Continue reading Indirect prompt injection in the real world: how people manipulate neural networks→

Cinterion EHS5 3G UMTS/HSPA Module Research

Posted on June 13, 2024 by Kaspersky ICS CERT

We performed the security analysis of a Telit Cinterion modem in course of a bigger project of security assessment of a popular model of a truck and found eight vulnerabilities. Continue reading Cinterion EHS5 3G UMTS/HSPA Module Research→