Vulnerabilities and exploits – Page 10

MysterySnail attacks with Windows zero-day

Posted on October 12, 2021 by Boris Larin, Costin Raiu

We detected attacks with the use of an elevation of privilege exploit on multiple Microsoft Windows servers. Variants of the malware payload used along with the zero-day exploit were detected in widespread espionage campaigns. We are calling this cluster of activity MysterySnail. Continue reading MysterySnail attacks with Windows zero-day→

Exploitation of the CVE-2021-40444 vulnerability in MSHTML

Posted on September 16, 2021 by AMR

Last week, Microsoft reported the RCE vulnerability CVE-2021-40444 in the MSHTML browser engine. Kaspersky is aware of targeted attacks using this vulnerability, and our products protect against attacks leveraging it. Continue reading Exploitation of the CVE-2021-40444 vulnerability in MSHTML→

Incident response analyst report 2020

Posted on September 13, 2021 by Kaspersky Security Services, Kaspersky GERT

We deliver a range of services: incident response, digital forensics and malware analysis. Data in the report comes from our daily practices with organizations seeking assistance with full-blown incident response or complementary expert activities for their internal incident response teams. Continue reading Incident response analyst report 2020→

IT threat evolution Q2 2021

Posted on August 12, 2021 by David Emm

Ferocious Kitten, TunnelSnake, PuzzleMaker and other threat actors, zero-day vulnerabilities, ransomware and banking Trojans – check out our review of Q2 2021. Continue reading IT threat evolution Q2 2021→

IT threat evolution in Q2 2021. PC statistics

Posted on August 12, 2021 by AMR

PC threat statistics for Q2 2021 contain data on miners, encrypting ransomware, financial malware and threats to Windows, macOS and IoT. Continue reading IT threat evolution in Q2 2021. PC statistics→

APT trends report Q2 2021

Posted on July 29, 2021 by GReAT

This is our latest summary of advanced persistent threat (APT) activity, focusing on significant events that we observed during Q2 2021: attacks against Microsoft Exchange servers, APT29 and APT31 activities, targeting campaigns, etc. Continue reading APT trends report Q2 2021→

Managed Detection and Response in Q4 2020

Posted on July 21, 2021 by Kaspersky Security Services

During the reported period, our MDR processed approximately 65 000 alerts, followed by an investigation that resulted in 1 506 incidents reported to customers, approximately 93% of which were mapped to the MITRE ATT&CK framework. Continue reading Managed Detection and Response in Q4 2020→

Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)

Posted on July 8, 2021 by Kaspersky

Last week Microsoft warned Windows users about vulnerabilities in the Windows Print Spooler service – CVE-2021-1675 and CVE-2021-34527 (also known as PrintNightmare). We are closely monitoring the situation and improving generic detection of these vulnerabilities. Continue reading Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)→

How to confuse antimalware neural networks. Adversarial attacks and protection

Posted on June 23, 2021 by Kaspersky

Сybersecurity companies implement a variety of methods to discover previously unknown malware files. Machine learning (ML) is a powerful and widely used approach for this task. But can we rely entirely on machine learning approaches in the battle with the bad guys? Or could powerful AI itself be vulnerable? Continue reading How to confuse antimalware neural networks. Adversarial attacks and protection→

Black Kingdom ransomware

Posted on June 17, 2021 by Marc Rivero

Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. The ransomware was used by an unknown adversary for exploiting a Microsoft Exchange vulnerability (CVE-2021-27065). Continue reading Black Kingdom ransomware→