Vulnerabilities and exploits – Page 11

PuzzleMaker attacks with Chrome zero-day exploit chain

Posted on June 8, 2021 by Costin Raiu, Boris Larin, Alexey Kulaev

We detected a wave of highly targeted attacks against multiple companies. Closer analysis revealed that all these attacks exploited a chain of Google Chrome and Microsoft Windows zero-day exploits. Continue reading PuzzleMaker attacks with Chrome zero-day exploit chain→

IT threat evolution Q1 2021

Posted on May 31, 2021 by David Emm

SolarWinds attacks, MS Exchange vulnerabilities, fake adblocker distributing miner, malware for Apple Silicon platform and other threats in Q1 2021. Continue reading IT threat evolution Q1 2021→

IT threat evolution Q1 2021. Non-mobile statistics

Posted on May 31, 2021 by AMR

In Q1 2021, we blocked more than 2 billion attacks launched from online resources across the globe, detected 77.4M unique malicious and potentially unwanted objects, and recognized 614M unique URLs as malicious. Continue reading IT threat evolution Q1 2021. Non-mobile statistics→

Kaspersky Security Bulletin 2020-2021. EU statistics

Posted on May 26, 2021 by Kaspersky

In the EU, 70% of user computers experienced at least one Malware-class attack, 115,452,157 web attacks and 86,584,675 phishing attempts were blocked. Continue reading Kaspersky Security Bulletin 2020-2021. EU statistics→

APT trends report Q1 2021

Posted on April 27, 2021 by GReAT

This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. Continue reading APT trends report Q1 2021→

Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild

Posted on April 13, 2021 by Boris Larin, Costin Raiu, Brian Bartholomew

CVE-2021-28310 is an out-of-bounds (OOB) write vulnerability in dwmcore.dll, which is part of Desktop Window Manager (dwm.exe). We believe it is exploited in the wild, potentially by several threat actors. Continue reading Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild→

APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign

Posted on March 30, 2021 by Suguru Ishimaru

A41APT is a long-running campaign with activities detected from March 2019 to the end of December 2020. Most of the discovered malware families are fileless malware and they have not been seen before. Continue reading APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign→

Zero-day vulnerabilities in Microsoft Exchange Server

Posted on March 4, 2021 by Vladimir Kuskov, Alexey Kulaev, Nikita Galimov

The four vulnerabilities inside Microsoft Exchange Server allow an attacker to compromise a vulnerable server. As a result, an attacker will gain access to all registered email accounts, or be able to execute arbitrary code (remote code execution or RCE) within the Exchange Server context. Continue reading Zero-day vulnerabilities in Microsoft Exchange Server→

Digital Footprint Intelligence Report

Posted on December 29, 2020 by Artur Akhmetov

The Digital Footprint Intelligence Service announces the results of research on the digital footprints of governmental, financial and industrial organizations for countries in the Middle East region. Continue reading Digital Footprint Intelligence Report→

Kaspersky Security Bulletin 2020. Statistics

Posted on December 15, 2020 by AMR

Kaspersky solutions blocked 666,809,967 attacks launched from online resources in various countries across the world, 173,335,902 unique URLs were recognized as malicious by Web Anti-Virus. Continue reading Kaspersky Security Bulletin 2020. Statistics→