Vulnerabilities and exploits – Page 13

GravityRAT: The spy returns

Posted on October 19, 2020 by evgenyklopkov

In 2019, on VirusTotal, we encountered a curious piece of Android spyware which, when analyzed, seemed connected to GravityRAT. The cybercriminals had added a spy module to Travel Mate, an Android app for travelers to India, the source code of which is available on Github. Continue reading GravityRAT: The spy returns→

Threat landscape for industrial automation systems. H1 2020 highlights

Posted on September 24, 2020 by Kaspersky Lab ICS CERT

Beginning in H2 2019 we have observed a tendency for decreases in the percentages of attacked computers, both in the ICS and in the corporate and personal environments. The internet, removable media and email continue to be the main sources of threats in the ICS environment. Continue reading Threat landscape for industrial automation systems. H1 2020 highlights→

An overview of targeted attacks and APTs on Linux

Posted on September 10, 2020 by GReAT

Perhaps unsurprisingly, a lot has been written about targeted attacks on Windows systems. Windows is, due to its popularity, the platform for which we discover most APT attack tools. At the same time, there’s a widely held opinion that Linux… Read Full Article Continue reading An overview of targeted attacks and APTs on Linux→

IT threat evolution Q2 2020. PC statistics

Posted on September 3, 2020 by Victor Chebyshev

During the second quarter Kaspersky solutions blocked 899,744,810 attacks launched from online resources across the globe, as many as 286,229,445 unique URLs triggered Web Anti-Virus components. Continue reading IT threat evolution Q2 2020. PC statistics→

Operation PowerFall: CVE-2020-0986 and variants

Posted on September 2, 2020 by Boris Larin

While we already described the exploit for Internet Explorer in the original blog post about Operation PowerFall, we also promised to share more details about the elevation of privilege exploit. Let’s take a look at vulnerability CVE-2020-0986. Continue reading Operation PowerFall: CVE-2020-0986 and variants→

Internet Explorer and Windows zero-day exploits used in Operation PowerFall

Posted on August 12, 2020 by Boris Larin

Kaspersky prevented an attack on a South Korean company by a malicious script for Internet Explorer. Closer analysis revealed that the attack used a previously unknown full chain that consisted of two zero-day exploits. Continue reading Internet Explorer and Windows zero-day exploits used in Operation PowerFall→

Incident Response Analyst Report 2019

Posted on August 6, 2020 by Ayman Shaaban

As an incident response service provider, Kaspersky delivers a global service that results in a global visibility of adversaries’ cyber-incident tactics and techniques on the wild. In this report, we share our teams’ conclusions and analysis based on incident responses and statistics from 2019. Continue reading Incident Response Analyst Report 2019→

Magnitude exploit kit – evolution

Posted on June 24, 2020 by Boris Larin

Exploit kits still play a role in today’s threat landscape and continue to evolve. For this blogpost I studied and analyzed the evolution of one of the most sophisticated exploit kits out there – Magnitude EK – for a whole year. Continue reading Magnitude exploit kit – evolution→

The zero-day exploits of Operation WizardOpium

Posted on May 28, 2020 by Boris Larin

Back in October 2019 we detected a classic watering-hole attack that exploited a chain of Google Chrome and Microsoft Windows zero-days. In this blog post we’d like to take a deep technical dive into the attack. Continue reading The zero-day exploits of Operation WizardOpium→

IT threat evolution Q1 2020. Statistics

Posted on May 20, 2020 by Victor Chebyshev

Kaspersky solutions blocked 726,536,269 attacks launched from online resources across the globe, a total of 442,039,230 unique URLs were recognized as malicious. Continue reading IT threat evolution Q1 2020. Statistics→