Vulnerabilities and exploits – Page 15

RevengeHotels: cybercrime targeting hotel front desks worldwide

Posted on November 28, 2019 by GReAT LatAm

RevengeHotels is a targeted cybercrime malware campaign against hotels, hostels, hospitality and tourism companies, mainly, but not exclusively, located in Brazil. We have confirmed more than 20 hotels that are victims of the group. Continue reading RevengeHotels: cybercrime targeting hotel front desks worldwide→

The cybercrime ecosystem: attacking blogs

Posted on November 21, 2019 by David Jacoby

It is very common to see cybercriminals exploit vulnerabilities in blogging software such as WordPress and Joomla! for injecting their malicious code. In my research, I decided to investigate this further and see what the current threat landscape looks like by researching the most visited blogs in Sweden. Continue reading The cybercrime ecosystem: attacking blogs→

Kaspersky Security Bulletin 2019. Advanced threat predictions for 2020

Posted on November 20, 2019 by GReAT

This is what we think might happen in the coming months, based on the knowledge of experts in this field and our observation of APT attacks – since APT threat actors have historically been the center of innovation. Continue reading Kaspersky Security Bulletin 2019. Advanced threat predictions for 2020→

DarkUniverse – the mysterious APT framework #27

Posted on November 5, 2019 by GReAT

Well-known ‘Lost in Translation’ leak, among other things, contained an interesting script that checked for traces of other APTs in the compromised system. In 2018, we found an APT described as the 27th function of this script, which we call ‘DarkUniverse’. Continue reading DarkUniverse – the mysterious APT framework #27→

Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium

Posted on November 1, 2019 by AMR

Recently, we caught a new unknown exploit for Chrome browser. We promptly reported this to the Google. After reviewing of the PoC we provided, the company confirmed there was a zero-day vulnerability and assigned it CVE-2019-13720. Continue reading Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium→

APT trends report Q3 2019

Posted on October 16, 2019 by GReAT

The quarterly summaries of APT activity are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private reports. This is our latest installment, focusing on activities that we observed during Q3 2019. Continue reading APT trends report Q3 2019→

IoT: a malware story

Posted on October 15, 2019 by Dan Demeter

Since 2008, cyber-criminals have been creating malware to attack IoT-devices. How do we deal with that? The best option for tracking attacks, catching malware and getting an overview of attacks in this area is to use honeypots. Continue reading IoT: a malware story→

Incident Response report 2018

Posted on August 29, 2019 by Petr Mareichev

This report covers our team’s incident response practices for the year 2018. We have thoroughly analyzed all the service requests, customer conversations and incident response deliverables to provide you an overview in numbers. Continue reading Incident Response report 2018→

IT threat evolution Q2 2019

Posted on August 19, 2019 by David Emm

Targeted attacks, malware campaigns and other security news in Q2 2019. Continue reading IT threat evolution Q2 2019→

IT threat evolution Q2 2019. Statistics

Posted on August 19, 2019 by Victor Chebyshev

Kaspersky solutions blocked 717,057,912 attacks launched from online resources in 203 countries across the globe, 217,843,293 unique URLs triggered Web Anti-Virus components. Continue reading IT threat evolution Q2 2019. Statistics→