Windows Malware – Page 2 – WindowsTechs.com

From 12 to 21: how we discovered connections between the Twelve and BlackJack groups

Posted on September 25, 2024 by Kaspersky

An investigation of BlackJack’s software, TTPs, and motivations led Kaspersky experts to identify a possible connection with the Twelve group. Continue reading From 12 to 21: how we discovered connections between the Twelve and BlackJack groups→

-=TWELVE=- is back

Posted on September 20, 2024 by Kaspersky

Analysis of Twelve’s activities using the Unified Kill Chain method: from initial access to deployment of LockBit- and Chaos-based ransomware and wipers. Continue reading -=TWELVE=- is back→

Exotic SambaSpy is now dancing with Italian users

Posted on September 18, 2024 by GReAT

Kaspersky researchers detected a campaign exclusively targeting Italian users by delivering a new RAT dubbed SambaSpy Continue reading Exotic SambaSpy is now dancing with Italian users→

Loki: a new private agent for the popular Mythic framework

Posted on September 9, 2024 by Artem Ushkov

Kaspersky experts have discovered a new version of the Loki agent for the open-source Mythic framework, which uses DLLs to attack Russian companies. Continue reading Loki: a new private agent for the popular Mythic framework→

Mallox ransomware: in-depth analysis and evolution

Posted on September 4, 2024 by Fedor Sinitsyn, Yanis Zinchenko

In this report, we provide an in-depth analysis of the Mallox ransomware, its evolution, ransom strategy, encryption scheme, etc. Continue reading Mallox ransomware: in-depth analysis and evolution→

A deep dive into the most interesting incident response cases of last year

Posted on September 3, 2024 by Eduardo Ovalle, Ahmad Zaidi Said, AbdulRhman Alfaifi

Kaspersky Global Emergency Response Team (GERT) shares the most interesting IR cases for the year 2023: insider attacks, ToddyCat-like APT, Flax Typhoon and more. Continue reading A deep dive into the most interesting incident response cases of last year→

IT threat evolution in Q2 2024. Non-mobile statistics

Posted on September 3, 2024 by AMR

This report presents statistics on PC threats for Q2 2024, including data on ransomware, miners, threats to macOS and IoT devices. Continue reading IT threat evolution in Q2 2024. Non-mobile statistics→

IT threat evolution Q2 2024

Posted on September 3, 2024 by David Emm

In this report, Kaspersky researchers explore the most significant attacks of Q2 2024 that used a XZ backdoor, the LockBit builder, ShrinkLocker ransomware, etc. Continue reading IT threat evolution Q2 2024→

Head Mare: adventures of a unicorn in Russia and Belarus

Posted on September 2, 2024 by Kaspersky

Analysis of the hacktivist group Head Mare targeting companies in Russia and Belarus: exploitation of WinRAR vulnerability, custom tools PhantomDL and PhantomCore. Continue reading Head Mare: adventures of a unicorn in Russia and Belarus→

Tusk: unraveling a complex infostealer campaign

Posted on August 15, 2024 by Elsayed Elrefaei, AbdulRhman Alfaifi

Kaspersky researchers discovered Tusk campaign with ongoing activity that uses Danabot and StealC infostealers and clippers to obtain cryptowallet credentials and system data. Continue reading Tusk: unraveling a complex infostealer campaign→