Windows Malware – Page 4 – WindowsTechs.com

Head Mare: adventures of a unicorn in Russia and Belarus

Posted on September 2, 2024 by Kaspersky

Analysis of the hacktivist group Head Mare targeting companies in Russia and Belarus: exploitation of WinRAR vulnerability, custom tools PhantomDL and PhantomCore. Continue reading Head Mare: adventures of a unicorn in Russia and Belarus→

Tusk: unraveling a complex infostealer campaign

Posted on August 15, 2024 by Elsayed Elrefaei, AbdulRhman Alfaifi

Kaspersky researchers discovered Tusk campaign with ongoing activity that uses Danabot and StealC infostealers and clippers to obtain cryptowallet credentials and system data. Continue reading Tusk: unraveling a complex infostealer campaign→

How “professional” ransomware variants boost cybercrime groups

Posted on August 1, 2024 by GReAT

Kaspersky researchers investigated three ransomware groups that tapped newly built malware samples based on Babuk, Lockbit, Chaos and others, while lacking professional resources. Continue reading How “professional” ransomware variants boost cybercrime groups→

CloudSorcerer – A new APT targeting Russian government entities

Posted on July 8, 2024 by Sergey Lozhkin

Kaspersky discovered a new APT CloudSorcerer targeting Russian government entities and using cloud services as C2, just like the CloudWizard actor. Continue reading CloudSorcerer – A new APT targeting Russian government entities→

Cybersecurity in the SMB space — a growing threat

Posted on June 25, 2024 by Kaspersky

Kaspersky analysts explain which applications are targeted the most, and how enterprises can protect themselves from phishing and spam. Continue reading Cybersecurity in the SMB space — a growing threat→

IT threat evolution in Q1 2024. Non-mobile statistics

Posted on June 3, 2024 by AMR

In this report, Kaspersky shares non-mobile malware statistics for Q1 2024, including ransomware, miner and macOS malware statistics. Continue reading IT threat evolution in Q1 2024. Non-mobile statistics→

ShrinkLocker: Turning BitLocker into ransomware

Posted on May 23, 2024 by Cristian Souza, Eduardo Ovalle, Ashley Muñoz, Christopher Zachor

The Kaspersky GERT has detected a new group that has been abusing Microsoft Windows features by modifying the system to lower the defenses and using the local MS BitLocker utility to encrypt entire drives and demand a ransom. Continue reading ShrinkLocker: Turning BitLocker into ransomware→

Stealers, stealers and more stealers

Posted on May 22, 2024 by GReAT

In this report, we discuss two new stealers: Acrid and ScarletStealer, and an evolution of the known Sys01 stealer, with the latter two dividing stealer functionality across several modules. Continue reading Stealers, stealers and more stealers→

State of ransomware in 2024

Posted on May 8, 2024 by Kaspersky

As Anti-Ransomware Day approaches, Kaspersky shares insights into the ransomware threat landscape and trends in 2023, and recent anti-ransomware activities by governments and law enforcement. Continue reading State of ransomware in 2024→

Financial cyberthreats in 2023

Posted on May 6, 2024 by Kaspersky

In this report, we share our insights into the 2023 trends and statistics on financial threats, such as phishing, PC and mobile banking malware. Continue reading Financial cyberthreats in 2023→