Zero-day vulnerabilities – Page 3

IT threat evolution in Q2 2022. Non-mobile statistics

Posted on August 15, 2022 by AMR

Our non-mobile malware statistics for Q2 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices. Continue reading IT threat evolution in Q2 2022. Non-mobile statistics→

CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction

Posted on June 6, 2022 by AMR

At the end of May, researchers reported a new zero-day vulnerability in MSDT that can be exploited using Microsoft Office documents. The vulnerability, which dubbed Follina, later received the identifier CVE-2022-30190. Continue reading CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction→

CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction

Posted on June 6, 2022 by AMR

Answering Log4Shell-related questions

Posted on December 20, 2021 by Kaspersky

Check out the answers to some of users’ biggest security questions about the Log4Shell vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105). Continue reading Answering Log4Shell-related questions→

Kaspersky Security Bulletin 2021. Statistics

Posted on December 15, 2021 by Kaspersky

Key statistics for 2021: miners, ransomware, trojan bankers and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT. Continue reading Kaspersky Security Bulletin 2021. Statistics→

Kaspersky Security Bulletin 2021. Statistics

Posted on December 15, 2021 by Kaspersky

CVE-2021-44228 vulnerability in Apache Log4j library

Posted on December 13, 2021 by AMR

The summary of the critical vulnerability CVE-2021-44228 in the Apache Log4j library, technical details and mitigations. Continue reading CVE-2021-44228 vulnerability in Apache Log4j library→

Threats to ICS and industrial enterprises in 2022

Posted on November 23, 2021 by Evgeny Goncharov

In recent years, we have observed various trends in the changing threat landscape for industrial enterprises. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year. Continue reading Threats to ICS and industrial enterprises in 2022→

Advanced threat predictions for 2022

Posted on November 17, 2021 by GReAT

Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict what might lie ahead in the coming year. Continue reading Advanced threat predictions for 2022→

MysterySnail attacks with Windows zero-day

Posted on October 12, 2021 by Boris Larin, Costin Raiu

We detected attacks with the use of an elevation of privilege exploit on multiple Microsoft Windows servers. Variants of the malware payload used along with the zero-day exploit were detected in widespread espionage campaigns. We are calling this cluster of activity MysterySnail. Continue reading MysterySnail attacks with Windows zero-day→