Zero-day vulnerabilities – Page 4

Threats to ICS and industrial enterprises in 2022

Posted on November 23, 2021 by Evgeny Goncharov

In recent years, we have observed various trends in the changing threat landscape for industrial enterprises. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year. Continue reading Threats to ICS and industrial enterprises in 2022→

Advanced threat predictions for 2022

Posted on November 17, 2021 by GReAT

Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict what might lie ahead in the coming year. Continue reading Advanced threat predictions for 2022→

MysterySnail attacks with Windows zero-day

Posted on October 12, 2021 by Boris Larin, Costin Raiu

We detected attacks with the use of an elevation of privilege exploit on multiple Microsoft Windows servers. Variants of the malware payload used along with the zero-day exploit were detected in widespread espionage campaigns. We are calling this cluster of activity MysterySnail. Continue reading MysterySnail attacks with Windows zero-day→

Exploitation of the CVE-2021-40444 vulnerability in MSHTML

Posted on September 16, 2021 by AMR

Last week, Microsoft reported the RCE vulnerability CVE-2021-40444 in the MSHTML browser engine. Kaspersky is aware of targeted attacks using this vulnerability, and our products protect against attacks leveraging it. Continue reading Exploitation of the CVE-2021-40444 vulnerability in MSHTML→

IT threat evolution Q2 2021

Posted on August 12, 2021 by David Emm

Ferocious Kitten, TunnelSnake, PuzzleMaker and other threat actors, zero-day vulnerabilities, ransomware and banking Trojans – check out our review of Q2 2021. Continue reading IT threat evolution Q2 2021→

IT threat evolution in Q2 2021. PC statistics

Posted on August 12, 2021 by AMR

PC threat statistics for Q2 2021 contain data on miners, encrypting ransomware, financial malware and threats to Windows, macOS and IoT. Continue reading IT threat evolution in Q2 2021. PC statistics→

APT trends report Q2 2021

Posted on July 29, 2021 by GReAT

This is our latest summary of advanced persistent threat (APT) activity, focusing on significant events that we observed during Q2 2021: attacks against Microsoft Exchange servers, APT29 and APT31 activities, targeting campaigns, etc. Continue reading APT trends report Q2 2021→

Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)

Posted on July 8, 2021 by Kaspersky

Last week Microsoft warned Windows users about vulnerabilities in the Windows Print Spooler service – CVE-2021-1675 and CVE-2021-34527 (also known as PrintNightmare). We are closely monitoring the situation and improving generic detection of these vulnerabilities. Continue reading Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)→

7 zero-day vulnerabilities, 6 of which have been actively exploited, have been fixed this Patch Tuesday

Posted on June 8, 2021 by Karthika Surendran

The second Tuesday of the month is here, which, in the IT world, means it’s Patch Tuesday. It’s important to patch diligently and regularly to keep cyberthreats and attacks away. This month, Microsoft has released security fixes to address 50 …
The pos… Continue reading 7 zero-day vulnerabilities, 6 of which have been actively exploited, have been fixed this Patch Tuesday→

APT trends report Q1 2021

Posted on April 27, 2021 by GReAT

This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. Continue reading APT trends report Q1 2021→