Security News

  • Hunting APTs with YARA


    If you have wondered how to leverage YARA better and how to achieve a new level of knowledge in APT detection, mitigation and response, we can help a bit with a preview of the secret ingredients.
  • MonitorMinor: vicious stalkerware?


    The other day, our Android traps ensnared an interesting specimen of software that can be used for stalking. On closer inspection, we found that this app outstrips all existing software of its class in terms of functionality.
  • Cookiethief: a cookie-stealing Trojan for Android


    We recently discovered a new strain of Android malware. Trojan-Spy.AndroidOS.Cookiethief turned out to be quite simple. Its main task was to acquire root rights on the victim device, and transfer cookies used by the browser and Facebook app to the cybercriminals’ server.
  • Mokes and Buerak distributed under the guise of security certificates


    We recently discovered a new approach to the well-known distributing malware technique: visitors to infected sites were informed that some kind of security certificate had expired.
  • Roaming Mantis, part V


    Kaspersky has continued to track the Roaming Mantis campaign. The group’s attack methods have improved and new targets continuously added in order to steal more funds.
  • Mobile malware evolution 2019


    In 2019, Kaspersky mobile products and technologies detected 3,503,952 malicious installation packages, 69,777 new mobile banking Trojans and 68,362 new mobile ransomware Trojans.
  • Cybersecurity Research During the Coronavirus Outbreak and After


    It is about two and half years since we first open-sourced a tool for remote digital forensics called Bitscout. Today, I am happy to announce that we are releasing a new version of Bitscout, based on the upcoming release of Ubuntu 20.04, scheduled for April 2020.
  • AZORult spreads as a fake ProtonVPN installer


    We discovered what appears to be one of AZORult's most unusual campaigns: abusing the ProtonVPN service and dropping malware via fake ProtonVPN installers for Windows.
  • DDoS attacks in Q4 2019


    In the last quarter of the year, the number of both attacks and C&C servers fell sharply, while the number of extra-long attacks (over 400 hours) was the highest ever recorded in the history of our observations.
  • KBOT: sometimes they come back


    We recently discovered malware that spread through injecting malicious code into Windows executable files; in other words, a virus. It is the first “living” virus in recent years that we have spotted in the wild. We named it KBOT.

Leave a Reply

Your email address will not be published. Required fields are marked *