Security News

  • Magnitude exploit kit – evolution

    Exploit kits still play a role in today’s threat landscape and continue to evolve. For this blogpost I studied and analyzed the evolution of one of the most sophisticated exploit kits out there – Magnitude EK – for a whole year.
  • Oh, what a boot-iful mornin’

    In mid-April, our threat monitoring systems detected malicious files being distributed under the name "on the new initiative of the World Bank in connection with the coronavirus pandemic" (in Russian) with the extension EXE or RAR. Inside the files was the well-known Rovnix bootkit.
  • Web skimming with Google Analytics

    Recently, we identified several cases where Google Analytics was misused: attackers injected malicious code into sites, which collected all the data entered by users, and then sent it via Analytics.
  • Microcin is here

    In February 2020, we observed a Trojan injected into the system process memory on a particular host. The target turned out to be a diplomatic entity. We attribute this campaign with high confidence to the SixLittleMonkeys (aka Microcin) threat actor.
  • Do cybercriminals play cyber games during quarantine?

    Thanks to the coronavirus pandemic, the role of the Internet in our lives has undergone changes, including irreversible ones. We decided to take a closer look at the changes around us through the prism of information security, starting with the video game industry.
  • Explicit content and cyberthreats: 2019 report

    Over the past two years we have reviewed how adult content has been used to spread malware and abuse users' privacy. This is a trend that's unlikely to go away, especially under current circumstances. While many pornography platforms are enjoying an influx of new users and providing legitimate and safe services, the security risks remain, if not increase.
  • Looking at Big Threats Using Code Similarity. Part 1

    Today, we are announcing the release of KTAE, the Kaspersky Threat Attribution Engine. This code attribution technology, developed initially for internal use by the Kaspersky Global Research and Analysis Team, is now being made available to a wider audience.
  • Cycldek: Bridging the (air) gap

    While investigating attacks related to a group named Cycldek post 2018, we were able to uncover various pieces of information on its activities that were not known thus far.
  • Kids on the Web in 2020

    The world is witnessing an unprecedented demonstration of digital technology primarily helping children develop, rather than impede their development.
  • The zero-day exploits of Operation WizardOpium

    Back in October 2019 we detected a classic watering-hole attack that exploited a chain of Google Chrome and Microsoft Windows zero-days. In this blog post we’d like to take a deep technical dive into the attack.

Leave a Reply

Your email address will not be published. Required fields are marked *