In April 2019, we discovered new malware that compromises encrypted web communications in an impressive way. We called these new modules ‘Reductor’ after a .pdb path left in some samples.
Now one can say that only the lazy did not use Hqwar: Kaspersky’s collection of viruses features over 200,000 Trojans packed using Hqwar. Read Full Article
Nowadays, cybercriminals have a thousand and one ways of creating and spreading ransomware. However, those fighting ransomware are not standing still either. In fact, we have two pieces of good news to share with you. Read Full Article
We decided to study the live threats to building-based automation systems and to see what malware their owners encountered in the first six months of 2019. Read Full Article
An extremely dangerous threat is a targeted attack on macOS and iOS users, mainly business users. Several well-known cybercriminal groups are currently working to develop malware for these operating systems. Read Full Article
BRATA” is a new Android remote access tool malware family. It exclusively targets victims in Brazil: however, theoretically it could also be used to attack any other Android user if the cybercriminals behind it want to. Read Full Article
This report covers our team’s incident response practices for the year 2018. We have thoroughly analyzed all the service requests, customer conversations and incident response deliverables to provide you an overview in numbers. Read Full Article
Cybercriminals continue to look for new ways to deliver spam and improve old ones. In Q2, they used popular Google services to distribute spam. Blackmailers are also trying out new methods. Alongside threats to ordinary users, attempts were made to blackmail companies by threatening to send spam mailings in their name. Read Full Article
Recently, the popular CamScanner – Phone PDF creator app caught our attention. After analyzing the app, we saw that the developer added an advertising library to it that contains a malicious dropper component. Read Full Article
One of the most common attack on Microsoft SQL Server — the remote attack based on malicious jobs — has been around for a long time, but it is still used to get access to workstations through less-than-strong administrator password. Read Full Article