travle-aka-pylot-backdoor-hits-russian-speaking-targets

Travle aka PYLOT backdoor hits Russian-speaking targets

At the end of September, Palo Alto released a report on Unit42 activity where they – among other things – talked about PYLOT malware. We have been detecting attacks that have employed the use of this backdoor since at least 2015 and refer to it as Travle. Coincidentally, KL was recently involved in an investigation of a successful attack where Travle was detected, during which we conducted a deep analysis of this malware. Read Full Article

the-festive-complexities-of-sigint-capable-threat-actors

The Festive Complexities of SIGINT-Capable Threat Actors

The 2017 VirusBulletin conference is upon us and, as in previous years, we’re taking the opportunity to dive into an exciting subject, guided by our experience from doing hands-on APT research. This year we decided to put our heads together to understand the implications that the esoteric SIGINT practice of fourth-party collection could have on threat intelligence research. Read Full Article

strategies-for-mitigating-advanced-persistent-threats-apts-4

Strategies for Mitigating Advanced Persistent Threats (APTs)

Part 1. How to mitigate APTs. Applied theory Part 2. Top-4 mitigation strategies which address 85% of threats Part 3. Strategies outside the Top-4. For real bulletproof defense Part 4. Forewarned is Forearmed: the Detection Strategy against Advanced Persistent Threats (APTs) Part 4. Forewarned is Forearmed: the Detection Strategy against Advanced Persistent Threats (APTs) Already existing Kaspersky Lab products could considerably mitigate1 enterprise’s possible losses because of APTs. Specialized security solutions for warning about targeted attacks are additional featured layer… Read Full Article