Nowadays, cybercriminals have a thousand and one ways of creating and spreading ransomware. However, those fighting ransomware are not standing still either. In fact, we have two pieces of good news to share with you. Read Full Article
New FinSpy iOS and Android implants revealed ITW
FinSpy is used to collect a variety of private user information on various platforms. Since 2011 Kaspersky has continuously monitored the development of this malware and the emergence of new versions in the wild. According to our telemetry, several dozen unique mobile devices have been infected over the past year, with recent activity recorded in Myanmar in June 2019. Read Full Article
Operation ShadowHammer: a high-profile supply chain attack
In late March 2019, we briefly highlighted our research on ShadowHammer attacks, a sophisticated supply chain attack involving ASUS Live Update Utility. Now it is time to share more details about the research with our readers. Read Full Article
Project TajMahal – a sophisticated new APT framework
TajMahal’ is a previously unknown and technically sophisticated APT framework discovered by Kaspersky Lab in the autumn of 2018. Read Full Article
Operation ShadowHammer
Operation ShadowHammer is a newly discovered supply chain attack that leveraged ASUS Live Update software. While the investigation is still in progress and full results and technical paper will be published during SAS 2019 conference in Singapore, we would like to share some important details about the attack. Read Full Article
Kaspersky Security Bulletin 2018. Statistics
During the year, Kaspersky Lab solutions repelled 1 876 998 691 attacks launched from online resources located all over the world, 554 159 621 unique malicious objects were detected and 21 643 946 unique URLs were recognized as malicious by web antivirus components. Read Full Article
Zero-day exploit (CVE-2018-8453) used in targeted attacks
Yesterday, Microsoft published their security bulletin, which patches CVE-2018-8453, among others. It is a vulnerability in win32k.sys discovered by Kaspersky Lab in August. Microsoft confirmed the vulnerability and designated it CVE-2018-8453. Read Full Article