Recent Cloud Atlas activity

From the beginning of 2019 until July, we have been able to identify different spear-phishing campaigns related to Cloud Atlas mostly focused on Russia, Central Asia and regions of Ukraine with ongoing military conflicts. Read Full Article

APT trends report Q2 2019

The quarterly summaries of APT activity are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private reports. This is our latest installment, focusing on activities that we observed during Q2 2019. Read Full Article

New FinSpy iOS and Android implants revealed ITW

FinSpy is used to collect a variety of private user information on various platforms. Since 2011 Kaspersky has continuously monitored the development of this malware and the emergence of new versions in the wild. According to our telemetry, several dozen unique mobile devices have been infected over the past year, with recent activity recorded in Myanmar in June 2019. Read Full Article

‘Twas the night before

Recently, the United States Cyber Command highlighted several VirusTotal uploads of theirs – and the executable objects relating to 2016 – 2017 NewsBeef/APT33 activity are interesting for a variety of reasons. Read Full Article

Zebrocy’s Multilanguage Malware Salad

Zebrocy is Russian speaking APT that presents a strange set of stripes. Essentially, at our SAS2019 presentation, we publicly provided original insights on Zebrocy and their characteristics for the first time, based on five years of research and private reports on this group. Read Full Article

no-image

The 2019 DBIR is out

We are happy to support a large, voluntary, collaborative effort like the 2019 Data Breach Investigations Report. While our data contribution is completely anonymous, it is based in some of the 2018 data set that our private report customers receive. Read Full Article