Who’s who in the Zoo

ZooPark is a cyberespionage operation that has been focusing on Middle Eastern targets since at least June 2015. The threat actors behind the operation infect Android devices using several generations of malware, with the attackers including new features in each iteration. Read Full Article

APT Trends report Q3 2017

Beginning in the second quarter of 2017, Kaspersky’s Global Research and Analysis Team (GReAT) began publishing summaries of the quarter’s private threat intelligence reports in an effort to make the public aware of what research we have been conducting.  This report serves as the next installment, focusing on important reports produced during Q3 of 2017. Read Full Article

Trust me, I have a pen

Earlier today we became aware of a malicious website delivering Petya through the Hunter exploit kit. While there is nothing special about yet another exploit kit page, this one caught our attention because it mimics the index page of our sinkhole systems. Read Full Article

The Epic Turla Operation

Over the last 10 months, we have analyzed a massive cyber-espionage operation which we call “Epic Turla”. The attackers have infected several hundred computers in more than 45 countries, including government institutions, embassies, military, education, research and pharmaceutical companies. We observed exploits against older (patched) vulnerabilities, social engineering techniques and watering hole strategies. Read Full Article