All publications

Reports

Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome.

In this article, we discuss the tools and TTPs used in the SideWinder APT’s attacks in H2 2024, as well as shifts in its targets, such as an increase in attacks against the maritime and logistics sectors.

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Archive

Managed detection and response in 2024

Spam and phishing in 2024

StaryDobry ruins New Year’s Eve, delivering miner instead of presents

Investors, Trump and the Illuminati: What the “Nigerian prince” scams became in 2024

Take my money: OCR crypto stealers in Google Play and App Store

One policy to rule them all

No need to RSVP: a closer look at the Tria stealer campaign

Threat predictions for industrial enterprises 2025

Mercedes-Benz Head Unit security research report

EAGERBEE, with updated and novel components, targets the Middle East

Threat landscape for industrial automation systems in Q3 2024

Cloud Atlas seen using a new tool in its attacks

BellaCPP: Discovering a new BellaCiao variant written in C++

Attackers exploiting a patched FortiClient EMS vulnerability in the wild

Lazarus group evolves its infection chain with old and new malware

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

RansomEXX Trojan attacks Linux systems

Subscribe

Reports

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

SideWinder targets the maritime and nuclear sectors with an updated toolset

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Subscribe to our weekly e-mails