All publications

Reports

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome.

Archive

The state of cryptojacking in the first three quarters of 2022

Cybersecurity threats: what awaits us in 2023?

DDoS attacks in Q3 2022

Server-side attacks, C&C in public clouds and other MDR cases we observed

APT trends report Q3 2022

APT10: Tracking down LODEINFO 2022, part II

APT10: Tracking down LODEINFO 2022, part I

DiceyF deploys GamePlayerFramework in online casino development studio

Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)

Malicious WhatsApp mod distributed through legitimate apps

TOP 10 unattributed APT mysteries

A look at the 2020–2022 ATM/PoS malware landscape

Uncommon infection and malware propagation methods

OnionPoison: infected Tor Browser installer distributed through popular YouTube channel

DeftTorero: tactics, techniques and procedures of intrusions revealed

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

RansomEXX Trojan attacks Linux systems

Subscribe

Reports

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

Subscribe to our weekly e-mails