Senior Security Researcher, Global Research & Analysis Team
David joined Kaspersky in 2010 as a senior security researcher for the Nordic region. From his base in Sweden, he is also responsible for technical PR activities for the same region and for North Europe, where he acts as a technical spokesperson. David has a passion for researching vulnerabilities and threats. His research often focuses on identifying vulnerabilities and threats in not only enterprise environments but also identifying social and psychological threats in, for example, social media. He also has a true passion for alternative operating systems such as UNIX, Linux, BSD, etc. Prior to joining Kaspersky, David worked in vulnerability research and vulnerability management. He was a senior security researcher, advisor and consultant at TrueSec AB. Before joining TrueSec AB in 2008, David worked for seven years at Outpost24, starting out as chief researcher and rising to vice president for customer experience by the time he left the company.An unknown actor targeted an electric utility in southern Africa with Cobalt Strike beacons and DroxiDat, a new variant of the SystemBC payload. We speculate that this incident was in the initial stages of a ransomware attack.
This is our latest summary of the significant events and findings, focusing on activities that we observed during Q2 2023.
While monitoring the traffic of our own corporate Wi-Fi network, we noticed suspicious activity that originated from several iOS-based phones. We created offline backups of the devices, inspected them and discovered traces of compromise.
GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.