Security Researcher, Global Research & Analysis Team
Santiago Pontiroli joined Kaspersky's Global Research and Analysis Team (GReAT) as a security researcher in 2013. His principal responsibilities include the analysis and investigation of security threats in the Latin American region, the development of automatization tools, reverse engineering of programs with malicious code and creating analysis reports derived from threat intelligence studies. His expertise includes the analysis of gaming trends and threats, the evolution of the cryptocurrency sector and implementation of blockchain technologies. Santiago regularly trains executives in topics such as threat intelligence, YARA, and advanced malware analysis. He has been quoted in industry publications across Latin America and has participated as a notable speaker in industry conferences worldwide, including Virus Bulletin, BSides New York and Chile, Kaspersky Security Analyst Summit (SAS) and Nuit du Hack, among others. Santiago holds degrees in systems engineering and systems analysis from the Universidad Tecnológica Nacional F.R.L.P in Buenos Aires, Argentina.We continue to report on the APT group ToddyCat. This time, we’ll talk about traffic tunneling, constant access to a target infrastructure and data extraction from hosts.
New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and CR4T backdoor in C and Go.
In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.
Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups.