Year: 2015 | Page 3 | Securelist

Reports

Kaspersky GReAT experts describe the latest Mysterious Elephant APT activity. The threat actor exfiltrates data related to WhatsApp and employs tools such as BabShell and MemLoader HidenDesk.

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Archive

Coinvault, are we reaching the end of the nightmare?

Can an inevitable evil be conquered?

The Shade Encryptor: a Double Threat

Satellite Turla: APT Command and Control in the Sky

Attacking Diffie-Hellman protocol implementation in the Angler Exploit Kit

Our Fifth Latin American Security Analysts Summit in Santiago de Chile

TGIF(P) – Thank god it’s fried phish

Taking A Break From Research To Accelerate Startups: SSC 2015

Taking root

A Phishing Trampoline – embedding redirects in PDF documents

New activity of the Blue Termite APT

You’re Paying for Your Starbucks, One Way or the Other

Indicators of compromise as a way to reduce risk

What is a secure OS?

Spam and phishing in Q2 2015

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

RansomEXX Trojan attacks Linux systems

Subscribe

Reports

Mysterious Elephant: a growing threat

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

Subscribe to our weekly e-mails