Year: 2017 | Securelist

In IR cases we use a very simple script that is uploaded to every Windows computer in the corporate network to collect logs, NTFS data, entries from the Windows registry and strings from the binary files to find out how exactly the attackers were moving through the network. It’s holiday season and it is our pleasure to share this script with you.

2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001

Authors Categories Tags

Reports

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Kaspersky researchers analyze 2019, 2022 and 2024 attacks attributed to Careto APT with medium to high confidence.

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns.

Archive

Happy IR in the New Year!

Nhash: petty pranks with big finances

Travle aka PYLOT backdoor hits Russian-speaking targets

Jack of all trades

Kaspersky Security Bulletin. Overall statistics for 2017

Still Stealing

Cybercriminals vs financial institutions in 2018: what to expect

Kaspersky Security Bulletin: Review of the Year 2017

Kaspersky Security Bulletin: Story of the year 2017

IoT lottery: finding a perfectly secure connected device

Android commercial spyware

Threat Predictions for Connected Life in 2018

Kaspersky Lab – Beyond Black Friday Threat Report, November 2017

Investigation Report for the September 2014 Equation malware detection incident in the US

Threat Predictions for Cryptocurrencies in 2018

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

RansomEXX Trojan attacks Linux systems

Subscribe

Reports

BellaCPP: Discovering a new BellaCiao variant written in C++

Lazarus group evolves its infection chain with old and new malware

Careto is back: what’s new after 10 years of silence?

APT trends report Q3 2024

Subscribe to our weekly e-mails