Year: 2018 | Page 4 | Securelist

Reports

In this article, we discuss the tools and TTPs used in the SideWinder APT’s attacks in H2 2024, as well as shifts in its targets, such as an increase in attacks against the maritime and logistics sectors.

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Archive

KeyPass ransomware

IT threat evolution Q2 2018

IT threat evolution Q2 2018. Statistics

How do file partner programs work?

Attacks on industrial enterprises using RMS and TeamViewer

A mining multitool

A study of car sharing apps

DDoS attacks in Q2 2018

Calisto Trojan for macOS

Online generators… of dashed expectations

The return of Fantomas, or how we deciphered Cryakl

Coinvault, the court case

APT Trends Report Q2 2018

In cryptoland, trust can be costly

To crypt, or to mine – that is the question

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

RansomEXX Trojan attacks Linux systems

Subscribe

Reports

SideWinder targets the maritime and nuclear sectors with an updated toolset

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Lazarus group evolves its infection chain with old and new malware

Subscribe to our weekly e-mails