Year: 2018 | Page 5 | Securelist

Reports

In this article, we discuss the tools and TTPs used in the SideWinder APT’s attacks in H2 2024, as well as shifts in its targets, such as an increase in attacks against the maritime and logistics sectors.

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Archive

Delving deep into VBScript

Ransomware and malicious crypto miners in 2016-2018

Pbot: evolving adware

Modern OSs for embedded systems

Hades, the actor behind Olympic Destroyer is still alive

LuckyMouse hits national data center to organize country-level waterholing campaign

A MitM extension for Chrome

FIFA public Wi-Fi guide: which host cities have the most secure networks?

Netkids

Trojan watch

2018 Fraud World Cup

VPNFilter EXIF to C2 mechanism analysed

Backdoors in D-Link’s backyard

Spam and phishing in Q1 2018

I know where your pet is

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

RansomEXX Trojan attacks Linux systems

Subscribe

Reports

SideWinder targets the maritime and nuclear sectors with an updated toolset

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Lazarus group evolves its infection chain with old and new malware

Subscribe to our weekly e-mails