Year: 2018 | Page 7 | Securelist

Reports

In this article, we discuss the tools and TTPs used in the SideWinder APT’s attacks in H2 2024, as well as shifts in its targets, such as an increase in attacks against the maritime and logistics sectors.

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Archive

Your new friend, KLara

Threat Landscape for Industrial Automation Systems in H2 2017

Goodfellas, the Brazilian carding scene is after you

Time of death? A therapeutic postmortem of connected medicine

Somebody’s watching! When cameras are more than just ‘smart’

Masha and these Bears

The Slingshot APT FAQ

The devil’s in the Rich header

OlympicDestroyer is here to trick the industry

Mobile malware evolution 2017

Mining is the new black

Financial Cyberthreats in 2017

IoT hack: how to break a smart home… again

Tax refund, or How to lose your remaining cash

Disappearing bytes: Reverse engineering the MS Office RTF parser

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

RansomEXX Trojan attacks Linux systems

Subscribe

Reports

SideWinder targets the maritime and nuclear sectors with an updated toolset

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Lazarus group evolves its infection chain with old and new malware

Subscribe to our weekly e-mails