Year: 2019 | Page 2 | Securelist

Reports

We continue to report on the APT group ToddyCat. This time, we’ll talk about traffic tunneling, constant access to a target infrastructure and data extraction from hosts.

New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and CR4T backdoor in C and Go.

In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.

Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups.

Archive

Unwanted notifications in browser

5G security and privacy for smart cities

Black Friday Alert 2019: Net Shopping Bag of Threats

The cybercrime ecosystem: attacking blogs

Kaspersky Security Bulletin 2019. Advanced threat predictions for 2020

DDoS attacks in Q3 2019

Titanium: the Platinum group strikes again

DarkUniverse – the mysterious APT framework #27

Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium

The cake is a lie! Uncovering the secret world of malware-like cheats in video games

Steam-powered scammers

Data collectors

APT trends report Q3 2019

IoT: a malware story

A glimpse into the present state of security in robotics

Congratulations, you’ve won! The reality behind online lotteries

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

Subscribe

Reports

ToddyCat is making holes in your infrastructure

DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware

HrServ – Previously unknown web shell used in APT attack

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

Subscribe to our weekly e-mails