Year: 2022 | Page 3 | Securelist

Reports

Kaspersky analyzes SideWinder APT’s recent activity: new targets in the MiddleEast and Africa, post-exploitation tools and techniques.

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries.

Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools.

The report features the most significant developments relating to APT groups in Q2 2024, including the new backdoor in Linux utility XZ, a new RAT called SalmonQT, and hacktivist activity.

Archive

Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)

Malicious WhatsApp mod distributed through legitimate apps

TOP 10 unattributed APT mysteries

A look at the 2020–2022 ATM/PoS malware landscape

Uncommon infection and malware propagation methods

OnionPoison: infected Tor Browser installer distributed through popular YouTube channel

DeftTorero: tactics, techniques and procedures of intrusions revealed

The secrets of Schneider Electric’s UMAS protocol

Prilex: the pricey prickle credit card complex

NullMixer: oodles of Trojans in a single dropper

Mass email campaign with a pinch of targeted spam

External attack surface and ongoing cybercriminal activity in APAC region

Self-spreading stealer attacks gamers via YouTube

Threat landscape for industrial automation systems for H1 2022

Good game, well played: an overview of gaming-related cyberthreats in 2022

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

RansomEXX Trojan attacks Linux systems

Subscribe

Reports

Beyond the Surface: the evolution and expansion of the SideWinder APT group

BlindEagle flying high in Latin America

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

APT trends report Q2 2024

Subscribe to our weekly e-mails