More Bagles…

19 Sep 2005

minute read

Authors

Roel Schouwenberg

During the last six hours or so we’ve seen another flurry of Bagle variants.

The first variant of the day was detected as Email-Worm.Win32.Bagle.cx while we are up to Bagle.dc right now.
And an urgent update for Bagle.de is already on its way, talk about a busy day.

We have a moderate alert on Bagle.cy out and contrary to the spam run of almost a week ago, all these samples dó work on NT platforms.

Again the word “price” is popular with these Bagles, so keep a look out for it.

Authors

Roel Schouwenberg

More Bagles…

Latest Posts

Latest Webinars

Reports

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.

Kaspersky analysis of the CloudWizard APT framework used in a campaign in the region of the Russo-Ukrainian conflict.

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

We continued to track Tomiris as a separate threat actor over three new attack campaigns between 2021 and 2023, and our telemetry allowed us to shed light on the group. In this blog post, we’re excited to share what we now know of Tomiris with the broader community, and discuss further evidence of a possible connection to Turla.

More Bagles…

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

ZeroLocker won’t come to your rescue

A Post-PC BlackHat?

Adobe Updates April 2014

Trust. Trust. Trust

Adobe’s First Patch Tuesday of 2014

QBot banker delivered through business correspondence

Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)

Two more malicious Python packages in the PyPI

Latest Posts

The nature of cyberincidents in 2022

New ransomware trends in 2023

Not quite an Easter egg: a new family of Trojan subscribers on Google Play

Managed Detection and Response in 2022

Latest Webinars

Ransomware trends in 2023

Cryptocurrency Threat Landscape Trends in 2023

Ransomware groups negotiation tactics: what you need to know

ChatGPT – good or evil? AI impact on cybersecurity

Reports

Meet the GoldenJackal APT group. Don’t expect any howls

CloudWizard APT: the bad magic story goes on

APT trends report Q1 2023

Tomiris called, they want their Turla malware back

Subscribe to our weekly e-mails