Threat Category: Vulnerabilities and exploits | Page 3

This is part five of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

This is part four of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

This is the third part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

We had never seen so many CLFS driver exploits being used in active attacks before, and then suddenly there are so many of them captured in just one year. Is there something wrong with the CLFS driver? Are all these vulnerabilities similar? These questions encouraged me to take a closer look at the CLFS driver and its vulnerabilities.

This is the second part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

This is part six of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

Generative AI has become the trendiest technology of 2023. Kaspersky reviews AI-related security concerns, and implementations of this technology in cyberdefense and red teaming, and provides predictions for 2024.

Key statistics for 2023: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT.

Attacks on a critical infrastructure target in South Africa, supply-chain attack on Linux machines, Telegram doppelganger used to target people in China.

PC malware statistics for Q3 2023 include data on miners, ransomware, banking Trojans and other threats to Windows, macOS and IoT equipment.

PC malware statistics for Q2 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices.

We will highlight the key points and then focus on the initial use of the CVE-2023-23397 vulnerability by attackers before it became public.

PC malware statistics for the Q1 2023 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices.

In February 2023, we found a zero-day exploit, supporting different versions and builds of Windows, including Windows 11. This particular zero-day was used by a sophisticated cybercrime group that carries out ransomware attacks.

What is the analyst on a penetration testing team, what role they perform at Kaspersky, and why is their job vital to the success of the project?

Reports

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Vulnerabilities and exploits

Windows CLFS and five exploits used by ransomware operators (Exploit #4 – CVE-2023-23376)

Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022)

Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022)

Windows CLFS and five exploits used by ransomware operators

Windows CLFS and five exploits used by ransomware operators (Exploit #1 – CVE-2022-24521)

Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252)

Story of the year: the impact of AI on cybersecurity

Kaspersky Security Bulletin 2023. Statistics

IT threat evolution Q3 2023

IT threat evolution in Q3 2023. Non-mobile statistics

IT threat evolution in Q2 2023. Non-mobile statistics

Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability

IT threat evolution in Q1 2023. Non-mobile statistics

Nokoyawa ransomware attacks with Windows zero-day

Good, Perfect, Best: how the analyst can enhance penetration testing results

Reports

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Subscribe to our weekly e-mails