Threat Category: Vulnerabilities and exploits | Page 3

This is part five of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

This is part four of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

This is the third part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

We had never seen so many CLFS driver exploits being used in active attacks before, and then suddenly there are so many of them captured in just one year. Is there something wrong with the CLFS driver? Are all these vulnerabilities similar? These questions encouraged me to take a closer look at the CLFS driver and its vulnerabilities.

This is the second part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

This is part six of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

Generative AI has become the trendiest technology of 2023. Kaspersky reviews AI-related security concerns, and implementations of this technology in cyberdefense and red teaming, and provides predictions for 2024.

Key statistics for 2023: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT.

Attacks on a critical infrastructure target in South Africa, supply-chain attack on Linux machines, Telegram doppelganger used to target people in China.

PC malware statistics for Q3 2023 include data on miners, ransomware, banking Trojans and other threats to Windows, macOS and IoT equipment.

PC malware statistics for Q2 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices.

We will highlight the key points and then focus on the initial use of the CVE-2023-23397 vulnerability by attackers before it became public.

PC malware statistics for the Q1 2023 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices.

In February 2023, we found a zero-day exploit, supporting different versions and builds of Windows, including Windows 11. This particular zero-day was used by a sophisticated cybercrime group that carries out ransomware attacks.

What is the analyst on a penetration testing team, what role they perform at Kaspersky, and why is their job vital to the success of the project?

Reports

Kaspersky GReAT experts describe the latest Mysterious Elephant APT activity. The threat actor exfiltrates data related to WhatsApp and employs tools such as BabShell and MemLoader HidenDesk.

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Vulnerabilities and exploits

Windows CLFS and five exploits used by ransomware operators (Exploit #4 – CVE-2023-23376)

Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022)

Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022)

Windows CLFS and five exploits used by ransomware operators

Windows CLFS and five exploits used by ransomware operators (Exploit #1 – CVE-2022-24521)

Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252)

Story of the year: the impact of AI on cybersecurity

Kaspersky Security Bulletin 2023. Statistics

IT threat evolution Q3 2023

IT threat evolution in Q3 2023. Non-mobile statistics

IT threat evolution in Q2 2023. Non-mobile statistics

Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability

IT threat evolution in Q1 2023. Non-mobile statistics

Nokoyawa ransomware attacks with Windows zero-day

Good, Perfect, Best: how the analyst can enhance penetration testing results

Reports

Mysterious Elephant: a growing threat

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

Subscribe to our weekly e-mails