Threat Category: Web threats

Kaspersky researchers discovered GitVenom campaign distributing stealers and open-source backdoors via fake GitHub projects.

Kaspersky experts review Do Not Track (DNT) statistics for the most widely used web tracking services in 2023 and 2024 operated by companies like Google, Microsoft, etc.

Kaspersky experts found a new variant of the China Chopper web shell from the Tropic Trooper group that imitates an Umbraco CMS module and targets a government entity in the Middle East.

Kaspersky experts review their privacy predictions for 2023 and last year’s trends, and try to predict what privacy concerns and solutions are to come in 2024.

An overview of last year’s predictions for corporate and dark web threats and our predictions for 2024.

We created a list of companies worldwide from different industries and searched through Darknet trying to find out how likely these companies have suffered a breach, what kind of data leaked, and what to do with it.

Generative AI has become the trendiest technology of 2023. Kaspersky reviews AI-related security concerns, and implementations of this technology in cyberdefense and red teaming, and provides predictions for 2024.

Key statistics for 2023: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT.

Kaspersky experts review last year’s predictions on consumer cyberthreats and try to anticipate the trends for 2024.

As Black Friday approaches, Kaspersky analyzes phishing and spam activity around major sales events, and reviews statistics on online shopping threats in 2023.

We look at how user data privacy is handled by large language model-based chatbots: ChatGPT, Microsoft Bing, Google Bard, Anthropic Claude, You.com, and Bing.

In this report, we share our latest crimeware findings: the ASMCrypt cryptor/loader related to DoubleFinger, a new Lumma stealer and a new version of Zanubis Android banking trojan.

IoT threats: how devices get hacked, what malware is uploaded, and what services are on offer on the dark web in 2023.

PC malware statistics for Q2 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices.

Recent BlueNoroff and Roaming Mantis activities, new APT related to the Russo-Ukrainian conflict, ChatGPT and threat intelligence, malvertising through search engines, cryptocurrency theft campaign and fake Tor browser

Reports

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Kaspersky researchers analyze 2019, 2022 and 2024 attacks attributed to Careto APT with medium to high confidence.

Web threats

The GitVenom campaign: cryptocurrency theft using GitHub

Web tracking report: who monitored users’ online activities in 2023–2024 the most

Tropic Trooper spies on government entities in the Middle East

Privacy predictions for 2024

Dark web threats and dark market predictions for 2024

What to do if your company was mentioned on Darknet?

Story of the year: the impact of AI on cybersecurity

Kaspersky Security Bulletin 2023. Statistics

Consumer cyberthreats: predictions for 2024

The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season

ChatGPT at work: how chatbots help employees, but threaten business

A cryptor, a stealer and a banking trojan

Overview of IoT threats in 2023

IT threat evolution in Q2 2023. Non-mobile statistics

IT threat evolution Q1 2023

Reports

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Lazarus group evolves its infection chain with old and new malware

Careto is back: what’s new after 10 years of silence?

Subscribe to our weekly e-mails