Web threats

We invited notable experts to share their insights and unbiased opinions on what we should expect from cybersecurity in the following year.

In Q3 2022, the situation on the DDoS market stabilized, and sophisticated attacks on HTTP(S) began to hold sway over simple TCP attacks.

This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. We hope that it helps you to stay up to date on the modern threat landscape and to be better prepared for attacks.

NullMixer is a dropper delivering a number of Trojans, such as RedLine Stealer, SmokeLoader, Satacom, and others.

In this report, we analyze malware, potentially unwanted applications and phishing cases related to most popular video games and cheats for these games.

In this research, we observed various types of threats that mimic useful web browser extensions, and the number of users attacked by them.

Our non-mobile malware statistics for Q2 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices.

ToddyCat APT and WinDealer man-on-the-side attack, Spring4Shell and other vulnerabilities, ransomware trends and our in-depth analysis of the TTPs of the eight most widespread ransomware families.

Politically-motivated cyberattacks dominated the DDoS landscape in the second quarter of 2022 just as they did in Q1. Also, we saw the continuation of a trend that began in spring: an increase in superlong attacks.

In early 2022, we investigated an IIS backdoor called SessionManager. It has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East.

By 2021 everyone got used to pandemic limitations – industrial organization employees and IT security professionals and threat actors. If we compare the numbers from 2020 and 2021, we see that 2021 looks more stable, particularly in H2.

In Q4 2021, as expected, the number of DDoS attacks rose, while DDoS botnets weaponized a Log4Shell vulnerability. In this report, we present the main DDoS trends and statistics.

This report contains statistics and observations on vulnerabilities, phishing schemes and malware related to telehealth.

Kaspersky Safe Kids statistics on categories of websites, mobile apps and YouTube searches, plus some suggestions on what to buy children for Christmas this year.

Check out the answers to some of users’ biggest security questions about the Log4Shell vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105).