VIRUS-NEWS
Shlayer Trojan attacks one in ten macOS users
by Anton V. Ivanov23 Jan 2020 at 10:00am
For close to two years now, the Shlayer Trojan has been the most common threat on the macOS platform: in 2019, one in ten of our Mac security solutions encountered this malware at least once.
Smartphone shopaholic
by Igor Golovin9 Jan 2020 at 10:00am
Cybercriminals use Trojan-Dropper.AndroidOS.Shopper.a to boost certain app?s rating and increase the number of installations and registrations. All this can be used, among other things, to dupe advertisers.
Operation AppleJeus Sequel
by GReAT8 Jan 2020 at 10:00am
To attack macOS users, the Lazarus group has developed homemade macOS malware, and added an authentication mechanism to deliver the next stage payload very carefully, as well as loading the next-stage payload without touching the disk.
How we developed our simple Harbour decompiler
by Konstantin Zykov20 Dec 2019 at 12:00pm
There were no readily available tools to analyze how the program written in Harbour works. So, we wrote our own. We hope this decompiler makes analyzing samples written in Harbour a little bit easier for others as well.
OilRig?s Poison Frog ? old samples, same trick
by GReAT17 Dec 2019 at 12:00pm
After we wrote our private report on the OilRig leak, we decided to scan our archives with our YARA rule, to hunt for new and older samples. Aside from finding some new samples, we believe we also succeeded in finding some of the first Poison Frog samples.
Kaspersky Security Bulletin 2019. Statistics
by AMR12 Dec 2019 at 12:00pm
During the year, Kaspersky solutions repelled 975 491 360 attacks launched from online resources located all over the world and 273 782 113 unique URLs were recognized as malicious by web antivirus components.
Story of the year 2019: Cities under ransomware siege
by Kaspersky11 Dec 2019 at 10:00am
Based on publicly available statistics and announcements monitored by Kaspersky experts, 2019 has seen at least 174 municipal organizations targeted by ransomware.
Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium
by AMR10 Dec 2019 at 8:00pm
During our investigation, we discovered that yet another 0-day exploit (CVE-2019-1458) was used in Operation WizardOpium attacks.
APT review: what the world?s threat actors got up to in 2019
by David Emm4 Dec 2019 at 10:00am
What were the most interesting developments in terms of APT activity during the year and what can we learn from them?
Corporate security prediction 2020
by Petr Mareichev3 Dec 2019 at 10:00am
The popularity of cloud services is growing, and threat actors are here to exploit the trend.
