VIRUS-NEWS
MoonBounce: the dark side of UEFI firmware
by Mark Lechtik, Vasily Berdnikov, Denis Legezo, Ilya Borisov20 Jan 2022 at 10:00am
At the end of 2021, we inspected UEFI firmware that was tampered with to embed a malicious code we dub MoonBounce. In this report we describe how the MoonBounce implant works and how it is connected to APT41.
Campaigns abusing corporate trusted infrastructure hunt for corporate credent...
by Kirill Kruglov19 Jan 2022 at 10:00am
Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises.
The BlueNoroff cryptocurrency hunt is still on
by Seongsu Park, Vitaly Kamluk13 Jan 2022 at 9:00am
It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group?s illegal income.
Choosing Christmas gifts for kids: Squid Game and Huggy Wuggy are trending
by Anna Larkina22 Dec 2021 at 10:00am
Kaspersky Safe Kids statistics on categories of websites, mobile apps and YouTube searches, plus some suggestions on what to buy children for Christmas this year.
Answering Log4Shell-related questions
by Kaspersky20 Dec 2021 at 3:45pm
Check out the answers to some of users? biggest security questions about the Log4Shell vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105).
How and why do we attack our own Anti-Spam?
by Alan Savushkin, Nikita Benkovich, Daniil Kovalchuk20 Dec 2021 at 10:00am
How to trick the machine-learning model in Anti-Spam designed to detect and quarantine suspicious e-mails, and how to detect such attacks.
PseudoManuscrypt: a mass-scale spyware attack campaign
by Kaspersky ICS CERT16 Dec 2021 at 10:00am
Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT group?s arsenal.
Kaspersky Managed Detection and Response: interesting cases
by Petr Mareichev, Sergey Soldatov15 Dec 2021 at 10:00am
Several interesting attacks detected by Kaspersky Managed Detection and Response (MDR): two PrintNightmare exploitation attempts, MuddyWater attack and LSASS credential dumping.
Kaspersky Security Bulletin 2021. Statistics
by AMR15 Dec 2021 at 10:00am
Key statistics for 2021: miners, ransomware, trojan bankers and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT.
Owowa: the add-on that turns your OWA into a credential stealer and remote ac...
by Paul Rascagneres, Pierre Delcher14 Dec 2021 at 10:00am
We found a suspicious binary and determined it as an IIS module, aimed at stealing credentials and enabling remote command execution from OWA. We named the malicious module ?Owowa?,
