VIRUS-NEWS
APT trends report Q2 2021
by GReAT29 Jul 2021 at 10:00am
This is our latest summary of advanced persistent threat (APT) activity, focusing on significant events that we observed during Q2 2021: attacks against Microsoft Exchange servers, APT29 and APT31 activities, targeting campaigns, etc.
DDoS attacks in Q2 2021
by Alexander Gutnikov, Ekaterina Badovskaya, Oleg Kupreev, Yaroslav Shmelev28 Jul 2021 at 10:00am
In this report you'll find Kaspersky DDoS Intelligence statistics, news overview and DDoS market trends and predictions for Q2 2021.
Managed Detection and Response in Q4 2020
by Kaspersky Security Services21 Jul 2021 at 10:00am
During the reported period, our MDR processed approximately 65 000 alerts, followed by an investigation that resulted in 1 506 incidents reported to customers, approximately 93% of which were mapped to the MITRE ATT&CK framework.
Arrests of members of Tetrade seed groups Grandoreiro and Melcoz
by GReAT14 Jul 2021 at 6:00pm
Spain?s Ministry of the Interior has announced the arrest of 16 individuals connected to the Grandoreiro and Melcoz cybercrime groups. Both are originally from Brazil and form part of the Tetrade umbrella, operating for a few years now in Latin America and Western Europe.
LuminousMoth APT: Sweeping attacks for the chosen few
by Mark Lechtik, Paul Rascagneres, Aseel Kayal14 Jul 2021 at 10:00am
We recently came across unusual APT activity that was detected in high volumes, albeit most likely aimed at a few targets of interest. Further analysis revealed that the actor, which we dubbed LuminousMoth, shows an affinity to the HoneyMyte group, otherwise known as Mustang Panda.
Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)
by Kaspersky8 Jul 2021 at 5:00am
Last week Microsoft warned Windows users about vulnerabilities in the Windows Print Spooler service ? CVE-2021-1675 and CVE-2021-34527 (also known as PrintNightmare). We are closely monitoring the situation and improving generic detection of these vulnerabilities.
WildPressure targets the macOS platform
by Denis Legezo7 Jul 2021 at 10:00am
We found new malware samples used in WildPressure campaigns: newer version of the C++ Milum Trojan, a corresponding VBScript variant with the same version number, and a Python script working on both Windows and macOS.
REvil ransomware attack against MSPs and its clients around the world
by Kaspersky5 Jul 2021 at 1:00pm
An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims reportedly have been compromised a popular MSP software which led to encryption of their customers.
Do cybercriminals play cyber games in quarantine? A look one year later
by Maria Namestnikova1 Jul 2021 at 12:00pm
Last year, we took a look at how the pandemic influenced the threat landscape for gamers and the gaming industry. One year later, online gamers are even more active, and cybercriminals continue to exploit this.
Remote dating: How do the apps safeguard our data?
by Tatyana Shishkova29 Jun 2021 at 10:00am
The pandemic and the restrictions that came with it have led to an increase in the popularity of dating apps. But what about their security?
