VIRUS-NEWS
DDoS attacks in Q1 2019
by Oleg Kupreev21 May 2019 at 10:00am
Q1 2019 held no particular surprises, save for countries such as Saudi Arabia, the Netherlands, and Romania maintaining a high level of DDoS activity.
Spam and phishing in Q1 2019
by Maria Vergelis15 May 2019 at 10:00am
In Q1 2019, the average share of spam in global mail traffic rose by 0.06 p.p. to 55.97%, and the Anti-Phishing system prevented more than 111,832,308 redirects to phishing sites, up 35,220,650 in comparison with the previous reporting period.
ScarCruft continues to evolve, introduces Bluetooth harvester
by GReAT13 May 2019 at 10:00am
After publishing our initial series of blogposts back in 2016, we have continued to track the ScarCruft threat actor. ScarCruft is a Korean-speaking and allegedly state-sponsored threat actor that usually targets organizations and companies with links to the Korean peninsula.
The 2019 DBIR is out
by GReAT8 May 2019 at 8:23pm
We are happy to support a large, voluntary, collaborative effort like the 2019 Data Breach Investigations Report. While our data contribution is completely anonymous, it is based in some of the 2018 data set that our private report customers receive.
FIN7.5: the infamous cybercrime rig ?FIN7? continues its activities
by Yury Namestnikov8 May 2019 at 10:00am
In 2018-2019, researchers of Kaspersky Lab?s Global Research and Analysis Team analyzed various campaigns that used the same Tactics Tools and Procedures (TTPs) as the historic FIN7, leading the researchers to believe that this threat actor had remained active despite the 2018 arrests.
APT trends report Q1 2019
by GReAT30 Apr 2019 at 10:00am
This is our latest summary of APT activity, based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. It aims to highlight the significant events and findings that we feel people should be ...
I know what you did last summer, MuddyWater blending in the crowd
by GReAT29 Apr 2019 at 8:00am
This report details a collection of tools used by MuddyWater threat actor on its targets after initial infection. It also details deceptive techniques used to divert investigations once attack tools have been deployed inside victim systems.
Operation ShadowHammer: a high-profile supply chain attack
by GReAT23 Apr 2019 at 10:00am
In late March 2019, we briefly highlighted our research on ShadowHammer attacks, a sophisticated supply chain attack involving ASUS Live Update Utility. Now it is time to share more details about the research with our readers.
New zero-day vulnerability CVE-2019-0859 in win32k.sys
by Vasily Berdnikov15 Apr 2019 at 10:00am
In March 2019, our automatic Exploit Prevention (EP) systems detected an attempt to exploit a vulnerability in the Microsoft Windows operating system. Further analysis of this event led to us discovering a zero-day vulnerability in win32k.sys
Large-scale SIM swap fraud
by Fabio Assolini11 Apr 2019 at 10:00am
If someone steals your phone number, you?ll face a lot of problems, especially because most of our modern two-factor authentication systems are based on SMSs that can be intercepted using this technique.
