VIRUS-NEWS
Two more malicious Python packages in the PyPI
by Leonid Bezvershenko, Igor Kuznetsov16 Aug 2022 at 12:00pm
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI. They were masquerading as one of the most popular open-source packages named ?requests?.
Threat in your browser: what dangers innocent-looking extensions hold for users
by Kaspersky16 Aug 2022 at 8:00am
In this research, we observed various types of threats that mimic useful web browser extensions, and the number of users attacked by them.
IT threat evolution in Q2 2022. Mobile statistics
by Tatyana Shishkova15 Aug 2022 at 12:00pm
In Q2 2022, we detected 405,684 mobile malware installation packages, of which 55,614 packages were related to mobile banking trojans, and 3,821 packages were mobile ransomware trojans.
IT threat evolution in Q2 2022. Non-mobile statistics
by AMR15 Aug 2022 at 12:00pm
Our non-mobile malware statistics for Q2 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices.
IT threat evolution Q2 2022
by David Emm15 Aug 2022 at 12:00pm
ToddyCat APT and WinDealer man-on-the-side attack, Spring4Shell and other vulnerabilities, ransomware trends and our in-depth analysis of the TTPs of the eight most widespread ransomware families.
OpenTIP, command line edition
by Igor Kuznetsov11 Aug 2022 at 8:30am
We released Python-based command line tools for our OpenTIP service that also implement a client class that you can reuse in your own tools.
VileRAT: DeathStalker?s continuous strike at foreign and cryptocurrency excha...
by Pierre Delcher, Giampaolo Dedola10 Aug 2022 at 10:00am
VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies.
Andariel deploys DTrack and Maui ransomware
by Kurt Baumgartner, Seongsu Park9 Aug 2022 at 10:00am
Earlier, the CISA published an alert related to a Stairwell report, ?Maui Ransomware.? Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.
Targeted attack on industrial enterprises and public institutions
by Kaspersky ICS CERT8 Aug 2022 at 8:00am
Kaspersky ICS CERT experts detected a wave of targeted attacks in several East European countries, as well as Afghanistan. Of the six backdoors identified on infected systems, five have been used earlier in attacks attributed to APT TA428.
DDoS attacks in Q2 2022
by Alexander Gutnikov, Oleg Kupreev, Yaroslav Shmelev3 Aug 2022 at 8:00am
Politically-motivated cyberattacks dominated the DDoS landscape in the second quarter of 2022 just as they did in Q1. Also, we saw the continuation of a trend that began in spring: an increase in superlong attacks.
