Category: SECURELIST
-
ToddyCat is making holes in your infrastructure
We continue to report on the APT group ToddyCat. This time, we’ll talk about traffic tunneling, constant access to a target …
-
DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware
New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and …
-
SoumniBot: the new Android banker’s unique techniques
We review the new mobile Trojan banker SoumniBot, which exploits bugs in the Android manifest parser to dodge analysis and …
-
Using the LockBit builder to generate targeted ransomware
Kaspersky researchers revisit the leaked LockBit 3.0 builder and share insights into a real-life incident involving a custom targeted …
-
XZ backdoor story – Initial analysis
Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server …
-
DinodasRAT Linux implant targeting entities worldwide
In this article, we share our analysis of a recent version of the DinodasRAT implant for Linux, which may have been active since …
-
Android malware, Android malware and more Android malware
In this report, we share our latest Android malware findings: the Tambir spyware, Dwphon downloader and Gigabud banking …
-
Threat landscape for industrial automation systems. H2 2023
Kaspersky ICS CERT shares industrial threat statistics for H2 2023: most commonly detected malicious objects, threat sources, threat …
-
A patched Windows attack surface is still exploitable
In this report, we highlight the key points about a class of recently-patched elevation-of-privilege vulnerabilities affecting Microsoft …
-
What’s in your notepad? Infected text editors target Chinese users
Infected versions of the text editors VNote and Notepad‐‐ for Linux and macOS, apparently loading a backdoor, are being …
●●●