-
Kaspersky discovers new Ymir ransomware used together with RustyStealer
- November 11, 2024
- Posted by: chuckb
- Category: Securelist
No Comments -
QSC: new modular framework in CloudComputating campaigns
- November 8, 2024
- Posted by: chuckb
- Category: Securelist
-
SteelFox Trojan imitates popular products to drop stealer and miner malware
- November 6, 2024
- Posted by: chuckb
- Category: Securelist
In August 2024, we uncovered “SteelFox,” a new crimeware bundle that spreads through torrent trackers and imitated software like AutoCAD. Utilizing advanced techniques like shellcoding and abuse of drivers, it steals credit card data, posing a significant threat.
-
Cyberthreats in the Middle East H1 2024
- November 4, 2024
- Posted by: chuckb
- Category: Securelist
The Kaspersky Digital Footprint Intelligence team analyzed dark web threats targeting businesses and governments in the Middle East in H1 2024. The report identifies severe threats like hacktivism, ransomware gangs, and data breaches that jeopardize operational integrity.
-
SideWinder APT’s post-exploitation framework analysis
- November 4, 2024
- Posted by: chuckb
- Category: Securelist
-
Kernel shellcode persistence technique in APT attacks and SAS CTF challenge
- November 4, 2024
- Posted by: chuckb
- Category: Securelist
-
Analyzing the familiar tools used by the Crypt Ghouls hacktivists
- November 4, 2024
- Posted by: chuckb
- Category: Securelist
In December, a new ransomware group targeting Russian entities was identified, named “Crypt Ghouls”. The group linked its campaign to existing threats, utilizing tools like Mimikatz and LockBit 3.0. They gained access via compromised contractor credentials over a VPN, showcasing evolving tactics.
-
Stealers on the rise: Kral, AMOS, Vidar and ACR
- November 4, 2024
- Posted by: chuckb
- Category: Securelist
In 2023, nearly 10 million devices were targeted by information stealers, tools used for credential theft and cyberattacks. The Kral and AMOS stealers, identified this year, exploit phishing tactics and disguise themselves to collect sensitive data, emphasizing ongoing threats.
-
Grandoreiro banking trojan: overview of recent versions and new tricks
- November 4, 2024
- Posted by: chuckb
- Category: Securelist
Grandoreiro, a notorious Brazilian banking trojan, has been active since 2016, targeting 1,700 banks and 276 crypto wallets across 45 countries in 2024. Despite law enforcement arrests, its operators continue to innovate, evading detection and expanding tactics, including mouse movement tracking to bypass anti-fraud solutions.
-
Lazarus APT steals cryptocurrency and user data via a decoy MOBA game
- November 4, 2024
- Posted by: chuckb
- Category: Securelist
- 1
- 2
Contact us at the Consulting WP office nearest to you or submit a business inquiry online.