We look at memory corruption vulnerabilities in the open-source projects Suricata and FreeRDP and see what you can do to mitigate them. securelist.com/suricata-freer…

🍎 Since the last SAS, we've all been very curious about iOS hacking, so a talk on this topic is a welcome addition to the #TheSAS2024 agenda! ✨ Lars Fröder ([email protected]) will cover the state of iOS hacking in 2024 and discuss Apple's protections against kernel exploitation—and

Recently we have discovered a well-known #Necro downloader hiding inside a modified #Spotify app: opentip.kaspersky.com/acb7a06803e6de…. It’s similar to the Triada trojan and is capable of downloading and launching arbitrary DEX files. It’s distributed through websites offering Spotify

HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat 👉 kas.pr/c4gw

In large organizations, you might encounter incredibly old computers based on 1960s technologies. These mainframes are not only unique in their software and hardware architecture but also quite fragile — it's crucial not to disrupt their operation, as it directly impacts business

We have discovered a new web shell infection which is targeting a government entity in the Middle East. This is a new variant of a known China Chopper malware & has been attributed to Tropic Trooper group which has been active for over a decade. More ⇒ kas.pr/2aex

-=TWELVE=- is a threat group which is primarily targeting Russian government organizations. They specialize in encrypting and then deleting victims’ data, which suggests that their main goal is to inflict as much damage as possible on endpoints. We look at the evolution of the

Regular readers may recall when we wrote about 'Necro', which we first talked about it way back in 2019. Back then, we discovered a Trojan in CamScanner which had managed to clock up over 100 million downloads on Google Play. Fast-forward to today and the trojan has found its

For close to 20 years, we've used machine learning to help us automate threat detection, anomaly recognition, as well as enhance the accuracy of malware identification. In our latest article, we look at how we managed to achieve a 25% increase in APT detection via ML. Learn

Although not exactly new, criminals are spreading malware through fake websites with popular software such as #uTorrent, Microsoft Office, and Minecraf. They're also looking to spread their malware through #Telegram and #YouTube channels, installing Wazuh SIEM agents on victims’

We've recently discovered a new Trojan, dubbed Awaken Likho which is targeting Russian government agencies and industrial enterprises Active since 2021, it has recently updated its toolkit and has replaced UltraVNC with MeshAgent, an open-source remote management tool.

Analysis of new Crypt Ghouls threat group 👻 Last December, we discovered a new group targeting Russian businesses and government agencies with #ransomware. Investigation into this group’s activity suggests a connection between it and other groups which are actively targeting

Grandoreiro is a well-known Brazilian banking trojan, which forms part of the Tetrade umbrella has been active since at least 2016. INTERPOL and law enforcement agencies across the globe continue to fight against it, and we're proud to be a big part in that fight, sharing TTPs

We've written extensively about the Lazarus APT and its BlueNoroff subgroup here at Kaspersky and they're often at the forefront of APT innovation and experimentation. Recently we detected a new Manuscrypt infection on the personal computer of a person living in Russia. This is

Grandoreiro is a well-known Brazilian banking trojan, which forms part of the Tetrade umbrella has been active since at least 2016. INTERPOL and law enforcement agencies across the globe continue to fight against it, and we're proud to be a big part in that fight, sharing TTPs

We've written extensively about the Lazarus APT and its BlueNoroff subgroup here at Kaspersky and they're often at the forefront of APT innovation and experimentation. Recently we detected a new Manuscrypt infection on the personal computer of a person living in Russia. This is

"The equipment they use is unlike what you find in a typical IT environment,” explains Emad Haffar, META’s Head of Tech Experts. “Heavy-duty, industrial machinery is integral to moving cargo and coordinating logistics. If even one of these machines is compromised, it could