During the reported period, our MDR processed approximately 65 000 alerts, followed by an investigation that resulted in 1 506 incidents reported to customers, approximately 93% of which were mapped to the MITRE ATT&CK framework.
Spain’s Ministry of the Interior has announced the arrest of 16 individuals connected to the Grandoreiro and Melcoz cybercrime groups. Both are originally from Brazil and form part of the Tetrade umbrella, operating for a few years now in Latin America and Western Europe.
We recently came across unusual APT activity that was detected in high volumes, albeit most likely aimed at a few targets of interest. Further analysis revealed that the actor, which we dubbed LuminousMoth, shows an affinity to the HoneyMyte group, otherwise known as Mustang Panda.
Last week Microsoft warned Windows users about vulnerabilities in the Windows Print Spooler service – CVE-2021-1675 and CVE-2021-34527 (also known as PrintNightmare). We are closely monitoring the situation and improving generic detection of these vulnerabilities.
We found new malware samples used in WildPressure campaigns: newer version of the C++ Milum Trojan, a corresponding VBScript variant with the same version number, and a Python script working on both Windows and macOS.
An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims reportedly have been compromised a popular MSP software which led to encryption of their customers.
Last year, we took a look at how the pandemic influenced the threat landscape for gamers and the gaming industry. One year later, online gamers are even more active, and cybercriminals continue to exploit this.
The pandemic and the restrictions that came with it have led to an increase in the popularity of dating apps. But what about their security?
Dan Demeter, Senior Security Researcher with Kaspersky's Global Research and Analysis Team and head of Kaspersky's Honeypot project, explains what honeypots are, why they're recommended for catching external threats, and how you can set up your own simple SSH-honeypot.
In mid-March 2021, we observed two new spam campaigns delivering banking Trojans. The payload in most cases was IcedID, but we have also seen a few QBot (aka QakBot) samples.
Сybersecurity companies implement a variety of methods to discover previously unknown malware files. Machine learning (ML) is a powerful and widely used approach for this task. But can we rely entirely on machine learning approaches in the battle with the bad guys? Or could powerful AI itself be vulnerable?
Costin Raiu has been with Kaspersky since 2000. In 2010, he became Director of our Global Research and Analysis Team (GReAT). In our interview with Costin, he spoke about the job of a security researcher, its challenges and advantages, and offered some advice for newcomers to cybersecurity.
Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. The ransomware was used by an unknown adversary for exploiting a Microsoft Exchange vulnerability (CVE-2021-27065).
Subscribe to Secure List feed