VIRUS-NEWS
DuneQuixote campaign targets Middle Eastern entities with ?CR4T? malware
by GReAT18 Apr 2024 at 10:00am
New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and CR4T backdoor in C and Go.
SoumniBot: the new Android banker?s unique techniques
by Dmitry Kalinin17 Apr 2024 at 10:00am
We review the new mobile Trojan banker SoumniBot, which exploits bugs in the Android manifest parser to dodge analysis and detection.
Using the LockBit builder to generate targeted ransomware
by Eduardo Ovalle, Francesco Figurelli, Cristian Souza, Ashley Muņoz15 Apr 2024 at 10:00am
Kaspersky researchers revisit the leaked LockBit 3.0 builder and share insights into a real-life incident involving a custom targeted ransomware variant created with this builder.
XZ backdoor story ? Initial analysis
by GReAT12 Apr 2024 at 8:00am
Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server process.
DinodasRAT Linux implant targeting entities worldwide
by Anderson Leite, Lisandro Ubiedo28 Mar 2024 at 1:00pm
In this article, we share our analysis of a recent version of the DinodasRAT implant for Linux, which may have been active since 2022.
Android malware, Android malware and more Android malware
by GReAT20 Mar 2024 at 11:00am
In this report, we share our latest Android malware findings: the Tambir spyware, Dwphon downloader and Gigabud banking Trojan.
Threat landscape for industrial automation systems. H2 2023
by Kaspersky ICS CERT19 Mar 2024 at 10:00am
Kaspersky ICS CERT shares industrial threat statistics for H2 2023: most commonly detected malicious objects, threat sources, threat landscape by industry and region.
A patched Windows attack surface is still exploitable
by Elsayed Elrefaei, Ashraf Refaat, Kaspersky GERT14 Mar 2024 at 10:00am
In this report, we highlight the key points about a class of recently-patched elevation-of-privilege vulnerabilities affecting Microsoft Windows, and then focus on how to check if any of them have been exploited or if there have been any attempts to exploit them.
What?s in your notepad? Infected text editors target Chinese users
by Sergey Puzan13 Mar 2024 at 11:29am
Infected versions of the text editors VNote and Notepad‐‐ for Linux and macOS, apparently loading a backdoor, are being distributed through a Chinese search engine.
The State of Stalkerware in 2023?2024
by Kaspersky13 Mar 2024 at 8:00am
In this report, Kaspersky shares statistics on stalkerware detections, as well as insights into the impact of digital stalking in 2023 and the beginning of 2024, and advice for those affected.