Introduction Traditionally, most malicious objects detected on the macOS platform are adware: besides the already familiar Shlayer family, the TOP 10 includes Bnodlero, Cimpli, Adload and Pirrit adware. As a rule, most tend to...
Introduction A short while ago, Apple released Mac computers with the new chip called Apple M1. The unexpected release was a milestone in the Apple hardware industry. However, as technology evolves, we also observe...
Some time ago, we discovered a number of fake apps delivering a Monero cryptocurrency miner to user computers. They are distributed through malicious websites that may turn up in the victim’s search results. By...
Lazarus targets defense industry with ThreatNeedle (PDF) We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending...
Introduction On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In parallel, Volexity published an article with their...
Whilst monitoring the Lazarus group’s campaigns focusing on several industries, Kaspersky discovered that they just lately went just after COVID-19-connected entities, which include a pharma company and a authorities ministry. Graphic and Post Resource...
On December 13, 2020 FireEye published important details of a newly discovered supply chain attack. An unknown attacker, referred to as UNC2452 or DarkHalo planted a backdoor in the SolarWinds Orion IT software. This...
We track the ongoing activities of more than 900 advanced threat actors; you can find our quarterly overviews here, here and here. Here we try to focus on what we consider to be the...
When we talk about ransomware, we need to draw a line between what it used to be and what it currently is. Why? Because nowadays ransomware is not just about encrypting data – it’s...
The new trojan has been infecting cell products to goal economical apps from banking institutions, exchanges, and cryptocurrencies in Brazil, Paraguay, Peru, Portugal, Germany, Angola, and Mozambique. Picture and Write-up Source link Study far...
In the past yr, Maze ransomware has turn out to be a person of the most infamous malware family members threatening organizations and large businesses, like LG, Southwire, and the Town of Pensacola. Picture...
On October 1, 2020, the DHS CISA agency released information about a malware family called SlothfulMedia, which they attribute to a sophisticated threat actor. We have been tracking this set of activity through our...
Part II. Technical details (PDF) UEFI (or Unified Extensible Firmware Interface) has become a prominent technology that is embedded within designated chips on modern day computer systems. Replacing the legacy BIOS, it is typically...
IT threat evolution Q2 2020. PC statistics IT threat evolution Q2 2020. Mobile statistics Targeted attacks PhantomLance: hiding in plain sight In April, we reported the results of our investigation into a mobile spyware...
In August 2020, we published a blog post about Operation PowerFall. This targeted attack consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer 11 and an elevation of privilege exploit...
The use of crypto-ransomware in targeted attacks has become an ordinary occurrence lately: new incidents are being reported every month, sometimes even more often. On July 23, Garmin, a major manufacturer of navigation equipment...
