Malicious actors are using SourceForge to distribute a miner and the ClipBanker Trojan while utilizing unconventional persistence techniques. This article has been indexed from Securelist Read the original article: Attackers distributing a miner and the ClipBanker Trojan via SourceForge
Category: Securelist
How ToddyCat tried to hide behind AV software
While analyzing a malicious DLL library used in attacks by APT group ToddyCat, Kaspersky expert discovered the CVE 2024-11859 vulnerability in a component of ESET’s EPP solution. This article has been indexed from Securelist Read the original article: How ToddyCat…
A journey into forgotten Null Session and MS-RPC interfaces, part 2
Kaspersky expert dissects the MS-RPC security mechanism and provides a step-by-step analysis of calling a function from the Netlogon interface. This article has been indexed from Securelist Read the original article: A journey into forgotten Null Session and MS-RPC interfaces,…
TookPS: DeepSeek isn’t the only game in town
The TookPS malicious downloader is distributed under the guise of DeepSeek, and further mimics UltraViewer, AutoCAD, SketchUp, Ableton, and other popular tools. This article has been indexed from Securelist Read the original article: TookPS: DeepSeek isn’t the only game in…
Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain
Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome. This article has been indexed from Securelist Read the original article: Operation ForumTroll: APT attack with Google Chrome zero-day…
Financial cyberthreats in 2024
The Kaspersky financial threat report for 2024 contains the main trends and statistics on financial phishing and scams, mobile and PC banking malware, as well as recommendations on how to protect yourself and your business. This article has been indexed…
Threat landscape for industrial automation systems in Q4 2024
The report contains statistics on malware, initial infection vectors and other threats to industrial automation systems in Q4 2024. This article has been indexed from Securelist Read the original article: Threat landscape for industrial automation systems in Q4 2024
Arcane stealer: We want all your data
The new Arcane stealer spreads via YouTube and Discord, collecting data from many applications, including VPN and gaming clients, network utilities, messaging apps, and browsers. This article has been indexed from Securelist Read the original article: Arcane stealer: We want…
Head Mare and Twelve join forces to attack Russian entities
We analyze the activities of the Head Mare hacktivist group, which has been attacking Russian companies jointly with Twelve. This article has been indexed from Securelist Read the original article: Head Mare and Twelve join forces to attack Russian entities
Incident response analyst report 2024
Kaspersky provides incident response statistics for 2024, as well real incidents analysis. The report also shares IR trends and cybersecurity recommendations. This article has been indexed from Securelist Read the original article: Incident response analyst report 2024