Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor. This article has been indexed from Securelist Read the original article: EAGERBEE, with updated and novel components, targets the Middle East
Category: Securelist
Threat landscape for industrial automation systems in Q3 2024
The ICS CERT quarterly report covers threat landscape for industrial automation systems in Q3 2024. This article has been indexed from Securelist Read the original article: Threat landscape for industrial automation systems in Q3 2024
Cloud Atlas seen using a new tool in its attacks
We analyze the latest activity by the Cloud Atlas gang. The attacks employ the PowerShower, VBShower and VBCloud modules to download victims’ data with various PowerShell scripts. This article has been indexed from Securelist Read the original article: Cloud Atlas…
BellaCPP: Discovering a new BellaCiao variant written in C++
While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”. This article has been indexed from Securelist Read the original article: BellaCPP: Discovering a new BellaCiao variant written in C++
Attackers exploiting a patched FortiClient EMS vulnerability in the wild
Kaspersky’s GERT experts describe an incident with initial access to enterprise infrastructures through a FortiClient EMS vulnerability that allowed SQL injections. This article has been indexed from Securelist Read the original article: Attackers exploiting a patched FortiClient EMS vulnerability in…
Lazarus group evolves its infection chain with old and new malware
Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus. This article has been indexed from Securelist Read the original article: Lazarus group evolves its infection…
Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations
Kaspersky experts analyze attacks by C.A.S, a cybergang that uses uncommon remote access Trojans and posts data about victims in public Telegram channels. This article has been indexed from Securelist Read the original article: Analysis of Cyber Anarchy Squad attacks…
Download a banker to track your parcel
The Mamont banking trojan is spreading under the guise of a parcel-tracking app for fake stores claiming to offer goods at wholesale prices. This article has been indexed from Securelist Read the original article: Download a banker to track your…
Dark web threats and dark market predictions for 2025
Kaspersky experts review dark market trends in 2024, such as popularity of cryptors, loaders and crypto drainers on the dark web, and discuss what to expect in 2025. This article has been indexed from Securelist Read the original article: Dark…
Careto is back: what’s new after 10 years of silence?
Kaspersky researchers analyze 2019, 2022 and 2024 attacks attributed to Careto APT with medium to high confidence. This article has been indexed from Securelist Read the original article: Careto is back: what’s new after 10 years of silence?