June 1, 2024 at 05:34PM Kaspersky released a new virus removal tool called KVRT for Linux, offering free scanning and removal of malware and known threats. Despite misconceptions about Linux security, recent backdoor examples prove otherwise. KVRT is not real-time protection but scans and cleans malware, adware, and more, supporting various Linux distributions. The tool … Read more
May 23, 2024 at 05:34PM Ransomware dubbed ShrinkLocker, utilizing Microsoft BitLocker to encrypt and extort payments, has been spotted by Kaspersky’s security team. The malware targets various sectors and hinders effective response, maximizing damage. It uses VBScript to determine the OS and allows attackers to change partition labels, extort victims, and delete recovery options. Kaspersky … Read more
May 9, 2024 at 05:52PM The “Careto” APT group, inactive for over a decade, has reemerged in cyber-espionage targeting entities in Latin America and Central Africa. Kaspersky researchers have identified previous victims and new targets, emphasizing the need to remain vigilant against long-dormant APTs. The group’s sophisticated attacks involve custom techniques and versatile implants, showcasing … Read more
May 3, 2024 at 05:34PM OSINT intelligence suggests that US may consider imposing sanctions on Kaspersky due to its alleged involvement with Russian drone development in the Ukraine war. InformNapalm claims data from stolen documents indicate Kaspersky’s role in Albatross drone technology, leading to potential sanctions. Kaspersky denies most allegations, citing contextual misrepresentation and a … Read more
April 22, 2024 at 05:20PM ToddyCat, an APT group, collects data on an industrial scale from government and defense targets in the Asia-Pacific region. They use multiple simultaneous connections to steal data and maintain access, and have links to attacks going back to at least December 2020. Kaspersky recommends specific actions for organizations to protect … Read more
April 22, 2024 at 11:30AM Russian cyber firm Kaspersky reports the activities of threat actor ToddyCat, who targets primarily governmental and defense-related organizations in the Asia-Pacific region. The adversary employs various tools and techniques for large-scale data harvesting and data exfiltration, including passive backdoors and tunneling data gathering software to bypass defenses and access sensitive … Read more
April 22, 2024 at 12:33AM SafeBreach researchers at Black Hat Asia revealed flaws in Microsoft and Kaspersky security products, allowing remote file deletion even after patching. By implanting malware signatures into legitimate files, attackers could trigger the deletion. Though patches were issued, researchers bypassed them and reported further vulnerabilities, emphasizing the complexity of fixing remote … Read more
April 19, 2024 at 02:45AM Government entities in the Middle East are targets of cyber espionage through a new backdoor named CR4T. Russian cybersecurity firm Kaspersky discovered the activity in February 2024 and uncovered a previously undocumented campaign codenamed DuneQuixote. The attackers exhibit advanced evasion capabilities and techniques through various methods to establish persistence. (Words: … Read more
February 27, 2024 at 06:01PM Kaspersky’s 2023 mobile threat analysis revealed a 50% increase in attacks on mobile devices, with adware constituting 40.8% of all threats. The surge in Android malware and riskware activity marks a concerning shift, urging the importance of remaining vigilant and implementing robust security measures. Kaspersky advises downloading apps from official … Read more
December 28, 2023 at 06:42AM The Operation Triangulation spyware targeting Apple iOS devices utilized unprecedented exploits to bypass hardware-based security. The sophisticated attack, active since 2019, used four zero-day flaws to gain access to iOS devices and gather sensitive information. Patches were released by Apple, with 20 zero-days resolved this year. A particular vulnerability, CVE-2023-38606, … Read more