Web beacons on websites and in e-mail
Explaining web beacons (web bugs, spy or tracking pixels), what companies use these on websites and in e-mail, how and …
SECURELIST
Threat intelligence reports, malware research, APT analysis and statistics.
Prilex modification now targeting contactless credit card transactions
Kaspersky discovers three new variants of the Prilex PoS malware capable of blocking contactless NFC transactions on an infected …
Come to the dark side: hunting IT professionals on the dark web
We have analyzed more than 800 IT job ads and resumes on the dark web. Here is what the dark web job market looks …
What your SOC will be facing in 2023
Supply chain and reoccurring attacks, data destruction, lack of staff — what challenges will your security operations center be facing in …
Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected …
What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks
Kaspersky’s predictions about the threats to corporations in 2023: media blackmail, fake leaks, cloud attacks, and more advanced …
How much security is enough?
A common perception in the infosec community is that there can never be too much security, but it is understood that “too much” security is …
BlueNoroff introduces new methods bypassing MoTW
We continue to track the BlueNoroff group’s activities and this October we observed the adoption of new malware strains in its …
Ransomware and wiper signed with stolen certificates
In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government …
CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
At the end of September, GTSC reported the finding of two 0-day vulnerabilities in Microsoft Exchange Server, CVE-2022-41040 and …
Reassessing cyberwarfare. Lessons learned in 2022
In this report, we propose to go over the various activities that were observed in cyberspace in relation to the conflict in Ukraine, …
How to train your Ghidra
Brief introduction to setting up Ghidra, and then configuring it with a familiar UI and shortcuts, so that you would not need to re-learn …
DeathStalker targets legal entities with new Janicab variant
While hunting for less common Deathstalker intrusions, we identified a new Janicab variant used in targeting legal entities in the Middle …
Main phishing and scamming trends and techniques
Phishing in social networks and messengers, marketplace fraud, exploitation of Google Forms and other services: we uncover what’s …