Evasive Panda APT poisons DNS requests to deliver MgBot
Introduction
The Evasive Panda APT group (also known as Bronze Highland, Daggerfly, and StormBamboo) has been active since 2012, targeting multiple industries with sophisticated, evolving...
Assessing SIEM effectiveness
A SIEM is a complex system offering broad and flexible threat detection capabilities. Due to its complexity, its effectiveness heavily depends on how it...
Ransomware: two pieces of good news
“All your files have been encrypted.” How many times has this suddenly popped up on your screen? We hope never, because it’s one of...
Hello! My name is Dtrack
Our investigation into the Dtrack RAT actually began with a different activity. In the late summer of 2018, we discovered ATMDtrack, a piece of...
Threat landscape for smart buildings
The Kaspersky Industrial Cybersecurity Conference 2019 takes place this week in Sochi, the seventh such conference dedicated to the problems of industrial cybersecurity. Among...
Threats to macOS users
Introduction
The belief that there are no threats for the macOS operating system (or at least no serious threats) has been bandied about for decades....
This is what our summer’s like
For the second summer straight, we cover the children’s interests during the period when they have enough leisure to give themselves full time to...
Fully equipped Spying Android RAT from Brazil: BRATA
“BRATA” is a new Android remote access tool malware family. We used this code name based on its description – “Brazilian RAT Android”. It...
Incident Response report 2018
Download full report (PDF)
Introduction
This report covers our team’s incident response practices for the year 2018. We have thoroughly analyzed all the service requests, customer...
Spam and phishing in Q2 2019
Quarterly highlights
Spam through Google services
In the second quarter of 2019, scammers were making active use of cloud-based data storage services such as Google Drive...
Latest article
19th January – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 19th January, please download our Threat Intelligence Bulletin.
TOP ATTACKS AND BREACHES
Spanish energy company...
Pass’Sport – 6,366,133 breached accounts
In December 2025, data from France's Pass'Sport program was posted to a popular hacking forum. Initially misattributed to CAF (the French family allowance fund),...
Microsoft January 2026 Security Update Causes Credential Prompt Failures in Remote Desktop Connections
Microsoft has released an out-of-band emergency update to resolve a critical issue affecting Remote Desktop connections on Windows client devices. The problem emerged immediately...
Let’s Encrypt has made 6-day IP-based TLS certificates Generally Available
Let’s Encrypt, a key provider of free TLS certificates, has rolled out short-lived and IP address-based certificates for general use. These new options became...
