Evasive Panda APT poisons DNS requests to deliver MgBot
Introduction
The Evasive Panda APT group (also known as Bronze Highland, Daggerfly, and StormBamboo) has been active since 2012, targeting multiple industries with sophisticated, evolving...
Ransomware: two pieces of good news
“All your files have been encrypted.” How many times has this suddenly popped up on your screen? We hope never, because it’s one of...
Hello! My name is Dtrack
Our investigation into the Dtrack RAT actually began with a different activity. In the late summer of 2018, we discovered ATMDtrack, a piece of...
Threat landscape for smart buildings
The Kaspersky Industrial Cybersecurity Conference 2019 takes place this week in Sochi, the seventh such conference dedicated to the problems of industrial cybersecurity. Among...
Threats to macOS users
Introduction
The belief that there are no threats for the macOS operating system (or at least no serious threats) has been bandied about for decades....
This is what our summer’s like
For the second summer straight, we cover the children’s interests during the period when they have enough leisure to give themselves full time to...
Fully equipped Spying Android RAT from Brazil: BRATA
“BRATA” is a new Android remote access tool malware family. We used this code name based on its description – “Brazilian RAT Android”. It...
Incident Response report 2018
Download full report (PDF)
Introduction
This report covers our team’s incident response practices for the year 2018. We have thoroughly analyzed all the service requests, customer...
Spam and phishing in Q2 2019
Quarterly highlights
Spam through Google services
In the second quarter of 2019, scammers were making active use of cloud-based data storage services such as Google Drive...
Agent 1433: remote attack on Microsoft SQL Server
All over the world companies large and small use Microsoft SQL Server for database management. Highly popular yet insufficiently protected, this DBMS is a...
Latest article
Let’s Encrypt has made 6-day IP-based TLS certificates Generally Available
Let’s Encrypt, a key provider of free TLS certificates, has rolled out short-lived and IP address-based certificates for general use. These new options became...
UAT-8837 Critical Infrastructure Attack
What is the Attack? An active campaign has been linked, with...
AppGuard Critiques AI Hyped Defenses; Expands its Insider Release for its Next-Generation Platform
A new Top 10 Cybersecurity Innovators profile by AppGuard has been released, spotlighting growing concerns over AI-enhanced malware. AI makes...
Implementing data governance on AWS: Automation, tagging, and lifecycle strategy – Part 2
In Part 1, we explored the foundational strategy, including data classification frameworks and tagging approaches. In this post, we examine the technical...
