DDoS Attacks in Q3 2018
News Overview
The third quarter 2018 turned out relatively quiet in terms of DDoS attacks. “Relatively” because there were not very many high-level multi-day DDoS...
Hackers attacking your memories: science fiction or future threat?
Authors: Kaspersky Lab and the Oxford University Functional Neurosurgery Group
There is an episode in the dystopian near-future series Black Mirror about an implanted chip...
Phishing for knowledge
When we talk about phishing, top of mind are fake banking sites, payment systems, as well as mail and other globally popular services. However,...
Octopus-infested seas of Central Asia
For the last two years we have been monitoring a Russian-language cyberespionage actor that focuses on Central Asian users and diplomatic entities. We named...
Threats in the Netherlands
Introduction
On October 4, 2018, the MIVD held a press conference about an intercepted cyberattack on the OPWC in the Netherlands, allegedly by the advanced...
MuddyWater expands operations
Summary
MuddyWater is a relatively new APT that surfaced in 2017. It has focused mainly on governmental targets in Iraq and Saudi Arabia, according to...
Zero-day exploit (CVE-2018-8453) used in targeted attacks
Yesterday, Microsoft published their security bulletin, which patches CVE-2018-8453, among others. It is a vulnerability in win32k.sys discovered by Kaspersky Lab in August. We...
Shedding Skin – Turla’s Fresh Faces
Turla, also known as Venomous Bear, Waterbug, and Uroboros, may be best known for what was at the time an “ultra complex” snake rootkit...
Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
In Q2 2018, Kaspersky Lab published two blogposts about Roaming Mantis sharing details of this new cybercriminal campaign. In the beginning, the criminals used...
USB threats from malware to miners
Introduction
In 2016, researchers from the University of Illinois left 297 unlabelled USB flash drives around the university campus to see what would happen. 98%...
Latest article
Operation Endgame 4.0 – 153,527 breached accounts
On 18 June 2026, the latest phase of Operation Endgame targeted the SocGholish malware operation, a prolific malware distribution network used to compromise systems...
Accelerate security investigations with Kiro CLI
When a security event occurs in your Amazon Web Services (AWS) environment, rapid response is critical. However security teams often struggle with time-consuming, manual...
Close Encounters of the Human Kind
Welcome to this week’s Threat Source newsletter. I love a Spielberg summer. His ability to imbue a sense of wonder, awe, curiosity, and connection means he’s in a...
New iPhone BootROM Vulnerability Exposes Apple SoCs to Full Chain-of-Trust Compromise
A novel BootROM vulnerability, dubbed usbliter8, affects Apple devices powered by A12, S4/S5, and A13 SoCs. The exploit chains a hardware-level bug in the...
