A mining multitool
Recently, an interesting miner implementation appeared on Kaspersky Lab’s radar. The malware, which we dubbed PowerGhost, is capable of stealthily establishing itself in a...
A study of car sharing apps
The growing popularity of car sharing services has led some experts to predict an end to private car ownership in big cities. The statistics...
Calisto Trojan for macOS
An interesting aspect of studying a particular piece of malware is tracing its evolution and observing how the creators gradually add new monetization or...
The return of Fantomas, or how we deciphered Cryakl
In early February this year, Belgian police seized the C&C servers of the infamous Cryakl cryptor. Soon afterwards, they handed over the private keys...
Coinvault, the court case
Today, after almost 3 years of waiting, it was finally the day of the trial. In the Netherlands, where the whole case took place,...
APT Trends Report Q2 2018
In the second quarter of 2017, Kaspersky Lab’s Global Research and Analysis Team (GReAT) began publishing summaries of the quarter’s private threat intelligence reports,...
To crypt, or to mine – that is the question
Way back in 2013 our malware analysts spotted the first malicious samples related to the Trojan-Ransom.Win32.Rakhni family. That was the starting point for this...
Ransomware and malicious crypto miners in 2016-2018
Ransomware is not an unfamiliar threat. For the last few years it has been affecting the world of cybersecurity, infecting and blocking access to...
Pbot: evolving adware
The adware PBot (PythonBot) got its name because its core modules are written in Python. It was more than a year ago that we...
Modern OSs for embedded systems
At Kaspersky Lab we analyze the technologies available on cybersecurity market and this time we decided to look at what OS developers are offering...
Latest article
3 practical ways AI threat detection improves enterprise cyber resilience
Why “more alerts” isn’t the same as better security If you run security in an enterprise environment, you already know...
North Korean Hackers Use Fake IT Worker Scheme to Infiltrate Companies and Evade Sanctions
North Korea has been running one of the most quietly effective cyber fraud operations in recent years. State-sponsored operatives working for the Pyongyang...
[R1] Nessus Versions 10.11.4 and 10.12.0 Fixes Arbitrary File Deletion
Nessus Versions 10.11.4 and 10.12.0 Fixes Arbitrary File Deletion Jason Schavel Thu, 04/23/2026 - 14:30
A vulnerability has been identified in Nessus on...
It pays to be a forever student
Welcome to this week’s edition of the Threat Source newsletter. If I haven’t said it in a newsletter before, I'll say it now: If you want to be good...
