Gaza Cybergang Group1, operation SneakyPastes
Gaza Cybergang(s) is a politically motivated Arabic-language cyberthreat actor, actively targeting the MENA (Middle East North Africa) region, especially the Palestinian Territories.
The confusion surrounding...
Project TajMahal – a sophisticated new APT framework
Executive summary
‘TajMahal’ is a previously unknown and technically sophisticated APT framework discovered by Kaspersky Lab in the autumn of 2018. This full-blown spying framework...
BasBanke: Trend-setting Brazilian banking Trojan
BasBanke is a new Android malware family targeting Brazilian users. It is a banking Trojan built to steal financial data such as credentials and...
Roaming Mantis, part IV
One year has passed since we published the first blogpost about the Roaming Mantis campaign on securelist.com, and this February we detected new activities...
Bots and botnets in 2018
Due to the wide media coverage of incidents involving Mirai and other specialized botnets, their activities have become largely associated with DDoS attacks. Yet...
Threat Landscape for Industrial Automation Systems in H2 2018
H2 2018 in figures
All statistical data used in this report was collected using the Kaspersky Security Network (KSN), a distributed antivirus network. The data...
AZORult++: Rewriting history
The AZORult Trojan is one of the most commonly bought and sold stealers in Russian forums. Despite the relatively high price tag ($100), buyers...
The fourth horseman: CVE-2019-0797 vulnerability
In February 2019, our Automatic Exploit Prevention (AEP) systems detected an attempt to exploit a vulnerability in the Microsoft Windows operating system. Further analysis...
Spam and phishing in 2018
Numbers of the year
The share of spam in mail traffic was 52.48%, which is 4.15 p.p. less than in 2017.
The biggest source of spam...
A predatory tale: Who’s afraid of the thief?
In mid-February, Kaspersky Lab received a request for incident response from one of its clients. The individual who initially reported the issue to our...
Latest article
3 practical ways AI threat detection improves enterprise cyber resilience
Why “more alerts” isn’t the same as better security If you run security in an enterprise environment, you already know...
North Korean Hackers Use Fake IT Worker Scheme to Infiltrate Companies and Evade Sanctions
North Korea has been running one of the most quietly effective cyber fraud operations in recent years. State-sponsored operatives working for the Pyongyang...
[R1] Nessus Versions 10.11.4 and 10.12.0 Fixes Arbitrary File Deletion
Nessus Versions 10.11.4 and 10.12.0 Fixes Arbitrary File Deletion Jason Schavel Thu, 04/23/2026 - 14:30
A vulnerability has been identified in Nessus on...
It pays to be a forever student
Welcome to this week’s edition of the Threat Source newsletter. If I haven’t said it in a newsletter before, I'll say it now: If you want to be good...
