Loki Bot: On a hunt for corporate passwords
Starting from early July, we have seen malicious spam activity that has targeted corporate mailboxes. The messages discovered so far contain an attachment with...
Operation AppleJeus: Lazarus hits cryptocurrency exchange with fake installer and macOS malware
Overview
Lazarus has been a major threat actor in the APT arena for several years. Alongside goals like cyberespionage and cybersabotage, the attacker has been...
Behind the Numbers: Database Authentication and Authorization
Earlier this month, I posted a blog about how most companies I speak with have not implemented a modern database authentication and authorization approach....
Dark Tequila Añejo
Dark Tequila is a complex malicious campaign targeting Mexican users, with the primary purpose of stealing financial information, as well as login credentials to...
Centrify Interns Reflect on a Summer of Zero Trust
Every summer, Centrify gets an infusion of fresh perspectives and eager learners via our Summer Intern program.
This summer, we had 22 interns join us...
Security assessment of corporate information systems in 2017
Each year, Kaspersky Lab’s Security Services department carries out dozens of cybersecurity assessment projects for companies worldwide. In this publication, we present a general...
Spam and phishing in Q2 2018
Quarterly highlights
GDPR as a phishing opportunity
In the first quarter, we discussed spam designed to exploit GDPR (General Data Protection Regulation), which came into effect...
Implementing Modern Approaches to Database Authentication and Authorization
The most common question I hear about Database Accounts is, “Can your solution vault Database Service and other Privileged Database Accounts?”
Every time I hear...
Latest article
Cyber attacks enabled by basic failings, Palo Alto analysis finds
Cyberattacks are moving faster, shrinking the gap between initial compromise and bad consequences, and the advent of AI is accelerating...
Malware in the Wild as Malicious Fork of Legitimate Triton App Surfaces on GitHub
A malicious fork of the legitimate macOS application Triton has surfaced on GitHub, exploiting open-source repositories to distribute malware. The fraudulent repository, created...
AI in the Middle: Turning Web-Based AI Services into C2 Proxies & The Future...
Key Points
Check Point Research (CPR) has discovered that certain AI assistants that support web browsing or URL fetching can be abused as covert...
Western cyber alliances risk fragmenting in new world order
The conduct of powerful nations is causing knock-on effects in the cyber world as long-standing security frameworks appear increasingly precarious - Read more
