Kaspersky Lab – Beyond Black Friday Threat Report, November 2017

Introduction The festive holiday shopping season, which covers Thanksgiving, Black Friday and Cyber Monday in late November as well as Christmas in December, now accounts for a significant share of…

Investigation Report for the September 2014 Equation malware detection incident in the US

Background In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee’s home computer system.…

Threat Predictions for Cryptocurrencies in 2018

The landscape in 2017 Today, cryptocurrency is no longer only for computer geeks and IT pros. It’s starting to affect people’s daily life more than they realize. At the same…

Threat Predictions for Financial Services and Fraud in 2018

The landscape in 2017 In 2017 we’ve seen fraud attacks in financial services become increasingly account-centric. Customer data is a key enabler for large-scale fraud attacks and the frequency of…

APT Trends report Q3 2017

Introduction Beginning in the second quarter of 2017, Kaspersky’s Global Research and Analysis Team (GReAT) began publishing summaries of the quarter’s private threat intelligence reports in an effort to make…

IT threat evolution Q3 2017. Statistics

Q3 figures According to KSN data, Kaspersky Lab solutions detected and repelled 277,646,376 malicious attacks from online resources located in 185 countries all over the world. 72,012,219 unique URLs were…

IT threat evolution Q3 2017

Targeted attacks and malware campaigns [Re-]enter the dragon In July, we reported on the recent activities of a targeted attack group called ‘Spring Dragon’ (also known as LotusBlossom), whose activities…

Using legitimate tools to hide malicious code

The authors of malware use various techniques to circumvent defensive mechanisms and conceal harmful activity. One of them is the practice of hiding malicious code in the context of a…

DDoS attacks in Q3 2017

News Overview In the third quarter of 2017, the trends of the preceding quarters continued to develop further. The number of DDoS attacks in China, the United States, South Korea…

Spam and phishing in Q3 2017

Quarterly highlights Blockchain and spam Cryptocurrencies have been a regular theme in the media for several years now. Financial analysts predict a great future for them, various governments are thinking…

Silence – a new Trojan attacking financial organizations

More information about the Silence Trojan is available to customers of Kaspersky Intelligence Reporting Service. Contact: intelreports@kaspersky.com In September 2017, we discovered a new targeted attack on financial institutions. Victims…

Tales from the blockchain

Cryptocurrency has gradually evolved from an element of a new world, utopian economy to a business that has affected even those sectors of society least involved in information technology. At…

Gaza Cybergang – updated activity in 2017:

1. Summary information The Gaza cybergang is an Arabic-language, politically-motivated cybercriminal group, operating since 2012 and actively targeting the MENA (Middle East North Africa) region. The Gaza cybergang’s attacks have…

Analyzing an exploit for СVE-2017-11826

The latest Patch Tuesday (17 October) brought patches for 62 vulnerabilities, including one that fixed СVE-2017-11826 – a critical zero-day vulnerability used to launch targeted attacks – in all versions…

Bad Rabbit ransomware

What happened? On October 24th we observed notifications of mass attacks with ransomware called Bad Rabbit. It has been targeting organizations and consumers, mostly in Russia but there have also…

Dangerous liaisons

It seems just about everyone has written about the dangers of online dating, from psychology magazines to crime chronicles. But there is one less obvious threat not related to hooking…

ATM malware is being sold on Darknet market

Disclaimer and warning ATM systems appear to be very secure, but the money can be accessed fairly easily if you know what you are doing. Criminals are exploiting hardware and…

BlackOasis APT and new targeted attacks leveraging zero-day exploit

More information about BlackOasis APT is available to customers of Kaspersky Intelligence Reporting Service. Contact: intelreports@kaspersky.com Introduction Kaspersky Lab has always worked closely with vendors to protect users. As soon…

ATMii: a small but effective ATM robber

While some criminals blow up ATMs to steal cash, others use less destructive methods, such as infecting the ATM with malware and then stealing the money. We have written about…

The Festive Complexities of SIGINT-Capable Threat Actors

To read the full paper and learn more about this, refer to “Walking in Your Enemy’s Shadow: When Fourth-Party Collection Becomes Attribution Hell” Attribution is complicated under the best of…