Tag: kaspersky
-
Analysen von Kaspersky – Cyberangreifer teilweise monatelang in Unternehmensnetzwerken
by
in SecurityNews
Tags: kasperskyFirst seen on security-insider.de Jump to article: www.security-insider.de/cybersicherheitsvorfaelle-unternehmen-trends-analysen-kaspersky-a-77af7b25d4b3634443841e1eaf147cfe/
-
Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices
Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a modified version of an Android malware called Triada.”More than 2,600 users in different countries have encountered the new version of Triada, the majority in Russia,” Kaspersky said in a report. The infections were recorded between…
-
New Triada Trojan comes preinstalled on Android devices
A new Triada trojan variant comes preinstalled on Android devices, stealing data on setup, warn researchers from Kaspersky. Kaspersky researchers discovered a new Triada trojan variant preinstalled on thousands of Android devices, enabling data theft upon setup. Kaspersky detected 2,600+ infections in Russia from March 13-27, 2025. The malware was discovered on counterfeit Android devices mimicking…
-
Triada-Trojaner auf Android-Smartphone-Fälschungen entdeckt
by
in SecurityNewsSicherheitsforscher von Kaspersky haben eine besonders raffinierte Variante des Triada-Trojaners auf nachgeahmten Android-Smartphones entdeckt. Mehr als 2.600 Nutzer weltweit, darunter auch in Deutschland, sind betroffen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/triada-trojaner-android-smartphone
-
Russian media, academia targeted in espionage campaign using Google Chrome zero-day exploit
by
in SecurityNews“We have discovered and reported dozens of zero-day exploits actively used in attacks, but this particular exploit is certainly one of the most interesting we’ve encountered,” researchers from Kaspersky said in their analysis published Tuesday. First seen on therecord.media Jump to article: therecord.media/russian-media-academia-targeted-in-espionage-campaign
-
Google Hastily Patches Chrome Zero-Day Exploited by APT
by
in SecurityNewsResearchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/google-patches-chrome-zero-day-exploited-apt
-
APT Hackers Exploit Google Chrome Zero-Day in Operation ForumTroll to Bypass Sandbox Protections
by
in SecurityNewsIn mid-March 2025, Kaspersky researchers uncovered a sophisticated APT attack, dubbed Operation ForumTroll, which leveraged a previously unknown zero-day exploit in Google Chrome. This exploit allowed attackers to bypass Chrome’s sandbox protections, a critical security feature designed to isolate and contain malicious code. The attack was initiated through personalized phishing emails, which directed victims to…
-
CVE-2025-2783: Chrome Zero-Day Exploited in State-Sponsored Espionage Campaign
by
in SecurityNewsKaspersky Labs has uncovered a sophisticated cyber-espionage campaign”, dubbed Operation ForumTroll”, leveraging a previously unknown Google Chrome zero-day exploit, now First seen on securityonline.info Jump to article: securityonline.info/cve-2025-2783-chrome-zero-day-exploited-in-state-sponsored-espionage-campaign/
-
Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky
by
in SecurityNews
Tags: attack, browser, chrome, cve, exploit, google, kaspersky, remote-code-execution, vulnerability, zero-dayThe vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks in Russian. The post Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/google-patches-chrome-sandbox-escape-zero-day-caught-by-kaspersky/
-
Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers
Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal.”Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized command-and-control (C2) servers exclusively linked to Twelve prior to these incidents,” the company said. “This suggests First seen…
-
2024: 35 Prozent der Angriffe dauerten länger als einen Monat
by
in SecurityNewsCyberangriffe stellen für Unternehmen in Deutschland weiterhin eine erhebliche Herausforderung dar. Laut dem Incident Response 2024 Report von Kaspersky waren im vergangenen Jahr 69 Prozent der deutschen Unternehmen von mindestens einem Cybersicherheitsvorfall betroffen, 31 Prozent erlebten sogar mehrere Angriffe. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/angriffe-laenger-als-einen-monat
-
Incident Response 2024 Report: 35 Prozent der Cyber-Angriffe dauerten laut Kaspersky länger als einen Monat
by
in SecurityNewsFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/incident-response-2024-report-35-prozent-cyber-angriff-dauer-kaspersky-ein-monat
-
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users
YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users.”What’s intriguing about this malware is how much it collects,” Kaspersky said in an analysis. “It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla,…
-
31 Prozent der Cyberangriffe erfolgen über kompromittierte Accounts
by
in SecurityNewsCyberkriminelle setzen verstärkt auf gestohlene, aber gültige Account-Daten, um ihre Angriffe zu starten. Eine aktuelle Analyse von Kaspersky zeigt, dass im vergangenen Jahr in 31 Prozent der Sicherheitsvorfälle legitime Accounts den ersten Angriffspunkt darstellten. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cyberangriff-kompromittierte-account
-
SideWinder APT targets maritime and nuclear sectors with enhanced toolset
by
in SecurityNewsThe APT group SideWinder targets maritime and logistics companies across South and Southeast Asia, the Middle East, and Africa. Kaspersky researchers warn that the APT group SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) is targeting maritime, logistics, nuclear, telecom, and IT sectors across South Asia, Southeast Asia, the Middle East, and Africa. SideWinder(also…
-
SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa
by
in SecurityNewsMaritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have become the target of an advanced persistent threat (APT) group dubbed SideWinder.The attacks, observed by Kaspersky in 2024, spread across Bangladesh, Cambodia, Djibouti, Egypt, the United Arab Emirates, and Vietnam. Other targets of interest include nuclear power plants and nuclear…
-
APT-Gruppe Sidewinder zielt auf Atomkraftwerke ab
by
in SecurityNewsLaut aktuellen Analysen von Kaspersky hat die berüchtigte Advanced-Persistent-Threat (APT) -Gruppe ihre Angriffsstrategien angepasst und ihre geografischen Ziele ausgeweitet. Im Rahmen der jüngsten Spionagekampagne richtet sich Sidewinder nun auch gegen Atomkraftwerke und Energieeinrichtungen. Betroffene Unternehmen finden sich überwiegend in Afrika und Südostasien, aber auch in Teilen Europas, darunter Österreich. Sidewinder ist seit mindestens 2012 […]…
-
SideWinder greift jetzt auch Atomkraftwerke an
by
in SecurityNewsDie berüchtigte Advanced Persistent Threat (APT)-Gruppe SideWinder hat ihre Angriffstaktiken verfeinert und ihre geografische Reichweite erheblich ausgeweitet. Laut aktuellen Analysen von Kaspersky nimmt die Gruppe nun gezielt Atomkraftwerke und Energieeinrichtungen ins Visier. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/sidewinder-atomkraftwerke
-
Large-scale cryptocurrency miner campaign targets Russian users with SilentCryptoMiner
Experts warn of a large-scale cryptocurrency miner campaign targeting Russian users with SilentCryptoMiner. Kaspersky researchers discovered a mass malware campaign spreading SilentCryptoMiner by disguising it as a tool to bypass internet restrictions. While investigating the increased use of Windows Packet Divert (WPD) tools by crooks to distribute malware under this pretense, the researchers spotted the…
-
SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools
by
in SecurityNewsA new mass malware campaign is infecting users with a cryptocurrency miner named SilentCryptoMiner by masquerading it as a tool designed to circumvent internet blocks and restrictions around online services.Russian cybersecurity company Kaspersky said the activity is part of a larger trend where cybercriminals are increasingly leveraging Windows Packet Divert (WPD) tools to distribute malware…
-
Banking-Trojaner auf Android-Smartphones explodieren um 196 %
by
in SecurityNewsKaspersky Security Network weist auf einen deutlichen Anstieg von Banking-Trojanern um 196 % im Jahr 2024 auf Android-Smartphones hin. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/online-betrug/banking-trojaner-auf-android-smartphones-explodieren-um-196-311126.html
-
33.3 Million Cyber Attacks Targeted Mobile Devices in 2024 as Threats Surge
Kaspersky’s latest report on mobile malware evolution in 2024 reveals a significant increase in cyber threats targeting mobile devices. The security firm’s products blocked a staggering 33.3 million attacks involving malware, adware, or unwanted mobile software throughout the year. Mobile Malware Landscape Evolves with New Distribution Schemes Adware continued to dominate the mobile threat landscape,…
-
Trigon: Latest iOS Kernel Exploit Uncovered
by
in SecurityNewsA sophisticated kernel exploit leveraging CVE-2023-32434, an integer overflow vulnerability in Apple’s XNU virtual memory subsystem, has been unveiled by security researchers. DubbedTrigon, this exploit chain enables deterministic kernel read/write primitives on A10(X) devices, bypassing Apple’s KTRR and PPL protections through physical memory mapping techniques. Initially exploited in the Operation Triangulation campaign against Kaspersky researchers,…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 35
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. DragonForce Ransomware Group is Targeting Saudi Arabia Massive Botnet Targets M365 with Stealthy Password Spraying Attacks Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2 #StopRansomware: Ghost (Cring) Ransomware…
-
Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus
The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant.Cybersecurity company Kaspersky is tracking the activity under the name Angry Likho, which it said bears a “strong resemblance” to Awaken Likho…
-
Operation SalmonSlalom: New Malware Campaign Targets Industrial Organizations in Asia-Pacific
by
in SecurityNewsKaspersky ICS CERT has uncovered a new malware campaign, dubbed >>Operation SalmonSlalom,
-
GitVenom campaign targets gamers and crypto investors by posing as fake GitHub projects
by
in SecurityNewsGitVenom malware campaign targets gamers and crypto investors by posing as open-source projects on GitHub. Kaspersky researchers warn of a malware campaign, dubbed GitVenom, targeting GitHub users. The threat actors behind this campaign created hundreds of fake GitHub repositories with malicious code, disguising them as automation tools, crypto bots, and hacking utilities. The attackers used…
-
Angry Likho APT Group Resurfaces with New Attacks and Advanced Malware Tactics
Kaspersky Labs has uncovered new activity from Angry Likho, an advanced persistent threat (APT) group that has been First seen on securityonline.info Jump to article: securityonline.info/angry-likho-apt-group-resurfaces-with-new-attacks-and-advanced-malware-tactics/