This is a sign of a consistent trend of the threat actor exodus into deeper waters, to evade detection. These and other APT trends across the world are covered in Kaspersky’s latest quarterly threat intelligence summary.
A three-month APT trends summary for the last quarter came from Kaspersky’s private threat intelligence research, as well as other sources that cover the major developments that researchers believe everyone should be aware of.
In Q3 2019, Kaspersky researchers observed a tendency of APT toolsets’ diversification across the world. The most significant changes were performed by:
“Just as wepredictedlast year, in seeking to evade detection, threat actors refresh their toolsets and go into deep waters. This quarter, we have seen this clearly in the developments by a number of APT actors and campaigns across the globe. This is a challenge for researchers – when a new campaign is observed, it’s not always immediately clear whether the tools used are the result of an established threat actor revamping its tools, or a completely new threat actor making use of the tools developed by an existing APT group. Still, it highlighted the importance of investing in threat landscape intelligence. Knowledge is power, and you can only know where the danger might come from only informing yourself in advance,” said Vicente Diaz, security researcher, Global Research and Analysis Team, Kaspersky.
The APT trends report for Q3 summarizes the findings of Kaspersky’s subscriber-only threat intelligence reports, which also include Indicators of Compromise (IOC) data and YARA rules to assist in forensics and malware-hunting. For more information, please contact: firstname.lastname@example.org
In order to avoid falling victim to a targeted attack by a known or unknown threat actor, Kaspersky researchers recommend implementing the following measures:
Read the full APT Q3 2019 trends report on Securelist.