Kaspersky’s researchers have uncovered the third case of a firmware bootkit in the wild. Dubbed MoonBounce, this malicious implant is hidden within a computer’s Unified Extensible Firmware Interface (UEFI) firmware, an essential part of computers, in the SPI flash, a storage component external to the hard drive. Such implants are notoriously difficult to remove and are of limited visibility to security products. Having first appeared in the wild in the spring of 2021, MoonBounce demonstrates a sophisticated attack flow, with evident advancement in comparison to formerly reported UEFI firmware bootkits. Kaspersky researchers have attributed the attack with considerable confidence to the well-known advanced persistent threat (APT) actor APT41.
Kaspersky experts have uncovered a new, rapidly evolving, series of spyware campaigns, attacking more than 2,000 industrial enterprises across the globe. Unlike many mainstream spyware campaigns, these attacks stand out due to the limited number of targets in each attack, and the very short lifespan of each malicious sample. The study identified more than 25 marketplaces where stolen data is being sold. These and other findings were published in the new Kaspersky ICS CERT report.
The Kaspersky Takedown Service provides end-to-end management of the entire process of taking down malicious and phishing domains. Together with Kaspersky Digital Footprint, which helps analysts explore the adversary’s view of their company resources, it allows companies to effectively respond to malicious sources or phishing threats targeted at your organization and your customers.
Kaspersky experts have uncovered a series of attacks by advanced persistent threat (APT) actor BlueNoroff against small and medium-sized companies worldwide resulting in major cryptocurrency losses for the victims. The campaign, dubbed SnatchCrypto, is aimed at various companies that, by the nature of their work, deal with cryptocurrencies and smart contracts, DeFi, Blockchain, and the FinTech industry.
Kaspersky has been named number-one among companies with Russian origins patented in the United States in 2021 by IFI Claims Direct. The recognition from IFI, the global leader in patent data analytics with over 145 million patent records around the world, highlights Kaspersky’s leadership and innovation in the cybersecurity sphere.
Global Kaspersky research unveils that 30% of healthcare providers have experienced cases where their employees compromised customers’ personal information during remote consultations. In addition to this, almost half of providers believe that their clinicians don’t clearly understand how patients’ data is protected. However, 67% of them believe it is important for the healthcare sector to collect even more personal information to further industry development.
Kaspersky EDR has achieved the highest AAA award in SE Labs’ Enterprise Advanced Security test (previously known as Breach Response Test). The solution was noted for its ability to detect complex targeted attacks, track malicious behavior from the beginning to the end of an attack and generate no false positive results. During the evaluation, the product was exposed to the tools, techniques, and procedures used by advanced threat groups.
From January 20 to November 10, 2021, Kaspersky experts uncovered a new piece of malware that has targeted more than 35,000 computers across 195 countries. Dubbed “PseudoManuscrypt” for its similarities with the advanced persistent threat (APT) group Lazarus’ Manuscrypt malware, this new malware contains advanced spying capabilities and has been seen targeting both government organizations and industrial control systems (ICS) across numerous industries.