Advanced persistent threat (APT) actors continuously advance their ways of working. While some choose to remain consistent in their strategy, others adopt new techniques, tactics and procedures. In Q3, Kaspersky’s researchers witnessed Lazarus, a highly prolific advanced threat actor, developing supply chain attack capabilities and using their multi-platform MATA framework for cyber-espionage goals. This and other APT trends from across the world are revealed in Kaspersky’s latest quarterly threat intelligence summary.
Kaspersky, with the support of the DiploFoundation (a non-profit educational foundation), has developed an online simulation game to help diplomats and other cyber-professionals without a technical background understanding what’s happening during a cyberattack and developing an effective response to it at the international level.
To safeguard the security of data and transactions across its new Chugin mobile banking app aimed at private customers, Chugoku Bank, Ltd. has adopted Kaspersky Mobile Security software development kit (SDK). With the financial sector demanding highly secure applications and systems to protect company and customer data, the Kaspersky solution not only provides this peace of mind but rich functionality and usability.
For almost ten years, the Kaspersky Computer Incident Investigation Department researched various cybersecurity incidents, most of which are related to the activity of Russian-speaking cybercriminals. In recent years, Kaspersky security experts have observed several important changes to how these cybergangs operate and who they usually target.
Discovered in 2016, Trickbot’s main functionality was online banking data theft. Over its five years of activity, Trickbot banking Trojan has changed as attackers came up with a more advanced toolset. Kaspersky researchers have traced Trickbot’s evolution by analyzing its 61 existing modules and defined how Trickbot has been updated.
By providing a list of software components, known as the Software Bill of Materials (SBOM), global cybersecurity company Kaspersky is enhancing the ways in which it ensures the integrity of its products, and helps customers and partners understand what’s inside the company’s products and software architecture.
The cost of securing increasingly complex environments has soared to second place in the top challenges IT leaders say their businesses are facing in 2021. That is up from third place last year and sixth place in 2018, according to the latest Kaspersky ‘IT Security Economics’ report. With digitalization, remote work and cloud usage growth, this complexity may impact organizations’ visibility of threats and incident response.
In late summer 2021, Kaspersky’s automated detection technologies prevented a series of attacks using an elevation of privilege exploit on multiple Microsoft Windows servers. Upon closer analysis into the attack, Kaspersky researchers discovered a new zero-day exploit.