Tag: APT | Kaspersky official blog

Protecting against attacks in ZIP, RAR, CAB, MSI, ISO and other archives

Security measures for handling archive files in organizations

Archives are being used in targeted phishing and other attacks on organizations. What tools, settings, and policies can mitigate the threat?

CVE-2025-2783 in Operation ForumTroll APT attack

Operation ForumTroll: APT attack via zero-day vulnerability

Our technologies have helped to detect the zero-day vulnerability CVE-2025-2783 in Google Chrome, which was used in a sophisticated APT attack.

What events to collect on computers for monitoring complex threats

What events help an MDR service detect attacks?

What information does an MDR service need to protect a company from complex targeted attacks?

Comprehensive overview of network detection & response capabilities and uses

NDR: the forefront of your company’s defense

What IT and cybersecurity leaders need to know about implementing network detection and response.

How the adversary-in-the-middle technique is used in spearphishing attacks

Cybercriminals are using AitM techniques to compromise accounts of company executives. How do they do this, and how to protect against it?

Are Macs safe? Threats to macOS users

Are Macs as safe as their owners think they are? A few recent stories about malware targeting macOS users.

How to protect corporate routers and firewalls against hacking

Outdated Cisco equipment under threat from firmware

Espionage operations to hack corporate routers are now commonplace — and all organizations need to be aware of this.

Security Analyst Summit 2023: key research

Four major studies presented by our experts at the SAS 2023 international conference.

TriangleDB, spyware implant of Operation Triangulation

TriangleDB: the spyware implant of Operation Triangulation

APT operators are showing increasing interest in mobile devices. Our experts have studied one of their tools.

Mark-of-the-Web bypass

The BlueNoroff APT group has adopted methods to bypass the Mark-of-the-Web mechanism

Is Avast Safe to Use in 2023?

Avast solutions have a pretty good reputation, but a handful of incidents call their safety into question. Read on to learn whether Avast can be trusted.

APT groups are actively exploiting the CVE-2022-41352 vulnerability in Zimbra Collaboration suit.

Vulnerability in Zimbra exploiting ITW

Servers with the Zimbra Collaboration suit installed are being attacked via an archive unpacking tool.

The LuoYu APT group distributes and controls the WinDealer malware through a man-on-the-side attack.

WinDealer: spyware with a peculiar delivery mechanism

Our experts studied the WinDealer malware created by the LuoYu APT group.

Lazarus backdoor in DeFi wallet

The Lazarus group continues to prey on cryptocurrency: cybercriminals distribute DeFi wallets with built-in backdoor.

Staying safe from Pegasus, Chrysaor and other APT mobile malware

How to protect your iPhone or Android smartphone from Pegasus and similar mobile APTs.

BlueNoroff’s search for cryptocurrency

Our experts have discovered a malicious campaign targeting fintech companies.

Tomiris backdoor

At the SAS 2021 conference, our experts talked about the Tomiris backdoor, which appears to be linked to the DarkHalo group.

Corporation hunters: Top 5 ransomware groups

The most active groups targeting companies, encrypting data, and demanding ransom.

MontysThree: Industrial cyberspy

Cybercriminals are using steganography to hide their code and seek industrial data.

Operation PowerFall: Two zero-day vulnerabilities

Our technologies prevented an attack. Expert analysis revealed the exploitation of two previously unknown vulnerabilities. What you need to know.

Sandbox for experts

We developed a sandbox capable of emulating a company-specific system in an isolated environment.

Privacy & Kids

APT