- Attackers exploiting a patched FortiClient EMS vulnerability in the wildby Ashley Muñoz, Francesco Figurelli, Cristian Souza, Eduardo Ovalle, Areg Baghinyan on December 19, 2024 at 12:00 pm
Kaspersky’s GERT experts describe an incident with initial access to enterprise infrastructures through a FortiClient EMS vulnerability that allowed SQL injections.
- Story of the Year: global IT outages and supply chain attacksby Alexander Liskin, Vladimir Kuskov, Igor Kuznetsov, Vitaly Kamluk on December 9, 2024 at 10:00 am
While the CrowdStrike incident is still fresh in our minds, Kaspersky experts look back on similar IT outages that happened in 2024 and predict potential threats for 2025.
- Exploits and vulnerabilities in Q3 2024by Alexander Kolesnikov on December 6, 2024 at 10:00 am
The report contains statistics on vulnerabilities and exploits, with an analysis of interesting vulnerabilities found in Q3 2024, such as regreSSHion
- Kaspersky Security Bulletin 2024. Statisticsby AMR on December 4, 2024 at 10:00 am
The “Kaspersky Security Bulletin 2024. Statistics” report contains statistics on cyberthreats for the period from November 2023 through October 2024. It covers such threats as financial malware, ransomware, miners, malware for IoT and macOS, vulnerabilities and others.
- Сrimeware and financial cyberthreats in 2025by GReAT on November 14, 2024 at 9:00 am
Kaspersky’s GReAT looks back on the 2024 predictions about financial and crimeware threats, and explores potential cybercrime trends for 2025.
- Threats in space (or rather, on Earth): internet-exposed GNSS receiversby Isabel Manjarrez on November 13, 2024 at 10:00 am
Internet-exposed GNSS receivers pose a significant threat to sensitive operations. Kaspersky shares statistics on internet-exposed receivers for July 2024 and advice on how to protect against GNSS attacks.
- Risk reduction redefined: How compromise assessment helps strengthen cyberdefensesby Victor Sergeev, Amged Wageh, Ahmed Khlief on October 29, 2024 at 2:00 pm
Kaspersky experts analyze cyberdefense weak points, including patch management, policy violations and MSSP issues, and real-world cases where compromise assessment helped detect and mitigate incidents.
- The Crypto Game of Lazarus APT: Investors vs. Zero-daysby Boris Larin, Vasily Berdnikov on October 23, 2024 at 11:00 am
Kaspersky GReAT experts break down the new campaign of Lazarus APT which uses social engineering and exploits a zero-day vulnerability in Google Chrome for financial gain.
- SAS CTF and the many ways to persist a kernel shellcode on Windows 7by Igor Kuznetsov, Boris Larin on October 17, 2024 at 10:00 am
In this article we solve the most difficult SAS CTF challenge based on the APT technique to introduce and persist a kernel shellcode on Windows 7.
- Whispers from the Dark Web Cave. Cyberthreats in the Middle Eastby Vera Kholopova, Kaspersky Security Services on October 14, 2024 at 7:00 am
The Kaspersky Digital Footprint Intelligence team shares insights into the H1 2024 Middle Eastern cyberthreat landscape: hacktivism, initial access brokers, ransomware, stealers, and so on.