- Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721by Anderson Leite on June 6, 2025 at 10:00 am
Kaspersky GReAT experts describe the new features of a Mirai variant: the latest botnet infections target TBK DVR devices with CVE-2024-3721.
- Exploits and vulnerabilities in Q1 2025by Alexander Kolesnikov on May 30, 2025 at 12:00 pm
This report contains statistics on vulnerabilities and published exploits, along with an analysis of the most noteworthy vulnerabilities we observed in the first quarter of 2025.
- Operation SyncHole: Lazarus APT goes back to the wellby Sojun Ryu, Vasily Berdnikov on April 24, 2025 at 5:00 am
Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.
- How ToddyCat tried to hide behind AV softwareby Andrey Gunkin on April 7, 2025 at 10:00 am
While analyzing a malicious DLL library used in attacks by APT group ToddyCat, Kaspersky expert discovered the CVE 2024-11859 vulnerability in a component of ESET’s EPP solution.
- Exploits and vulnerabilities in Q4 2024by Alexander Kolesnikov on February 26, 2025 at 10:00 am
This report provides statistics on vulnerabilities and exploits and discusses the most frequently exploited vulnerabilities in Q4 2024.
- Mercedes-Benz Head Unit security research reportby Kaspersky Security Services on January 17, 2025 at 10:00 am
Kaspersky experts analyzed the Mercedes-Benz head unit, its IPC protocols and firmware, and found new vulnerabilities via physical access.
- Attackers exploiting a patched FortiClient EMS vulnerability in the wildby Ashley Muñoz, Francesco Figurelli, Cristian Souza, Eduardo Ovalle, Areg Baghinyan on December 19, 2024 at 12:00 pm
Kaspersky’s GERT experts describe an incident with initial access to enterprise infrastructures through a FortiClient EMS vulnerability that allowed SQL injections.
- Story of the Year: global IT outages and supply chain attacksby Alexander Liskin, Vladimir Kuskov, Igor Kuznetsov, Vitaly Kamluk on December 9, 2024 at 10:00 am
While the CrowdStrike incident is still fresh in our minds, Kaspersky experts look back on similar IT outages that happened in 2024 and predict potential threats for 2025.
- Exploits and vulnerabilities in Q3 2024by Alexander Kolesnikov on December 6, 2024 at 10:00 am
The report contains statistics on vulnerabilities and exploits, with an analysis of interesting vulnerabilities found in Q3 2024, such as regreSSHion
- Kaspersky Security Bulletin 2024. Statisticsby AMR on December 4, 2024 at 10:00 am
The “Kaspersky Security Bulletin 2024. Statistics” report contains statistics on cyberthreats for the period from November 2023 through October 2024. It covers such threats as financial malware, ransomware, miners, malware for IoT and macOS, vulnerabilities and others.
Vulnerabilities and Exploits
We are an ethical website cyber security team and we perform security assessments to protect our clients.