Tag: kaspersky
-
Analyzing evolution of the PipeMagic malware
Hackers exploited Windows flaw CVE-2025-29824 to deploy PipeMagic malware in RansomExx attacks, Kaspersky revealed. A joint report fromKasperskyandBI.ZONEanalyzed the evolution of PipeMagic malware from its first detection in 2022 to new infections observed in 2025. The researchers identified key changes in its operators’ tactics. BI.ZONE experts focused on a technical analysis of the CVE-2025-29824 vulnerability…
-
gamescom 2025 voraus: Kaspersky warnt Gamer vor Cyberkriminellen
Tags: kasperskyFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/gamescom-2025-kaspersky-warnung-gamer-cyberkriminelle
-
Efimer-Trojaner: Kaspersky warnt vor Attacken auf Organisationen via Phishing-Mails
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/efimer-trojaner-kaspersky-warnung-attacken-organisationen-phishing-mails
-
Efimer-Trojaner: Kaspersky warnt vor Attacken auf Organisationen via Phishing-Mails
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/efimer-trojaner-kaspersky-warnung-attacken-organisationen-phishing-mails
-
Efimer Malicious Script Spreads via WordPress Sites, Torrents, and Email in Massive Attack Wave
Kaspersky researchers have uncovered a widespread campaign involving the Efimer malicious script, a sophisticated Trojan-dropper primarily aimed at stealing cryptocurrency. First detected in June 2025, the malware impersonates legal correspondence from major companies, accusing recipients of domain name infringements and attaching malicious archives that deploy the Efimer stealer. ‘ Named after a comment in its…
-
Hackers Exploit Legitimate Drivers to Disable Antivirus and Weaken System Defenses
Tags: antivirus, cyber, defense, exploit, hacker, kaspersky, malware, ransomware, threat, vulnerabilityThreat actors have been deploying a novel antivirus (AV) killer since at least October 2024, leveraging the legitimate ThrottleStop.sys driver to execute Bring Your Own Vulnerable Driver (BYOVD) tactics. This malware, detected by Kaspersky as Win64.KillAV., systematically terminates AV processes, paving the way for ransomware deployment like the MedusaLocker variant (Trojan-Ransom.Win32.PaidMeme.). The incident began with…
-
>>Polyworking<< erhöht Cybersicherheitsrisiken massiv
Der Trend zu mehreren parallelen Jobs macht junge Arbeitnehmer zur Zielscheibe von Cyberkriminellen. Kaspersky registrierte allein in Deutschland 125.000 Angriffe über gefälschte Arbeitstools. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/polyworking-cybersicherheitsrisiken
-
ToolShell: Uncovering Five Critical Vulnerabilities in Microsoft SharePoint
Security researchers from Kaspersky have detailed a sophisticated exploit chain dubbed >>ToolShell,
-
Google Forms: Kaspersky warnt vor Missbrauch für Krypto-Scam
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/google-forms-kaspersky-warnung-missbrauch-krypto-scam
-
APT41 Hackers Exploiting Atexec and WmiExec Windows Modules for Malware Deployment
Kaspersky MDR analysts recently uncovered a sophisticated targeted attack by the Chinese-speaking cyberespionage group APT41 against government IT services in the African region, marking a notable escalation in the group’s activity on the continent, which had previously seen minimal incidents from this actor. The attackers embedded hardcoded names of internal services, IP addresses, and proxy…
-
China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure
The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region.”The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware,” Kaspersky researchers Denis Kulik and Daniil Pogorelov said. “One of the C2s [command-and-control servers] was a…
-
New GhostContainer Malware Hits High-Value MS Exchange Servers in Asia
Kaspersky’s SecureList reveals GhostContainer, a new, highly customized backdoor targeting government and high-tech organizations in Asia via Exchange server vulnerabilities. Learn how this APT malware operates and how to stay protected. First seen on hackread.com Jump to article: hackread.com/new-ghostcontainer-malware-ms-exchange-servers-asia/
-
Weaponized Games: Threat Actors Target Gen Z Gamers Through Popular Titles
Kaspersky security researchers have discovered sophisticated threat actor activities that take advantage of the digitally native Gen Z population, which was born between 1997 and 2012 and is heavily involved in gaming, streaming, and anime, for malevolent purposes. Over a one-year period from April 1, 2024, Kaspersky documented at least 19 million attempts to disseminate…
-
Spyware Campaign Hits Russian Industrial Firms
Phishing Emails Disguise Malware as Contract Files. A Russian cybersecurity company is warning that hackers are targeting Russia’s industrial sector using a previously undocumented spyware, reeling them in with contract-themed emails lures. Kaspersky dubbed the spyware Batavia. but doesn’t attribute the campaign to a threat actor. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/spyware-campaign-hits-russian-industrial-firms-a-28928
-
New spyware strain steals data from Russian industrial companies
Moscow-based cybersecurity firm Kaspersky said the campaign has already affected over 100 victims across several dozen Russian organizations, but did not disclose the specific targets. First seen on therecord.media Jump to article: therecord.media/spyware-strain-steals-data-russian-industrial-sector
-
Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms
Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia.The activity, per cybersecurity vendor Kaspersky, has been active since July 2024.”The targeted attack begins with bait emails containing malicious links, sent under the pretext of signing a contract,” the Russian company said. “The main goal…
-
Batavia Spyware Targets Employees via Weaponized Word Documents Delivering Malware Payloads
Batavia, an unidentified spyware, has been using a sophisticated phishing operation to target Russian industrial organizations since July 2024. Kaspersky researchers have identified a sharp rise in detections since early March 2025, with over 100 users across dozens of organizations falling prey to bait emails disguised as contract agreements. These emails, often containing file names…
-
FunkSec: Wie KI die nächste Ransomware-Generation formt
Auf der Kaspersky Horizons 2025 in Madrid wird erstmals die hochentwickelte Ransomware-Gruppe FunkSec vorgestellt. Diese neue Cyberbedrohung nutzt Künstliche Intelligenz, um Angriffe in großem Stil durchzuführen und revolutioniert damit das Geschäftsmodell von Cyberkriminellen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/funksec-ki-ransomware
-
Kaspersky plädiert für mehr Transparenz beim Einsatz von künstlicher Intelligenz
Im Rahmen der europäischen Konferenz Kaspersky Horizons, die vom 30. Juni bis 2. Juli 2025 in Madrid stattfindet, ruft Kaspersky zu einem verantwortungsvollen und transparenten Einsatz von künstlicher Intelligenz (KI) auf. Zwar birgt KI großes Potenzial zur Effizienzsteigerung und eröffnet neue Möglichkeiten für Unternehmen und Gesellschaft, gleichzeitig wird sie jedoch zunehmend von Cyberkriminellen für schädliche…
-
Malware in Apps: Godfather 2.0 für Android; SparkKitty in App-Stores
Kleiner Sammelbeitrag rund um das Thema Smartphone-Apps mit Malware an Bord. Aktuell feiert die Android-Malware Godfather 2.0 ihr Comeback bzw. Erfolge beim Raubzügen beim Online-Banking. Zudem haben Sicherheitsforscher von Kaspersky den SparkKitty-Trojaner in Apps aus App-Stores gefunden. Android-Malware Godfather 2.0 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/30/malware-in-apps-godfather-2-0-fuer-android-sparkkitty-in-app-stores/
-
Threat Actors Exploit ChatGPT, Cisco AnyConnect, Google Meet, and Teams in Attacks on SMBs
Threat actors are increasingly leveraging the trusted names of popular software and services like ChatGPT, Cisco AnyConnect, Google Meet, and Microsoft Teams to orchestrate sophisticated cyberattacks. According to a recent report by Kaspersky Lab, SMBs, often perceived as less fortified than larger enterprises, are prime targets for both opportunistic hackers and organized cybercrime groups. Rising…
-
SparkKitty Spyware on App Store and Play Store, Steals Photos for Crypto Data
Kaspersky uncovers SparkKitty, new spyware in Apple App Store Google Play. Steals photos, targets crypto info, active since early 2024 via malicious apps. First seen on hackread.com Jump to article: hackread.com/sparkkitty-spyware-app-store-play-store-steals-photos-crypto/
-
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper.The attack, observed in mid-March 2025 by Positive Technologies, involved the use of a sandbox escape vulnerability tracked as CVE-2025-2783 (CVSS score: 8.3).Google addressed the flaw later that month after Kaspersky…
-
Belarusian hacktivists unfazed by Kaspersky’s report
Tags: kasperskyFirst seen on scworld.com Jump to article: www.scworld.com/brief/belarusian-hacktivists-unfazed-by-kasperskys-report
-
INTERPOL-Led Effort Dismantles Infostealer Malware Network in 26 Countries Across Asia-Pacific Region
INTERPOL partnered with Group-IB, Kaspersky, and Trend Micro to take down a cybercrime network. They alerted more than 216,000 individuals and organizations that were possible victims. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-interpol-operation-secure-cybercrime-asia-pacific/
-
INTERPOL-Led Effort Dismantles Infostealer Malware Network in 26 Countries Across Asia-Pacific Region
INTERPOL partnered with Group-IB, Kaspersky, and Trend Micro to take down a cybercrime network. They alerted more than 216,000 individuals and organizations that were possible victims. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-interpol-operation-secure-cybercrime-asia-pacific/
-
Threat Actors Exploit DeepSeek-R1 Popularity to Target Windows Device Users
A new, highly sophisticated cyberattack campaign is targeting users seeking to download the popular language model DeepSeek-R1, exploiting global interest in large language models (LLMs). Kaspersky researchers have uncovered that threat actors are utilizing malvertising and phishing tactics to distribute previously unknown malware, named BrowserVenom, capable of hijacking victims’ web traffic and stealing sensitive information.…
-
Belarusian hackers taunt Kaspersky over report detailing their attacks
A recent Kaspersky report offers a rare glimpse into the alleged arsenal of politically motivated hackers waging a digital war against authoritarian regimes in Russia and Belarus. First seen on therecord.media Jump to article: therecord.media/belarusian-hackers-taunt-kaspersky-ver-report
-
New Report Highlights the Internet as the Primary Threat to Industrial Automation Systems
A recent report by Kaspersky ICS CERT, released on June 10, 2025, sheds light on the persistent and evolving cyberthreats targeting industrial automation systems (IAS) worldwide during the first quarter of 2025. The comprehensive analysis, based on data from Kaspersky Security Network (KSN), reveals that 21.9% of Industrial Control System (ICS) computers globally encountered malicious…
-
Rare Werewolf APT Uses Legitimate Software in Attacks on Hundreds of Russian Enterprises
The threat actor known as Rare Werewolf (formerly Rare Wolf) has been linked to a series of cyber attacks targeting Russia and the Commonwealth of Independent States (CIS) countries.”A distinctive feature of this threat is that the attackers favor using legitimate third-party software over developing their own malicious binaries,” Kaspersky said. “The malicious functionality of…