Tag: kaspersky

Russian media, academia targeted in espionage campaign using Google Chrome zero-day exploit

Mar 27, 2025 3:34 PM

Tags: attack, browser, chrome, espionage, exploit, google, kaspersky, russia, zero-day

“We have discovered and reported dozens of zero-day exploits actively used in attacks, but this particular exploit is certainly one of the most interesting we’ve encountered,” researchers from Kaspersky said in their analysis published Tuesday. First seen on therecord.media Jump to article: therecord.media/russian-media-academia-targeted-in-espionage-campaign
Google Hastily Patches Chrome Zero-Day Exploited by APT

Mar 26, 2025 8:35 PM

Tags: apt, attack, browser, chrome, cyber, espionage, exploit, google, kaspersky, phishing, vulnerability, zero-day

Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/google-patches-chrome-zero-day-exploited-apt
APT Hackers Exploit Google Chrome Zero-Day in Operation ForumTroll to Bypass Sandbox Protections

Mar 26, 2025 1:13 PM

Tags: apt, attack, browser, chrome, cyber, email, exploit, google, hacker, kaspersky, malicious, phishing, zero-day

In mid-March 2025, Kaspersky researchers uncovered a sophisticated APT attack, dubbed Operation ForumTroll, which leveraged a previously unknown zero-day exploit in Google Chrome. This exploit allowed attackers to bypass Chrome’s sandbox protections, a critical security feature designed to isolate and contain malicious code. The attack was initiated through personalized phishing emails, which directed victims to…
CVE-2025-2783: Chrome Zero-Day Exploited in State-Sponsored Espionage Campaign

Mar 26, 2025 12:14 AM

Tags: browser, chrome, cve, cyber, espionage, exploit, google, kaspersky, zero-day

Kaspersky Labs has uncovered a sophisticated cyber-espionage campaign”, dubbed Operation ForumTroll”, leveraging a previously unknown Google Chrome zero-day exploit, now First seen on securityonline.info Jump to article: securityonline.info/cve-2025-2783-chrome-zero-day-exploited-in-state-sponsored-espionage-campaign/
Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky

Mar 26, 2025 12:14 AM

Tags: attack, browser, chrome, cve, exploit, google, kaspersky, remote-code-execution, vulnerability, zero-day

The vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks in Russian. The post Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/google-patches-chrome-sandbox-escape-zero-day-caught-by-kaspersky/
Privacy Roundup: Week 12 of Year 2025

Mar 24, 2025 6:13 PM

Tags: access, antivirus, apple, attack, breach, cctv, credentials, crypto, cybersecurity, data, detection, exploit, firmware, google, government, group, iran, kaspersky, korea, leak, linux, malicious, malware, mfa, microsoft, mobile, network, north-korea, password, phishing, privacy, programming, regulation, router, russia, scam, service, software, spyware, startup, technology, threat, tool, unauthorized, virus, vpn, vulnerability, wifi, windows

This is a news item roundup of privacy or privacy-related news items for 16 MAR 2025 – 22 MAR 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers

Mar 21, 2025 1:13 PM

Tags: attack, control, kaspersky, russia, threat, tool

Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal.”Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized command-and-control (C2) servers exclusively linked to Twelve prior to these incidents,” the company said. “This suggests First seen…
2024: 35 Prozent der Angriffe dauerten länger als einen Monat

Mar 21, 2025 12:13 PM

Tags: cyberattack, germany, incident response, kaspersky

Cyberangriffe stellen für Unternehmen in Deutschland weiterhin eine erhebliche Herausforderung dar. Laut dem Incident Response 2024 Report von Kaspersky waren im vergangenen Jahr 69 Prozent der deutschen Unternehmen von mindestens einem Cybersicherheitsvorfall betroffen, 31 Prozent erlebten sogar mehrere Angriffe. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/angriffe-laenger-als-einen-monat
Incident Response 2024 Report: 35 Prozent der Cyber-Angriffe dauerten laut Kaspersky länger als einen Monat

Mar 21, 2025 8:13 AM

Tags: cyber, cyberattack, incident response, kaspersky

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/incident-response-2024-report-35-prozent-cyber-angriff-dauer-kaspersky-ein-monat
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users

Mar 20, 2025 5:13 PM

Tags: kaspersky, malware, network, russia, vpn

YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users.”What’s intriguing about this malware is how much it collects,” Kaspersky said in an analysis. “It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla,…
31 Prozent der Cyberangriffe erfolgen über kompromittierte Accounts

Mar 14, 2025 1:52 PM

Tags: cyberattack, kaspersky

Cyberkriminelle setzen verstärkt auf gestohlene, aber gültige Account-Daten, um ihre Angriffe zu starten. Eine aktuelle Analyse von Kaspersky zeigt, dass im vergangenen Jahr in 31 Prozent der Sicherheitsvorfälle legitime Accounts den ersten Angriffspunkt darstellten. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cyberangriff-kompromittierte-account
SideWinder APT targets maritime and nuclear sectors with enhanced toolset

Mar 11, 2025 1:54 PM

Tags: apt, group, kaspersky, middle-east

The APT group SideWinder targets maritime and logistics companies across South and Southeast Asia, the Middle East, and Africa. Kaspersky researchers warn that the APT group SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) is targeting maritime, logistics, nuclear, telecom, and IT sectors across South Asia, Southeast Asia, the Middle East, and Africa. SideWinder(also…
SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa

Mar 11, 2025 9:54 AM

Tags: apt, attack, group, kaspersky, middle-east, threat

Maritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have become the target of an advanced persistent threat (APT) group dubbed SideWinder.The attacks, observed by Kaspersky in 2024, spread across Bangladesh, Cambodia, Djibouti, Egypt, the United Arab Emirates, and Vietnam. Other targets of interest include nuclear power plants and nuclear…
APT-Gruppe Sidewinder zielt auf Atomkraftwerke ab

Mar 10, 2025 3:54 PM

Tags: apt, kaspersky, threat

Laut aktuellen Analysen von Kaspersky hat die berüchtigte Advanced-Persistent-Threat (APT) -Gruppe ihre Angriffsstrategien angepasst und ihre geografischen Ziele ausgeweitet. Im Rahmen der jüngsten Spionagekampagne richtet sich Sidewinder nun auch gegen Atomkraftwerke und Energieeinrichtungen. Betroffene Unternehmen finden sich überwiegend in Afrika und Südostasien, aber auch in Teilen Europas, darunter Österreich. Sidewinder ist seit mindestens 2012 […]…
SideWinder greift jetzt auch Atomkraftwerke an

Mar 10, 2025 1:54 PM

Tags: kaspersky, threat

Die berüchtigte Advanced Persistent Threat (APT)-Gruppe SideWinder hat ihre Angriffstaktiken verfeinert und ihre geografische Reichweite erheblich ausgeweitet. Laut aktuellen Analysen von Kaspersky nimmt die Gruppe nun gezielt Atomkraftwerke und Energieeinrichtungen ins Visier. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/sidewinder-atomkraftwerke
Large-scale cryptocurrency miner campaign targets Russian users with SilentCryptoMiner

Mar 10, 2025 12:53 PM

Tags: crypto, Internet, kaspersky, malware, russia, tool, windows

Experts warn of a large-scale cryptocurrency miner campaign targeting Russian users with SilentCryptoMiner. Kaspersky researchers discovered a mass malware campaign spreading SilentCryptoMiner by disguising it as a tool to bypass internet restrictions. While investigating the increased use of Windows Packet Divert (WPD) tools by crooks to distribute malware under this pretense, the researchers spotted the…
SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools

Mar 10, 2025 5:53 AM

Tags: crypto, cybercrime, cybersecurity, Internet, kaspersky, malware, russia, tool, vpn, windows

A new mass malware campaign is infecting users with a cryptocurrency miner named SilentCryptoMiner by masquerading it as a tool designed to circumvent internet blocks and restrictions around online services.Russian cybersecurity company Kaspersky said the activity is part of a larger trend where cybercriminals are increasingly leveraging Windows Packet Divert (WPD) tools to distribute malware…
Banking-Trojaner auf Android-Smartphones explodieren um 196 %

Mar 4, 2025 6:34 PM

Tags: android, banking, kaspersky, network

Kaspersky Security Network weist auf einen deutlichen Anstieg von Banking-Trojanern um 196 % im Jahr 2024 auf Android-Smartphones hin. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/online-betrug/banking-trojaner-auf-android-smartphones-explodieren-um-196-311126.html
33.3 Million Cyber Attacks Targeted Mobile Devices in 2024 as Threats Surge

Mar 3, 2025 7:34 PM

Tags: adware, attack, cyber, kaspersky, malware, mobile, software, threat

Kaspersky’s latest report on mobile malware evolution in 2024 reveals a significant increase in cyber threats targeting mobile devices. The security firm’s products blocked a staggering 33.3 million attacks involving malware, adware, or unwanted mobile software throughout the year. Mobile Malware Landscape Evolves with New Distribution Schemes Adware continued to dominate the mobile threat landscape,…
Trigon: Latest iOS Kernel Exploit Uncovered

Mar 3, 2025 6:34 AM

Tags: apple, cve, cyber, exploit, kaspersky, vulnerability

A sophisticated kernel exploit leveraging CVE-2023-32434, an integer overflow vulnerability in Apple’s XNU virtual memory subsystem, has been unveiled by security researchers. DubbedTrigon, this exploit chain enables deterministic kernel read/write primitives on A10(X) devices, bypassing Apple’s KTRR and PPL protections through physical memory mapping techniques. Initially exploited in the Operation Triangulation campaign against Kaspersky researchers,…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 35

Mar 2, 2025 12:33 PM

Tags: attack, botnet, exploit, google, group, international, kaspersky, malware, password, ransomware, spam

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. DragonForce Ransomware Group is Targeting Saudi Arabia Massive Botnet Targets M365 with Stealthy Password Spraying Attacks Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2 #StopRansomware: Ghost (Cring) Ransomware…
Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus

Feb 28, 2025 12:34 PM

Tags: attack, kaspersky, malware, russia, threat

The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant.Cybersecurity company Kaspersky is tracking the activity under the name Angry Likho, which it said bears a “strong resemblance” to Awaken Likho…
Operation SalmonSlalom: New Malware Campaign Targets Industrial Organizations in Asia-Pacific

Feb 28, 2025 5:34 AM

Tags: kaspersky, malware

Kaspersky ICS CERT has uncovered a new malware campaign, dubbed >>Operation SalmonSlalom,
GitVenom campaign targets gamers and crypto investors by posing as fake GitHub projects

Feb 26, 2025 8:23 AM

Tags: automation, crypto, github, hacking, kaspersky, malicious, malware, open-source, threat, tool

GitVenom malware campaign targets gamers and crypto investors by posing as open-source projects on GitHub. Kaspersky researchers warn of a malware campaign, dubbed GitVenom, targeting GitHub users. The threat actors behind this campaign created hundreds of fake GitHub repositories with malicious code, disguising them as automation tools, crypto bots, and hacking utilities. The attackers used…
Angry Likho APT Group Resurfaces with New Attacks and Advanced Malware Tactics

Feb 26, 2025 5:23 AM

Tags: apt, attack, group, kaspersky, malware, tactics, threat

Kaspersky Labs has uncovered new activity from Angry Likho, an advanced persistent threat (APT) group that has been First seen on securityonline.info Jump to article: securityonline.info/angry-likho-apt-group-resurfaces-with-new-attacks-and-advanced-malware-tactics/
Australia Bans Kaspersky Over Security Concerns

Feb 25, 2025 9:24 PM

Tags: kaspersky

First seen on scworld.com Jump to article: www.scworld.com/brief/australia-bans-kaspersky-over-security-concerns
Security concerns prompt Australian ban of Kaspersky

Feb 25, 2025 9:24 PM

Tags: kaspersky

First seen on scworld.com Jump to article: www.scworld.com/brief/security-concerns-prompt-australian-ban-of-kaspersky
Hackers Exploit Fake GitHub Repositories to Spread GitVenom Malware

Feb 25, 2025 6:23 PM

Tags: exploit, github, hacker, kaspersky, malware

Kaspersky’s Securelist exposes the GitVenom campaign involving fake GitHub repositories to distribute malware. Targeting developers with seemingly legitimate… First seen on hackread.com Jump to article: hackread.com/hackers-exploit-fake-github-repositories-gitvenom-malware/
200 Malicious GitHub Repositories Distributing Malware to Developers

Feb 25, 2025 1:23 PM

Tags: access, crypto, cyber, data, github, kaspersky, malicious, malware, threat

A sophisticated malware campaign dubbedGitVenomhas infected over 200 GitHub repositories, targeting developers with fake projects masquerading as legitimate tools. The repositories, active for nearly two years, deploy stealers, remote access Trojans (RATs), and clippers to compromise systems and steal sensitive data, including cryptocurrency wallets. According to the Kaspersky Report, Security researchers estimate the threat actors…
Australia Bans Public Agencies From Using Kaspersky Software

Feb 25, 2025 12:22 AM

Tags: government, kaspersky, network, office, risk, software, virus

Citing Security Concerns, Australia Joins Others in Banning Anti-Virus Products. The Australian Department of Home Affairs on Friday banned the use of Kaspersky Labs products in public offices citing an unacceptable security risk to the government networks and data. All government offices must uninstall all Kaspersky products and report the completion of the task to…