Kaspersky Archives - Cyber Security Minute

CommonMagic APT Campaign Broadens Target Scope to Central and Western Ukraine

Issued by: Dark Reading

Kaspersky researchers have provided further details on the CommonMagic campaign, which was first observed in March targeting companies in the Russo-Ukrainian conflict area. The new research reveals more sophisticated malicious activities from the same threat actor. The investigation identified that the newly-discovered framework has expanded its victimology to include organizations in Central and Western Ukraine….

Malware & Threats

QBot Malware Infects Over 800 Corporate Users in New, Ongoing Campaign

Issued by: Security Week

Also known as Qakbot and Pinkslipbot, QBot is an information stealer with backdoor and self-spreading capabilities that has been around since 2009 and which is often used as the initial infection vector in malicious attacks. Earlier this year, QBot was distributed in attacks exploiting Follina, a Microsoft Support Diagnostic Tool (MSDT) vulnerability tracked as CVE-2022-30190,…

Network Security

Many Industrial Firms Say Cybersecurity Systems Cause Problems to Operations

Issued by: Security Week

Kaspersky reported recently that it only saw a small increase in the percentage of industrial control system (ICS) computers targeted in 2021, compared to the previous year. However, of the more than 300 respondents who took part in the latest survey, half reported seeing an increase in security incidents affecting ICS or other operational technology…

Malware & Threats

Mobile Malware Attacks Dropped in 2021 but Sophistication Increased

Issued by: Security Week

The cybersecurity firm’s products detected nearly 3.5 million malicious installation packages on mobile devices in 2021, far less than the 5.7 million detected in the previous year. However, it’s worth noting that the number recorded in 2021 is almost exactly the same as in 2019. A majority of these infection attempts targeted users in Asian…

Malware & Threats

Thousands of Industrial Systems Targeted With New ‘PseudoManuscrypt’ Spyware

Issued by: Security Week

The attacks targeted 35,000 devices in 195 countries between January and November 2021, including devices housed by high-profile organizations. Roughly seven percent of the targets were ICS, with the engineering and building automation sectors being most impacted. Attacks were also aimed at military industrial enterprises and research laboratories. In many cases, the attackers targeted engineering…

Malware & Threats

North Korean Hackers Targeting IT Supply Chain: Kaspersky

Issued by: Security Week

As part of the observed attacks, the group used an updated DeathNote malware cluster, which includes a slightly modified version of BLINDINGCAN, a piece of malware that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) associated with the group. A new variant of COPPERHEDGE, which Lazarus has been using for at least two years, was…

Malware & Threats

BloodyStealer: Advanced New Trojan Targets Accounts of Popular Online Gaming Platforms

Issued by: Dark Reading

Kaspersky researchers have discovered an advanced Trojan, dubbed BloodyStealer, sold on darknet forums and used to steal gamers’ accounts on popular gaming platforms, including Steam, Epic Games Store, and EA Origin. With features to avoid analysis and detection, a low subscription price, and some interesting capabilities, BloodyStealer is a prime example of the types of…

Mobile Security

Installing unknown apps in Android: a safety guide

Issued by: Kaspersky Blog

For Android users, installing applications from Google Play, and Google Play only, is the wise choice. With its strong safety rules, official app monitoring, plentiful user reviews, and security researcher scrutiny, Android’s official store tends to be a safe place for downloading apps. Even when malware does make it to Google Play, it is quickly…

Vulnerabilities

Mac Malware Used in Attacks Targeting Industrial Organizations in Middle East

Issued by: Security Week

Dubbed WildPressure, the campaign started in May 2019 and for more than a year it involved only a Windows version of a malware named Milum. Earlier this year, however, the campaign’s operators started using new versions of the Trojan, to target macOS systems as well. In addition to the initially observed C++ iteration of the…

Vulnerabilities

SAS postscript: Webinar on IT security vulnerabilities in healthcare

Issued by: Kaspersky Blog

Each year, the Kaspersky Security Analyst Summit (SAS) brings together cybersecurity specialists from all over the world to share expertise, discuss new trends, and present their research. For those who can’t attend this year’s event but still want to get acquainted with the latest research, we’ve planned a series of webinars that will cover major SAS findings….