Exploit This

Security News, Exploits, and Vulnerabilities.

From BlackEnergy to ExPetr

To date, nobody has been able to find any significant code sharing between ExPetr/Petya and older malware. Given our love for unsolved mysteries, we jumped right on it. We’d like to think of this ongoing research as an opportunity for an open invitation to the larger security community to help nail down (or disprove) the link between BlackEnergy and ExPetr/Petya.

Kaspersky Security Bulletin 2016. Review of the year. Overall statistics for 2016

2016 was a tense and turbulent year in cyberspace – from the massive IoT botnets and ransomware to targeted cyberespionage attacks, financial theft, ‘hacktivism’ and more. Kaspersky Lab’s Review of the Year and Statistics provide a detailed review – you can read the Executive Summary here.

BlackEnergy APT Attacks in Ukraine employ spearphishing with Word documents

Few days ago, we came by a new document that appears to be part of the ongoing attacks BlackEnergy against Ukraine. Unlike previous Office files used in the recent attacks, this is not an Excel workbook, but a Microsoft Word document.

BE2 Extraordinary Plugins, Siemens Targeting, Dev Fails

Our November post introducing our BlackEnergy2 (BE2) research described new findings on the group’s activity. We presented both details on their plugins and significant findings about some of their targets and victims. In this post, let’s examine several additional plugins more… Read Full Article

%d bloggers like this: