Exploit This

Security News, Exploits, and Vulnerabilities.

IT threat evolution Q2 2017

The threat from ransomware continues to grow. Between April 2016 and March 2017, we blocked ransomware on the computers of 2,581,026 Kaspersky Lab customers. In May, we saw the biggest ransomware epidemic in history, called WannaCry.

IT threat evolution Q2 2017. Statistics

According to KSN data, Kaspersky Lab solutions detected and repelled 342, 566, 061 malicious attacks from online resources located in 191 countries all over the world.

The NukeBot banking Trojan: from rough drafts to real threats

This spring, the author of the NukeBot banking Trojan published the source code of his creation. Now, three months after the source code was published, we decided to have a look at what has changed in the banking malware landscape.

KSN Report: Ransomware in 2016-2017

In early 2017, Kaspersky Lab’s researchers have discovered an emerging and dangerous trend: more and more cybercriminals are turning their attention from attacks against private users to targeted ransomware attacks against businesses.

Dridex: A History of Evolution

In the several years that the Dridex family has existed, there have been numerous unsuccessful attempts to block the botnet’s activity. The ongoing evolution of the malware demonstrates that the cybercriminals are not about to bid farewell to their brainchild, which is providing them with a steady revenue stream.

IT threat evolution Q1 2017. Statistics

According to KSN data, Kaspersky Lab solutions detected and repelled 479,528,279 malicious attacks from online resources located in 190 countries all over the world. File antivirus detected a total of 174,989,956 unique malicious and potentially unwanted objects.

IT threat evolution Q1 2017

We’ve become accustomed to seeing a steady stream of security breaches month after month; and this quarter has been no exception, including attacks on Barts Health Trust, Sports Direct, Intercontinental Hotels Group and ABTA.

ATMitch: remote administration of ATMs

In February 2017, we published research on fileless attacks against enterprise networks. This second paper is about the methods and techniques that were used by the attackers in the second stage of their attacks against financial organizations – basically enabling remote administration of ATMs.

Lazarus Under The Hood

Today we’d like to share some of our findings, and add something new to what’s currently common knowledge about Lazarus Group activities, and their connection to the much talked about February 2016 incident, when an unknown attacker attempted to steal up to $851M USD from Bangladesh Central Bank.

PetrWrap: the new Petya-based ransomware used in targeted attacks

This year we found a new family of ransomware used in targeted attacks against organizations. After penetrating an organization’s network the threat actors used the PsExec tool to install ransomware on all endpoints and servers in the organization. The next interesting fact about this ransomware is that the threat actors decided to use the well-known Petya ransomware to encrypt user data.

%d bloggers like this: