9 matches found
TP-Link Router Botnet
There is a new botnet that is infecting TP-Link routers: The botnet can lead to command injection which then makes remote code execution RCE possible so that the malware can spread itself across the internet automatically. This high severity security flaw tracked as CVE-2023-1389 has also been us...
LockBit ransomware advisory from CISA provides interesting insights
The US Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigation FBI, Multi-State Information Sharing and Analysis Center MS-ISAC, and the cybersecurity authorities of Australia, Canada, United Kingdom, Germany, France, and New Zealand CERT NZ, NCSC-NZ have all...
Managed Detection and Response in 2022
Kaspersky Managed Detection and Response MDR is a service for 24/7 monitoring and response to detected incidents based on technologies and expertise of Kaspersky Security Operations Center SOC team. MDR allows detecting threats at any stage of the attack – both before anything is compromised and...
Incident response analyst report 2020
Download full report PDF The Incident response analyst report provides insights into incident investigation services conducted by Kaspersky in 2020. We deliver a range of services to help organizations when they are in need: incident response, digital forensics and malware analysis. Data in the...
Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents
Targeted ransomware incidents have brought a threat of disruptive and destructive attacks to organizations across industries and geographies. FireEye Mandiant Threat Intelligence has previously documented this threat in our investigations of trends across ransomware incidents, FIN6 activity,...
Threat landscape for smart buildings
The Kaspersky Industrial Cybersecurity Conference 2019 takes place this week in Sochi, the seventh such conference dedicated to the problems of industrial cybersecurity. Among other things, the conference will address the security of automation systems in buildings — industrial versions of the no...
How to steal a million (of your data)
Any user data — from passwords for entertainment services to electronic copies of documents — is highly prized by intruders. The reason is simply that almost any information can be monetized. For instance, stolen data can be used to transfer funds to cybercriminal accounts, order goods or service...
Qualys BrowserCheck CoinBlocker Protects Users From Active Cryptojacking Campaigns
Qualys Malware Research Labs recently released the Qualys BrowserCheck CoinBlocker Chrome Extension. We have seen enthusiastic adoption from users across the globe in the first week since its release, which has given us enough telemetry data to indicate success in protecting users from popular...
Elasticsearch Elastichoney Honeypot Shows 8,000 RCE Attacks
Hackers have taken an interest in Elasticsearch, a popular enterprise search engine. A researcher based in Texas, whose own Elasticsearch server was hacked, today published results collated from a honeypot he built to get a sense of how widespread attacks are against the vulnerability that did in...