Cyberattackers often view small and medium-sized businesses (SMBs) as easier targets, assuming their security measures are…
Category: News
How the Batavia spyware targeting Russian organizations works
Introduction Since early March 2025, our systems have recorded an increase in detections of similar files…
Deconstructing RACF in z/OS and uncovering security issues
In our previous article we dissected penetration testing techniques for IBM z/OS mainframes protected by the…
The Solidity Language open-source package was used in a $500,000 crypto heist
Attacks that leverage malicious open-source packages are becoming a major and growing threat. This type of…
What is UserAssist and how to use it in IR activities?
Introduction As members of the Global Emergency Response Team (GERT), we work with forensic artifacts on…
GhostContainer backdoor for Exchange servers
In a recent incident response (IR) case, we discovered highly customized malware targeting Exchange infrastructure within…
Kaspersky industrial threat report for Q1 2025
Trends Relative stability from quarter to quarter. The percentage of ICS computers on which malicious objects…
Dero miner spreads inside containerized Linux environments
Introduction Imagine a container zombie outbreak where a single infected container scans the internet for an…
Evolution of Zanubis, a banking Trojan for Android
Introduction Zanubis is a banking Trojan for Android that emerged in mid-2022. Since its inception, it…
Vulnerability landscape analysis for Q1 2025
The first quarter of 2025 saw the continued publication of vulnerabilities discovered and fixed in 2024,…