In March 2025, Kaspersky detected a wave of infections that occurred when users clicked on personalized…
Category: News
BlueNoroff's latest campaigns: GhostCall and GhostHire
Introduction Primarily focused on financial gain since its appearance, BlueNoroff (aka. Sapphire Sleet, APT38, Alluring Pisces,…
SOC files: an APT41 attack on government IT services in Africa
Introduction Some time ago, Kaspersky MDR analysts detected a targeted attack against government IT services in…
ToolShell: a story of five vulnerabilities in Microsoft SharePoint
On July 19–20, 2025, various security companies and national CERTs published alerts about active exploitation of…
Targeted attacks leverage accounts on popular online platforms as C2 servers
Introduction In the latter half of 2024, the Russian IT industry, alongside a number of entities…
ThrottleStop driver abused to terminate AV processes
Introduction In a recent incident response case in Brazil, we spotted intriguing new antivirus (AV) killer…
Efimer Trojan delivered via email and hacked WordPress websites
Introduction In June, we encountered a mass mailing campaign impersonating lawyers from a major company. These…
Phishing and scams: how fraudsters are deceiving users in 2025
Introduction Phishing and scams are dynamic types of online fraud that primarily target individuals, with cybercriminals…
PipeMagic in 2025: How the backdoor operators’ tactics have changed
In April 2025, Microsoft patched 121 vulnerabilities in its products. According to the company, only one…
Gh0st RAT-based GodRAT attacks financial organizations
Summary In September 2024, we detected malicious activity targeting financial (trading and brokerage) firms through the…