Modern vehicles are transforming into full-fledged digital devices that offer a multitude of features, from common…
Category: News
The new SparkKitty Trojan spy in the App Store and Google Play
{{if ext==”ipa”}} {{else}} {{/if}} <div class=“t-name”> <div class=“tit”> {{if ext==“ipa”}} <i class=“iconfont icon-iphone” style=“font-size:inherit;margin-right:5px”></i> {{else}} <i…
Kaspersky 2025 SMB threat report
Cyberattackers often view small and medium-sized businesses (SMBs) as easier targets, assuming their security measures are…
How the Batavia spyware targeting Russian organizations works
Introduction Since early March 2025, our systems have recorded an increase in detections of similar files…
Deconstructing RACF in z/OS and uncovering security issues
In our previous article we dissected penetration testing techniques for IBM z/OS mainframes protected by the…
The Solidity Language open-source package was used in a $500,000 crypto heist
Attacks that leverage malicious open-source packages are becoming a major and growing threat. This type of…
What is UserAssist and how to use it in IR activities?
Introduction As members of the Global Emergency Response Team (GERT), we work with forensic artifacts on…
GhostContainer backdoor for Exchange servers
In a recent incident response (IR) case, we discovered highly customized malware targeting Exchange infrastructure within…
Kaspersky industrial threat report for Q1 2025
Trends Relative stability from quarter to quarter. The percentage of ICS computers on which malicious objects…
Dero miner spreads inside containerized Linux environments
Introduction Imagine a container zombie outbreak where a single infected container scans the internet for an…