Kaspersky Security Bulletin 2025. Statistics Kaspersky报告指出2024年11月至2025年10月期间全球网络安全威胁情况：48% Windows用户和29% macOS用户遇 cyberthreats；网络威胁影响 CIS地区最高（34%），本地威胁在非洲最常见（41%）；密码窃取攻击和间谍软件攻击分别增长近1.6倍和1.5倍；APAC地区密码窃取检测激增132%。报告还披露了Tomiris、ToddyCat APT、BlueNoroff APT及Dante间谍软件相关活动。... 2025-12-2 10:7:3 | 阅读: 19 | 收藏 | Securelist - securelist.com threats stealer security spyware encountered

Tomiris wreaks Havoc: New tools and techniques of the APT group While tracking the activities of the Tomiris threat actor, we identified new malicious... 2025-11-28 07:0:6 | 阅读: 15 | 收藏 | Securelist - securelist.com tomiris hxxp hxxps python

Old tech, new vulnerabilities: NTLM abuse, ongoing exploitation in 2025 Just like the 2000sFlip phones grew popular, Windows XP debuted on personal computers... 2025-11-26 10:0:2 | 阅读: 16 | 收藏 | Securelist - securelist.com windows attacker attackers client

To buy or not to buy: How cybercriminals capitalize on Black Friday The global e‑commerce market is accelerating faster than ever before, driven by expand... 2025-11-24 12:30:49 | 阅读: 46 | 收藏 | Securelist - securelist.com phishing malicious friday disguised trojan

ToddyCat: your hidden email assistant. Part 1 IntroductionEmail remains the main means of business correspondence at organizations.... 2025-11-21 10:0:33 | 阅读: 15 | 收藏 | Securelist - securelist.com ost microsoft attackers windows upath

Inside the dark web job market Research... 2025-11-20 11:37:0 | 阅读: 12 | 收藏 | Securelist - securelist.com seekers shadow recruitment labor employment

Blockchain and Node.js abused by Tsundere: an emerging botnet IntroductionTsundere is a new botnet, discovered by our Kaspersky GReAT around mid-20... 2025-11-20 10:0:13 | 阅读: 18 | 收藏 | Securelist - securelist.com tsundere c2 powershell bots nodejs

IT threat evolution in Q3 2025. Mobile statistics IT threat evolution in Q3 2025. Mobile statisticsIT threat evolution in Q3 2025. Non-... 2025-11-19 10:0:34 | 阅读: 9 | 收藏 | Securelist - securelist.com trojan banker triada trojans mamont

IT threat evolution in Q3 2025. Non-mobile statistics IT threat evolution in Q3 2025. Mobile statisticsIT threat evolution in Q3 2025. Non-... 2025-11-19 10:0:2 | 阅读: 13 | 收藏 | Securelist - securelist.com ransomware territory trojan quarter download

Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs BlueNoroff网络犯罪组织针对区块链和Web3行业高管及开发者实施SnatchCrypto行动，采用GhostCall和GhostHire两种策略：前者通过伪造Zoom会议诱骗用户下载恶意软件；后者伪装招聘人员让开发者执行恶意项目。该组织利用AI生成视频、图像，并借助GitHub、Telegram等平台分发恶意软件。其攻击链复杂且模块化设计以规避安全检测。... 2025-10-28 03:0:11 | 阅读: 57 | 收藏 | Securelist - securelist.com payload c2 loader malicious windows

Mem3nt0 mori – The Hacking Team is back! 嗯，用户让我总结一下这篇文章的内容，控制在100字以内，而且不需要用“文章内容总结”之类的开头。首先，我需要通读整篇文章，抓住主要信息。 文章讲的是Kaspersky在2025年3月检测到的一波网络攻击。攻击者通过钓鱼邮件发送个性化链接，用户点击后访问恶意网站，利用Chrome的零日漏洞CVE-2025-2783进行攻击。这个漏洞允许攻击者绕过Chrome的沙盒保护，最终植入间谍软件Dante。 Dante是由意大利公司Memento Labs开发的商业间谍软件，之前称为Hacking Team。文章还提到攻击活动被命名为Operation ForumTroll，主要针对俄罗斯和白俄罗斯的组织。 总结的时候要注意时间、攻击方式、漏洞、间谍软件和目标。控制在100字以内，所以要简洁明了。 </think> Kaspersky detected a sophisticated cyberattack in March 2025, targeting organizations in Russia and Belarus via personalized phishing emails. The campaign, named Operation ForumTroll, exploited a zero-day vulnerability (CVE-2025-2783) in Google Chrome to bypass its sandbox protection. The attack chain involved a malicious website that executed an exploit to download and install malware, including a spyware called Dante developed by Memento Labs (formerly Hacking Team). The operation primarily aimed at espionage through keylogging and file theft.... 2025-10-27 03:0:20 | 阅读: 83 | 收藏 | Securelist - securelist.com dante spyware forumtroll chrome attackers

Deep analysis of the flaw in BetterBank reward logic 2025年8月，去中心化金融协议BetterBank因奖励系统漏洞遭攻击，损失约500万美元数字资产。攻击者利用虚假流动性池触发ESTEEM奖励机制，最终追回部分资金，净损失约140万美元。该漏洞源于协议未验证交易池合法性，此前安全审计已发现但未修复。... 2025-10-22 10:0:14 | 阅读: 17 | 收藏 | Securelist - securelist.com attacker liquidity esteem favor betterbank

The evolving landscape of email phishing attacks: how threat actors are reusing and refining established techniques 文章探讨了2025年网络钓鱼攻击的新趋势，包括使用PDF文件中的QR码和密码保护技术、日历事件钓鱼、语音信息钓鱼以及绕过多因素认证的方法。这些技术增加了攻击的隐蔽性和成功率，提醒用户需提高警惕并加强安全培训。... 2025-10-21 10:0:6 | 阅读: 41 | 收藏 | Securelist - securelist.com phishing pcloud security attackers qr

PassiveNeuron: a sophisticated campaign targeting servers of high-profile organizations PassiveNeuron活动针对政府、金融和工业组织的服务器，利用SQL注入部署恶意软件如Neursite和NeuralExecutor，并通过DLL加载器确保持久性。攻击者可能来自中文威胁行为者。给出了多个IOC指标以供检测。... 2025-10-21 08:0:52 | 阅读: 25 | 收藏 | Securelist - securelist.com attackers c2 neursite loader

Post-exploitation framework now also delivered via npm AdaptixC2框架被滥用为网络攻击工具，通过npm生态中的恶意包https-proxy-utils传播。该包伪装成代理工具，在安装时植入后门程序，并针对Windows、Linux和macOS系统进行定制化攻击，带来严重的远程控制风险。... 2025-10-17 10:0:33 | 阅读: 25 | 收藏 | Securelist - securelist.com adaptixc2 proxy cloudcenter malicious windows

SEO spam and hidden links: how to protect your website and your reputation 文章讨论了合法网站因包含隐藏的HTML块而被错误分类为“成人内容”的问题。这些隐藏块包含指向色情或赌博网站的链接及关键词，属于SEO垃圾技术。攻击者通过利用网站漏洞植入这些块以提高不良网站排名。文章分析了隐藏链接的工作原理、检测方法及防范措施。... 2025-10-17 07:0:55 | 阅读: 24 | 收藏 | Securelist - securelist.com blank mobi cassino overflow porn

Maverick: a new banking Trojan abusing WhatsApp in a mass-scale distribution read file error: read notes: is a directory... 2025-10-15 13:0:43 | 阅读: 18 | 收藏 | Securelist - securelist.com c2 trojan maverick brazil shellcode

Mysterious Elephant: a growing threat read file error: read notes: is a directory... 2025-10-15 10:0:11 | 阅读: 27 | 收藏 | Securelist - securelist.com elephant mysterious exfiltrator c2 memloader

Signal in the noise: what hashtags reveal about hacktivism in 2025 研究分析了2025年网络激进主义活动的模式与趋势,发现其战术以高可见性和易执行性为主,而非技术复杂性。Telegram成为主要策划平台,标签广泛用于协调行动与宣传,DDoS攻击占比最高。尽管聚焦中东地区,但目标遍布全球,建议加强DDoS防护与开放渠道监测。... 2025-10-14 10:0:9 | 阅读: 98 | 收藏 | Securelist - securelist.com hacktivist hashtags monitoring threats political

The king is dead, long live the king! Windows 10 EOL and Windows 11 forensic artifacts Windows 11引入了新的取证功能和变化，包括Recall截屏和AI分析、Notepad多标签支持及未保存内容存储、Windows Search从ESE转为SQLite数据库等。这些变化为取证分析提供了新工具和挑战。... 2025-10-14 08:0:57 | 阅读: 106 | 收藏 | Securelist - securelist.com windows artifacts recall microsoft uleb128