Head Mare and Twelve join forces to attack Russian entities read file error: read notes: is a directory... 2025-3-13 10:0:33 | 阅读: 39 | 收藏 | Securelist - securelist.com windows mare attackers username twelve

Incident response analyst report 2024 read file error: read notes: is a directory... 2025-3-12 08:0:21 | 阅读: 63 | 收藏 | Securelist - securelist.com security ransomware gert tendency

DCRat backdoor returns read file error: read notes: is a directory... 2025-3-11 10:0:13 | 阅读: 37 | 收藏 | Securelist - securelist.com dcrat c2 software attackers dubbed

SideWinder targets the maritime and nuclear sectors with an updated toolset read file error: read notes: is a directory... 2025-3-10 10:15:13 | 阅读: 41 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com loader security malicious attacker maritime

Trojans disguised as AI: Cybercriminals exploit DeepSeek’s popularity DeepSeek-R1发布后迅速流行,吸引了网络犯罪分子创建假冒网站分发恶意软件,窃取用户数据,甚至控制设备。部分攻击针对中文用户,伪装成AI客户端诱导下载。专家提醒用户谨慎访问来源不明的链接,避免泄露个人信息和设备被控风险。... 2025-3-6 10:0:4 | 阅读: 21 | 收藏 | Securelist - securelist.com deepseek malicious client python victim

Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool read file error: read notes: is a directory... 2025-3-5 10:0:38 | 阅读: 27 | 收藏 | Securelist - securelist.com malicious miner loader youtube strikes

Mobile malware evolution in 2024 2024年Kaspersky统计显示，全球共阻止3330万次恶意软件、广告软件等攻击，其中广告软件占35%。新型恶意软件如Mamont银行木马和NFC诈骗技术出现，部分恶意程序通过Google Play等官方应用商店传播。... 2025-3-3 10:0:49 | 阅读: 25 | 收藏 | Securelist - securelist.com trojan banker turkey triada unwanted

The SOC files: Chasing the web shell read file error: read notes: is a directory... 2025-2-28 04:0:11 | 阅读: 41 | 收藏 | Securelist - securelist.com memory 7e attackers analysis

Exploits and vulnerabilities in Q4 2024 2024年第四季度漏洞数量增加但公开 exploits 减少，攻击者利用未记录 RPC 接口和 Windows 认证机制。微软 Office 和 WinRAR 漏洞突出，Linux 系统需关注内核组件更新。... 2025-2-26 10:0:8 | 阅读: 28 | 收藏 | Securelist - securelist.com q4 software windows improper

The GitVenom campaign: cryptocurrency theft using GitHub GitVenom活动通过在GitHub上创建伪装成合法项目的恶意仓库来诱骗开发者下载并执行恶意代码。这些项目包含虚假功能描述和恶意脚本，旨在窃取敏感信息、控制设备或劫持加密货币交易。该活动已持续数年，并在全球范围内对开发者构成威胁。... 2025-2-24 09:26:58 | 阅读: 22 | 收藏 | Securelist - securelist.com malicious attackers github gitvenom python

Angry Likho: Old beasts in a new forest Angry Likho是一个APT组织，自2023年起活跃于网络攻击领域。该组织主要针对俄罗斯及白俄罗斯的政府机构和大型企业展开定向攻击。其常用手段包括发送钓鱼邮件，附件中包含恶意LNK文件及RAR档案。这些恶意软件通常会植入Lumma stealer等工具，用于窃取敏感数据如浏览器记录、密码及加密货币钱包信息。该组织在2024年6月及2025年1月期间展现了新的攻击活动迹象。... 2025-2-21 10:0:21 | 阅读: 37 | 收藏 | Securelist - securelist.com shop malicious likho angry payload

Managed detection and response in 2024 Kaspersky MDR服务提供全天候监控和威胁检测。2024年报告指出高严重性事件减少但复杂性增加，工业、金融和政府行业受攻击最多。Living off the Land技术广泛使用。... 2025-2-20 08:0:24 | 阅读: 15 | 收藏 | Securelist - securelist.com mdr security attackers threats equipped

Spam and phishing in 2024 read file error: read notes: is a directory... 2025-2-19 10:0:31 | 阅读: 44 | 收藏 | Securelist - securelist.com phishing malicious fraudsters victim facebook

StaryDobry ruins New Year’s Eve, delivering miner instead of presents 网络犯罪分子在12月31日发起大规模感染活动，通过恶意游戏分发XMRig挖矿软件，主要针对俄罗斯、巴西、德国等国家的用户，利用复杂的执行链和防御技术进行攻击。... 2025-2-18 10:0:49 | 阅读: 24 | 收藏 | Securelist - securelist.com systemroot unrar fingerprint decrypted miner

Investors, Trump and the Illuminati: What the “Nigerian prince” scams became in 2024 本文介绍了“尼日利亚”垃圾邮件的常见类型和特征，包括伪装成富人捐赠、政府补偿、彩票中奖、网络交友及商业投资等骗局。这些邮件通常包含错误和低质量翻译，并通过社会工程学手段诱导受害者回复或提供个人信息。防范建议包括避免回应未知发件人及注意邮件中的不一致和错误。... 2025-2-5 12:0:5 | 阅读: 24 | 收藏 | Securelist - securelist.com nigerian recipient victim trump fund

Take my money: OCR crypto stealers in Google Play and App Store 这篇文章介绍了名为“SparkCat”的恶意软件，该软件通过嵌入到Google Play和App Store中的合法应用传播，下载量超过24万次。它利用OCR技术扫描用户相册中的图片，寻找加密钱包恢复短语并发送至攻击者服务器。该恶意软件还使用了Rust语言编写的自定义协议进行通信，并首次出现在苹果应用商店中。... 2025-2-5 08:0:16 | 阅读: 26 | 收藏 | Securelist - securelist.com malicious c2 trojan library gallery

Take my money: OCR crypto stealers in Google Play and App Store 这篇文章总结了苹果公司从App Store中移除了嵌入恶意SDK的应用程序。这些应用程序通过OCR技术窃取用户的加密钱包恢复短语，并利用Rust语言进行通信。该恶意软件影响了Android和iOS用户，并最终于2025年6月被苹果移除。... 2025-2-5 08:0:16 | 阅读: 20 | 收藏 | Securelist - securelist.com malicious c2 trojan library gallery

One policy to rule them all Windows group policies are a powerful management tool that allows administrators to de... 2025-1-31 10:0:2 | 阅读: 11 | 收藏 | Securelist - securelist.com gpo sysvol windows attackers

No need to RSVP: a closer look at the Tria stealer campaign IntroductionSince mid-2024, we’ve observed a malicious Android campaign leveraging we... 2025-1-30 08:0:12 | 阅读: 25 | 收藏 | Securelist - securelist.com apk tria malicious stealer malaysia

Threat predictions for industrial enterprises 2025 Kaspersky Security Bulletin... 2025-1-29 10:0:37 | 阅读: 17 | 收藏 | Securelist - securelist.com security network developers attackers