Welcome

The zero-day exploits of Operation WizardOpium- Tempemail – Blog – Emails

Back in October 2019 we detected a classic watering-hole attack on a North Korea-related news site that exploited a chain of Google Chrome and Microsoft Windows zero-days. While we’ve already published blog posts briefly describing this operation (available here and here), in this blog post we’d like to take a deep technical dive into the […]

Spam and phishing in Q1 2020- Tempemail – Blog – Emails

Quarterly highlights Don’t get burned Burning Man is one of the most eagerly awaited events among fans of spectacular performance and installation art. The main obstacle to attending is the price of admission: a standard ticket will set you back $475, the number is limited, and the buying process is a challenge all by itself […]

Aggressive in-app advertising in Android- Tempemail – Blog – Emails

Recently, we’ve been noticing ever more dubious advertising libraries in popular apps on Google Play. The monetization methods used in such SDKs can pose a threat to users, yet they pull in more revenue for developers than whitelisted ad modules due to the greater number of views. In this post we will look into a […]

IT threat evolution Q1 2020- Tempemail – Blog – Emails

Targeted attacks and malware campaigns Operation AppleJeus: the sequel In 2018, we published a report on Operation AppleJeus, one of the more notable campaigns of the threat actor Lazarus, currently one of the most active and prolific APT groups. One notable feature of this campaign was that it marked the first time Lazarus had targeted […]

IT threat evolution Q1 2020. Statistics- Tempemail – Blog – Emails

These statistics are based on detection verdicts for Kaspersky products received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, Kaspersky solutions blocked 726,536,269 attacks launched from online resources in 203 countries across the globe. A total of 442,039,230 unique URLs were recognized as malicious by Web Anti-Virus components. […]

Verizon’s 2020 DBIR | Securelist- Tempemail – Blog – Emails

Verizon’s 2020 DBIR is out, you can download a copy or peruse their publication online. Kaspersky was a contributor once again, and we are happy to provide generalized incident data from our unique and objective research. We have contributed to this project and others like it for years now. This year’s ~120 page report analyses […]

Cyberthreats on lockdown | Securelist- Tempemail – Blog – Emails

Every year, our anti-malware research team releases a series of reports on various cyberthreats: financial malware, web attacks, exploits, etc. As we monitor the increase, or decrease, in the number of certain threats, we do not usually associate these changes with concurrent world events – unless these events have a direct relation to the cyberthreats, […]

COMpfun authors spoof visa application with HTTP status-based Trojan- Tempemail – Blog – Emails

You may remember that in autumn 2019 we published a story about how a COMpfun successor known as Reductor infected files on the fly to compromise TLS traffic. If you’re wondering whether the actor behind the malware is still developing new features, the answer is yes. Later in November 2019 our Attribution Engine revealed a […]

Naikon’s Aria | Securelist- Tempemail – Blog – Emails

Our colleagues at Checkpoint put together a fine research writeup on some Naikon resources and activity related to “aria-body” that we detected in 2017 and similarly reported in 2018. To supplement their research findings, we are summarizing and publishing portions of the findings reported in our June 2018 “Naikon’s New AR Backdoor Deployment to Southeast […]

DDoS attacks in Q1 2020- Tempemail – Blog – Emails

News overview Since the beginning of 2020, due to the COVID-2019 pandemic, life has shifted almost entirely to the Web — people worldwide are now working, studying, shopping, and having fun online like never before. This is reflected in the goals of recent DDoS attacks, with the most targeted resources in Q1 being websites of […]