Kaspersky Security Bulletin 2021

The end of the year is always a nice time to take a look on the main developments and incidents that took place in the cyber security industry over the preceding 12 months. To review the impact these events had on organizations and individuals, and predict what they could mean for the overall evolution of the threat landscape, Kaspersky continues its series of annual Kaspersky Security Bulletin publications.

Reports

The ScarCruft group (also known as APT37 or Temp.Reaper) is a nation-state sponsored APT actor. Recently, we had an opportunity to perform a deeper investigation on a host compromised by this group.

In this report we provide details on a malicious VBS implant distributed via MS Excel droppers and a fake “Kaspersky Update Agent” which we attribute to WIRTE APT who may be linked to Gaza Cybergang.

The APT trends reports are based on our threat intelligence research and provide a representative snapshot of what we have discussed in greater detail in our private APT reports. This is our latest installment, focusing on activities that we observed during Q3 2021.

According to older public researches, Lyceum conducted operations against organizations in the energy and telecommunications sectors across the Middle East. In 2021, we have been able to identify a new cluster of the group’s activity, focused on two entities in Tunisia.

Kaspersky Security Bulletin 2021

Advanced threat predictions for 2022

Cyberthreats to financial organizations in 2022

Privacy predictions 2022

The dangers of “connected” healthcare: predictions for 2022

Threats to ICS and industrial enterprises in 2022

APT annual review 2021

The story of the year: ransomware in the headlines

Kaspersky Security Bulletin 2021. Statistics

Reports

ScarCruft surveilling North Korean defectors and human rights activists

WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019

APT trends report Q3 2021

Lyceum group reborn

Subscribe to our weekly e-mails