Spring4Shell (CVE-2022-22965): details and mitigations
Technical details and mitigations for CVE-2022-22965 vulnerability (Spring4Shell) that can help an attacker to execute arbitrary code on a remote web server.
Threats
Latest Webinars
Register to Access All Kaspersky Webinars
Kaspersky Security Bulletin 2021. Statistics
Key statistics for 2021: miners, ransomware, trojan bankers and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT.
Reports
Lazarus Trojanized DeFi app for delivering malware
We recently discovered a Trojanized DeFi application that was compiled in November 2021. This application contains a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a full-featured backdoor.
MoonBounce: the dark side of UEFI firmware
At the end of 2021, we inspected UEFI firmware that was tampered with to embed a malicious code we dub MoonBounce. In this report we describe how the MoonBounce implant works and how it is connected to APT41.
The BlueNoroff cryptocurrency hunt is still on
It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income.
ScarCruft surveilling North Korean defectors and human rights activists
The ScarCruft group (also known as APT37 or Temp.Reaper) is a nation-state sponsored APT actor. Recently, we had an opportunity to perform a deeper investigation on a host compromised by this group.
Subscribe to our weekly e-mails
The hottest research right in your inbox
