Threat Category: Secure environment (IoT)

We decided to discuss less obvious tools for working with firmware, including Renode and Qiling. Each of those tools has its own features, advantages, and limitations that make it effective for certain types of task.

We analyze data on vulnerabilities in routers, plus malware that attacks IoT devices: Mirai, NyaDrop, Gafgyt, and other.

PC malware statistics for the Q1 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices.

Third party automotive mobile apps, web apps and API clients provide drivers with additional functions but may pose security risks for their data.

Against the backdrop of the conflict between Russia and Ukraine, the number of DDoS attacks in Q1 2022 increased by 4.5 times against Q1 2021. A significant proportion of them were by hacktivists.

In Q4 2021, as expected, the number of DDoS attacks rose, while DDoS botnets weaponized a Log4Shell vulnerability. In this report, we present the main DDoS trends and statistics.

PC threat statistics for Q3 2021 contain data on miners, encrypting ransomware, financial malware, and threats to Windows, macOS and IoT.

It’s time to overview our last year’s forecasting for the healthcare sector and make some new predictions for 2022

An overview of the state of privacy and main trends in 2021, and our predictions on how these will evolve in 2022.

This report provides DDoS attack statistics for Q3 2021, as well as a news roundup and forecasts for the next quarter.

PC threat statistics for Q2 2021 contain data on miners, encrypting ransomware, financial malware and threats to Windows, macOS and IoT.

In this report you’ll find Kaspersky DDoS Intelligence statistics, news overview and DDoS market trends and predictions for Q2 2021.

Dan Demeter, Senior Security Researcher with Kaspersky’s Global Research and Analysis Team and head of Kaspersky’s Honeypot project, explains what honeypots are, why they’re recommended for catching external threats, and how you can set up your own simple SSH-honeypot.

In Q1 2021, we blocked more than 2 billion attacks launched from online resources across the globe, detected 77.4M unique malicious and potentially unwanted objects, and recognized 614M unique URLs as malicious.

Q4 2020 in terms of DDoS attacks: DDoS market fall, bitcion rise, careful prognoses.

Reports

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q2 2022.

In this report, we present a UEFI firmware rootkit that we called CosmicStrand and attribute to an unknown Chinese-speaking threat actor.

In early 2022, we investigated an IIS backdoor called SessionManager. It has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East.

ToddyCat is a relatively new APT actor responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Its main distinctive signs are two formerly unknown tools that we call ‘Samurai backdoor’ and ‘Ninja Trojan’.

Secure environment (IoT)

Dynamic analysis of firmware components in IoT devices

Router security in 2021

IT threat evolution in Q1 2022. Non-mobile statistics

What’s wrong with automotive mobile apps?

DDoS attacks in Q1 2022

DDoS attacks in Q4 2021

IT threat evolution in Q3 2021. PC statistics

The dangers of “connected” healthcare: predictions for 2022

Privacy predictions 2022

DDoS attacks in Q3 2021

IT threat evolution in Q2 2021. PC statistics

DDoS attacks in Q2 2021

Detecting unknown threats: a honeypot how-to

IT threat evolution Q1 2021. Non-mobile statistics

DDoS attacks in Q4 2020

Reports

APT trends report Q2 2022

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

The SessionManager IIS backdoor

APT ToddyCat

Subscribe to our weekly e-mails