Targeted attacks and malware campaigns Operation AppleJeus: the sequel In 2018, we published a report on Operation AppleJeus, one of the more notable campaigns of the threat actor Lazarus, currently one of the most active and prolific APT groups. One notable feature of this campaign was that it marked the first time Lazarus had targeted macOS targets, with t

Kaspersky Security Bulletin 2019. Advanced threat predictions for 2020 Cybersecurity of connected healthcare 2020: Overview and predictions 5G technology predictions 2020 Cyberthreats to financial institutions 2020: Overview and predictions Moving to the cloud The popularity of cloud services is growing, and threat actors are here to exploit the trend. We

Initially, digital biometric data processing systems were used primarily by government agencies and special services (police, customs, etc.). However, the rapid evolution of information technology has made biometric systems accessible for ‘civil’ use. They are increasingly becoming part of our everyday lives, augmenting and replacing traditional

Targeted attacks and malware campaigns Mobile espionage targeting the Middle East At the end of June we reported the details of a highly targeted campaign that we dubbed ‘Operation ViceLeaker’ involving the spread of malicious Android samples via instant messaging. The campaign affected several dozen victims in Israel and Iran. We discovered this

Last week on Malwarebytes Labs, we looked at stalkerware’s legal enforcement problem, announced our cooperation with other security vendors and advocacy groups to launch Coalition Against Stalkerware, published our fall 2019 review of exploit kits, looked at how Deepfake on LinkedIn makes for malign interference campaigns, rounded up our knowledge about the

Executive summary The Cybercrime Ecosystem is a series of articles explaining how cybercriminals operate, what drives them, what techniques they use and how we, regular Internet users, are part of that ecosystem. The articles will also cover technical details and up-to-date research on the threat landscape to provide a more realistic understanding of why thi

Targeted attacks and malware campaigns More about ShadowHammer In March, we published the results of our investigation into a sophisticated supply-chain attack involving the ASUS Live Update Utility, used to deliver BIOS, UEFI and software updates to ASUS laptops and desktops. The attackers added a backdoor to the utility and then distributed it to users thr

How often do you turn off your computer when you go home from work? We bet you leave it on so you don’t have to wait until it boots up in the morning. It’s possible that your IT staff have trained you to lock your system for security reasons whenever you leave your workplace. But locking your system won’t save your computer from a new type

National elections have become a global stage for hackers to display their virtuosity, bringing the question of cybersecurity to the forefront of the conversation. Since Barack Obama accused the Russians of meddling in 2016’s presidential election in favor of Donald Trump, several European countries have taken their own measures to avoid such cyberatta

Which is the source of Panama Papers? According to Mossack the hackers breached its systems, according to the experts its email server was breached. The Panama Papers is a huge trove of strictly confidential documents from the Panamanian law firm Mossack Fonseca was leaked online during the weekend, it is largest data leaks ever. The entire archive of the f

Security researcher Chris Vickery has identified a misconfigured database that contains the personal details of 191,337,174 US voters.The unprotected database was discovered on December 20, contains over 300 GB of data, and includes details such as full names, voter IDs, home addresses, email addresses, party affiliations, ethnicity, telephone numbers, and m

For the past few weeks, security researcher Chris Vickery has been working on discovering insecure applications and contacting the makers of those apps to have the issues resolved.One of the applications he found to leak quite a large amount of personal user details is MacKeeper by Kromtech Alliance.MacKeeper is the equivalent of an antivirus combined with a

VTech, a Chinese company that builds and sells electronic learning toys, has been breached by a mysterious hacker that shared the data with Vice's Motherboard.According to Vice reporter Lorenzo Franceschi-Bicchierai and Troy Hunt, owner of the Have I Been Pwned? service, the data they analyzed contained extremely personal details for over 4.8 million par

The ISIS hacking division retaliated against Anonymous by leaking the personal details of a few hundred people working for various US military and law enforcement agencies.The data was leaked last Saturday, just hours after Anonymous had taken down the main ISIS operations forum, reports Vocativ.The hackers, known as the ISIS Islamic State Cyber Army, or the

A Microsoft engineer has uncovered a tiny flaw in the way 1Password manages user metadata in some setups, exposing user details along the way.You can read the in-depth explanation of this entire 1Password (intentional) design flaw on Dale Myers' website, but we're also going to summarize it for you if you're not in the mood for technical blog pos