APT annual review 2021

In the Global Research and Analysis Team at Kaspersky, we track the ongoing activities of more than 900 advanced threat actors and activity clusters; you can find our quarterly overviews here, here and here. For this annual review, we have tried to focus on what we consider to be the most interesting trends and developments […]

Continue Reading

IT threat evolution Q3 2021

IT threat evolution Q3 2021 IT threat evolution in Q3 2021. PC statistics IT threat evolution in Q3 2021. Mobile statistics Targeted attacks WildPressure targets macOS Last March, we reported a WildPressure campaign targeting industrial-related entities in the Middle East. While tracking this threat actor in spring 2021, we discovered a newer version. It contains […]

Continue Reading

IT threat evolution in Q3 2021. PC statistics

IT threat evolution Q3 2021 IT threat evolution in Q3 2021. PC statistics IT threat evolution in Q3 2021. Mobile statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, in Q3 2021: Kaspersky solutions blocked 1,098,968,315 attacks from […]

Continue Reading

Advanced threat predictions for 2022

Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict what might lie ahead in the coming year. Based on the collective knowledge and insights of our experts, we have developed […]

Continue Reading

MysterySnail attacks with Windows zero-day

Executive Summary In late August and early September 2021, Kaspersky technologies detected attacks with the use of an elevation of privilege exploit on multiple Microsoft Windows servers. The exploit had numerous debug strings from an older, publicly known exploit for vulnerability CVE-2016-3309, but closer analysis revealed that it was a zero-day. We discovered that it […]

Continue Reading

Exchange/Outlook Autodiscover Bug Exposed $100K Email Passwords

  Guardicore Security Researcher, Amit Serper identified a critical vulnerability in Microsoft’s autodiscover- the protocol, which permits for the automatic setup of an email account with only the address and password needed.  The vulnerability allows attackers who buy domains containing the word “autodiscover,” such as autodiscover.com or autodiscover.co.uk, to capture the clear-text login details of […]

Continue Reading

SonicWall Patches Critical Flaw in SMA 100 Products

  SonicWall has released a security advisory to warn users regarding a critical flaw impacting some of its Secure Mobile Access (SMA) 100 appliances. The vulnerability spotted as CVE-2021-20034 could potentially allow a remote unauthenticated hacker to delete arbitrary files from the targeted appliance and secure administrator access to the device. “The vulnerability is due […]

Continue Reading