Using a Mythic agent to optimize penetration testing ​

Using a Mythic agent to optimize penetration testing ​

by | May 13, 2025

Read More  Introduction The way threat actors use post-exploitation frameworks in their attacks is a topic we frequently discuss. It’s not just about analysis of artifacts for us, though. Our company’s deep expertise means we can study these tools to implement best...
State of ransomware in 2025 ​

State of ransomware in 2025 ​

by | May 7, 2025

Read More  Global ransomware trends and numbers With the International Anti-Ransomware Day just around the corner on May 12, Kaspersky explores the ever-changing ransomware threat landscape and its implications for cybersecurity. According to Kaspersky Security...
Outlaw cybergang attacking targets worldwide ​

Outlaw cybergang attacking targets worldwide ​

by | Apr 29, 2025

Read More  Introduction In a recent incident response case in Brazil, we dealt with a relatively simple, yet very effective threat focused on Linux environments. Outlaw (also known as “Dota”) is a Perl-based crypto mining botnet that typically takes advantage of weak...
Triada strikes back ​

Triada strikes back ​

by | Apr 25, 2025

Read More  Introduction Older versions of Android contained various vulnerabilities that allowed gaining root access to the device. Many malicious programs exploited these to elevate their system privileges and gain persistence. The notorious Triada Trojan also used...
Operation SyncHole: Lazarus APT goes back to the well ​

Operation SyncHole: Lazarus APT goes back to the well ​

by | Apr 24, 2025

Read More  We have been tracking the latest attack campaign by the Lazarus group since last November, as it targeted organizations in South Korea with a sophisticated combination of a watering hole strategy and vulnerability exploitation within South Korean software....