Giampaolo Dedola

Nov 28, 2024 | securelist.com | Igor Kuznetsov |Giampaolo Dedola |Georgy Kucherin |Maher Yamout

Kaspersky’s Global Research and Analysis Team (GReAT) has been releasing quarterly summaries of advanced persistent threat (APT) activity for over seven years now. Based on our threat intelligence research, these summaries offer a representative overview of what we’ve published and discussed in more detail in our private APT reports. They are intended to highlight the significant events and findings that we think are important for people to know about.

Nov 25, 2024 | securelist.com | Igor Kuznetsov |Giampaolo Dedola |Georgy Kucherin |Maher Yamout

We at Kaspersky’s Global Research and Analysis Team monitor over 900 APT (advanced persistent threat) groups and operations. At the end of each year, we take a step back to assess the most complex and sophisticated attacks that have shaped the threat landscape. These insights enable us to anticipate emerging trends and build a clearer picture of what the APT landscape may look like in the year ahead.

Oct 22, 2024 | securelist.com | Igor Kuznetsov |Boris Larin |Giampaolo Dedola |Vasily Berdnikov

Grandoreiro is a well-known Brazilian banking trojan — part of the Tetrade umbrella — that enables threat actors to perform fraudulent banking operations by using the victim’s computer to bypass the security measures of banking institutions. It’s been active since at least 2016 and is now one of the most widespread banking trojans globally.

Oct 19, 2023 | securelist.com | Vladislav Tushkanov |Anna Larkina |Giampaolo Dedola |Vasily Kolesnikov

In April of this year, the FBI published an advisory on attacks targeting government, law enforcement, and non-profit organizations. Attackers download scripts onto victims’ devices, delivering several types of malware all at once. The main aim is to utilize company resources for mining, steal data using keyloggers, and gain backdoor access to systems. According to our telemetry data, we have detected numerous scripts, executables, and associated links under this campaign since late 2022.

Oct 18, 2023 | securelist.com | Kaspersky ICS CERT |Vladislav Tushkanov |Anna Larkina |Giampaolo Dedola

In early September 2022, we discovered several new malware samples belonging to the MATA cluster. As we were collecting and analyzing the relevant telemetry data, we realized the campaign had been launched in mid-August 2022 and targeted over a dozen corporations in Eastern Europe from the oil and gas sector and defense industry.