Quantcast
Channel: Boris Larin – Securelist
Browsing latest articles
Browse All 10 View Live

Image may be NSFW.
Clik here to view.

Nokoyawa ransomware attacks with Windows zero-day

Updated April 20, 2023 In February 2023, Kaspersky technologies detected a number of attempts to execute similar elevation-of-privilege exploits on Microsoft Windows servers belonging to small and...

View Article


Image may be NSFW.
Clik here to view.

How to catch a wild triangle

In the beginning of 2023, thanks to our Kaspersky Unified Monitoring and Analysis Platform (KUMA) SIEM system, we noticed suspicious network activity that turned out to be an ongoing attack targeting...

View Article


Image may be NSFW.
Clik here to view.

Windows CLFS and five exploits used by ransomware operators (Exploit #5 –...

This is part six of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Please read...

View Article

Image may be NSFW.
Clik here to view.

Windows CLFS and five exploits used by ransomware operators (Exploit #1 –...

This is the second part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Please...

View Article

Image may be NSFW.
Clik here to view.

Windows CLFS and five exploits used by ransomware operators

In April 2023, we published a blog post about a zero-day exploit we discovered in ransomware attacks that was patched as CVE-2023-28252 after we promptly reported it to Microsoft. In that blog post, we...

View Article


Image may be NSFW.
Clik here to view.

Windows CLFS and five exploits used by ransomware operators (Exploit #2 –...

This is the third part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Please...

View Article

Image may be NSFW.
Clik here to view.

Windows CLFS and five exploits used by ransomware operators (Exploit #3 –...

This is part four of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Please read...

View Article

Image may be NSFW.
Clik here to view.

Windows CLFS and five exploits used by ransomware operators (Exploit #4 –...

This is part five of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Please read...

View Article


Image may be NSFW.
Clik here to view.

Operation Triangulation: The last (hardware) mystery

Today, on December 27, 2023, we (Boris Larin, Leonid Bezvershenko, and Georgy Kucherin) delivered a presentation, titled, “Operation Triangulation: What You Get When Attack iPhones of Researchers”, at...

View Article


Image may be NSFW.
Clik here to view.

QakBot attacks with Windows zero-day (CVE-2024-30051)

In early April 2024, we decided to take a closer look at the Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36033, which was previously discovered as a zero-day exploited in the...

View Article
Browsing latest articles
Browse All 10 View Live