The recent Chinese New Year ushered in the Year of the Rat, but from the perspective of the many corporations, government agencies and other organizations around the world who continue to be the targets of Advanced Persistent Threat (APT) groups acting in the interest of the Chinese government, recent years could aptly be described as the Decade of the RATs - Remote Access Trojans, that is. (more available)

The purpose of this document is to briefly describe the features of Necurs malware. During the analysis, we have been able to identify the different “features” and “capabilities” of the Necurs malware. (more available)

This report provides new intelligence by the NCSC on two tools used by the Turla group to target the UK. It contains IOCs and signatures for detection by network defenders. (more available)

“As a part of our Kaspersky APT Intelligence Reporting subscription, customers received an update in mid-February 2017 on some interesting APT activity that we called WhiteBear. (more available)

The Qadars Banking Trojan has been observed globally targeting well-known banks since 2013. The research in this white paper provides a detailed analysis of the banking trojan, discussing the obfuscation techniques, domain generation algorithm (DGA), communication protocols and data formatting, and social engineering techniques employed by the trojan. (more available)