Principal Security Researcher, Global Research & Analysis Team
Kurt joined Kaspersky in 2010. He researches and reports on targeted attack activity, complex intrusions, and advanced malware. He focuses on privacy and cryptography technologies. Kurt contributes to working groups and shares his findings with other members of various online communities. He regularly gives presentations on malware issues at international conferences and offers his thoughts to a variety of journalists and media about current cybersecurity matters. Prior to joining Kaspersky, Kurt was VP of Behavioral Threat Research at Symantec for PC Tools’ ThreatFire. Originally joining ThreatFire when it was a startup in 2005, Kurt was as their sole researcher and led their research efforts through two successful acquisitions. Before Symantec, Kurt was Chief Threat Officer at Novatix and a Threat Analyst at SonicWALL.We continue to report on the APT group ToddyCat. This time, we’ll talk about traffic tunneling, constant access to a target infrastructure and data extraction from hosts.
New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and CR4T backdoor in C and Go.
In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.
Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups.