APT trends report Q1 2024
Contents
For more than six years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research. They provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of.
This is our latest installment, focusing on activities that we observed during Q1 2024.
Readers who would like to learn more about our intelligence reports or request more information about a specific report, are encouraged to contact [email protected].
The most remarkable findings
The Gelsemium group performs server-side exploitation that effectively leads to a webshell, and uses various custom and public tools deployed with stealth techniques and technologies. The two main implants, SessionManager and OwlProxy, were first detected in 2022 in the aftermath …
This is our latest installment, focusing on activities that we observed during Q1 2024.
Readers who would like to learn more about our intelligence reports or request more information about a specific report, are encouraged to contact [email protected].
The most remarkable findings
The Gelsemium group performs server-side exploitation that effectively leads to a webshell, and uses various custom and public tools deployed with stealth techniques and technologies. The two main implants, SessionManager and OwlProxy, were first detected in 2022 in the aftermath …