Alexander Liskin

Together with @bzvr_, @2igosha and Anton Kargin, we identified that the DAEMON Tools software has been compromised in a complex supply chain attack since April 8. We see thousands of infections across 100+ countries. If you use DAEMON Tools, run a malware scan immediately! [1/7]

New "CopyFail" vulnerability (CVE-2026-31431) is hitting almost every mainstream Linux distro. This local privilege escalation (LPE) has been hiding in the kernel since 2017. The public exploit? A mere 732 bytes of Python. Here is what you need to know 🧵👇

SAS 2026 is coming to Bali 🇮🇩 📅 Oct 20–23 🎟 Early bird tickets are live with 20% off Join global cybersecurity experts shaping what’s next. 👉 kas.pr/t8kt #SAS2026 #cybersecurity

🚨 On April 9–10, cpuid[.]com — home of CPU-Z, HWMonitor & other popular sysadmin tools — was compromised. Trojanized installers were served to visitors. Kaspersky GReAT analyzed the attack and found it goes deeper than initially reported. [1/6]

The HackingTeam is back! New name, new malware, new exploits securelist.com/forumtroll-apt…

The more things change, the more they stay the same? 🤔 At #TheSAS2025, Boris Larin dropped a bombshell: Memento Labs, the successor to the infamous HackingTeam, is back with a new Chrome zero-day exploit and 'Dante' spyware. The good news? We've found a way to spot it. Get the full intel from our blog: kas.pr/rz5n #APT #Spyware

Check out our analysis of the SharePoint ToolShell vulnerabilities: how the ITW exploit works, how it was patched, and why the initial patches could be easily bypassed securelist.com/toolshell-expl…

🎉 It’s official – #SAS2025 is coming! The world’s GReATest cybersecurity event returns with cutting-edge research, mind-blowing hacks, and the ultimate CTF finale. You won't want to miss this, book your place now: kas.pr/97zh

⚠️ Urgent: Chrome Zero-Day Exploited in Targeted Attacks Kaspersky GReAT experts, using advanced detection technologies of our Next EDR Expert solution, have uncovered a targeted attack — dubbed Operation ForumTroll — on media, educational, and government entities. Victims are lured via phishing emails exploiting a new Chromium vulnerability (CVE-2025-2783), infecting Windows users without any further action required from them. Analysis of the malware's functionality suggests the operation was designed primarily for espionage. We promptly alerted Google, which quickly fixed the vulnerability that had potentially put millions of users at risk. Chrome version 134.0.6998.177/.178 is now available — update immediately and ensure reliable security software is installed. Attack details and IoCs are on our Securelist article: kas.pr/ih3y

Secure your #supplychain workflows: Learn from the biggest incidents of 2024 💻 Our top experts break down 2024’s critical events—from faulty updates to open-source vulnerabilities. Discover key insights into emerging #cyberthreats and strategies to fortify your defenses. Save your spot: brighttalk.com/webcast/15591/… #Webinar #Cybersecurity

#AI & LLMs are transforming the game, but they come with #security risks—think jailbreaks and prompt injections. How can businesses harness the power safely? Join our #webinar for insights into securing LLMs! Register now ⇒ kas.pr/6acb

Beyond Oberon: Exploiting PlayStation 5's EFC and EMC by Shawn Hoffman @shuffle2 #TheSAS2024 thesascon.com 👀

Remember, #TheSAS2024 equals #TopAPTresearch! Take Boris Larin (@oct0xor) — his previous SAS talks were featured in the Washington Post, New York Times, and Forbes. Watching the video below, you might suspect this team of researchers found something groundbreaking to justify their long trip to Bali. Wanna join? 🎉 Agenda + tickets: kas.pr/6pyu

The 2024 edition of @TheSAScon, the premier global conference for cybersecurity experts and threat analysts, will take place from October 22nd to 25th, 2024 in Bali, Indonesia. av-comparatives.org/thesascon-2024… #TheSAS2024

When time travel was invented in 2170, more than 20 billionaires applied for a wormhole trip back to 2024 to have their younger selves submit applications to join #TheSAS2024. Don't repeat their mistakes and make your older self pay for this outrageously expensive time travel. ✈️ Buy a ticket to SAS and enjoy a fun and educational experience! Hurry up, seats are running out! kas.pr/6pyu

🚧 Alexander Liskin, @0x1ffffffffffff, Head of Threat Research chez @kasperskyfrance commente sur la panne informatique mondiale sur les systèmes Windows. 📰 @20Minutes & @afpfr 20minutes.fr/high-tech/4102…

Thank you all for your support❤️! I think we did a good job of capturing, analyzing and disclosing the Operation Triangulation. We also wanted to get the bounty for the bugs used against us and use it for good - donate it to charity. Pwnie Awards are only discrediting themselves.

The story of how CrowdStrike released an update on a Friday and brought down thousands, tens of thousands, or maybe even hundreds of thousands of computers around the world. Find out the details here: kas.pr/kdp3

You wouldn't see this with any of our products (just sayin.) 🤷

The Security Analyst Summit (SAS) is the conference you don't want to miss this year. Only two weeks left until Call For Papers ends!