MATA: Multi-platform targeted malware framework

As the IT and OT environment becomes more complex, adversaries are quick to adapt their attack strategy. For example, as users’ work environments diversify, adversaries are busy acquiring the TTPs to infiltrate systems. Recently, we reported to our Threat Intelligence Portal customers a similar malware framework that internally we called MATA. The MATA malware framework…

GReAT thoughts: Awesome IDA Pro plugins

The Global Research & Analysis Team here at Kaspersky has a tradition of meeting up once a month and sharing cutting-edge research, interesting techniques and useful tools. We recently took the unprecedented decision to make our internal meetings public for a few months and present them as a series of talks called ‘GReAT Ideas. Powered…

Specify Recovery IP Addresses in Group Replication

Group Replication distributed recovery is one of the key features and until now it was restricted to be executed over one mysql connection point automatic defined on mysql system variables port and host. With group_replication_recovery_endpoints we can specify through which interfaces can group replication recovery take place for a given member so that it controls…