Latest news with #KasperskySecurityNetwork
Morocco World
17-04-2025
- Business
- Morocco World
Kaspersky: Morocco Ranks High Among Top Targets for Cyberattacks in Africa
Doha – Cybersecurity giant Kaspersky has revealed Morocco ranks among Africa's most frequently targeted countries for digital attacks. The findings, presented at GITEX Africa 2025 — which concluded yesterday in Marrakech — draw attention a surge in threats across the continent. The report, based on anonymized data from Kaspersky Security Network, places Morocco third among African countries facing web-based threats, with 12.6 million attack attempts documented in 2024. Kenya tops the list with nearly 20 million incidents, while South Africa follows with approximately 17 million. Web threats targeting African businesses jumped 1.2% compared to 2023, with over 131.5 million total threats detected regionwide this year. On-device threats have climbed 4% in African organizations since last year. Morocco features prominently among countries experiencing this increase, alongside Senegal, Nigeria, South Africa, and Ethiopia. Data theft threats have spiked dramatically across the continent. Spyware attacks on African businesses surged 14% between 2023 and 2024, while password stealer detections soared by 26%. Kenya, Morocco, and South Africa recorded the highest number of password-stealing attempts, followed by Tanzania, Namibia, Uganda, and Senegal. 'Africa's rapid digital expansion has brought significant opportunities, but it has also exposed the continent to a growing array of cyberthreats,' warns Maher Yamout, Lead Cybersecurity Researcher with Kaspersky's Global Research and Analysis Team. Yamout pointed to hybrid work arrangements and rushed digitization as key vulnerabilities in the business sector. 'The continuing shift toward hybrid work models and the rush to digitize operations — often outpacing cybersecurity investments — may leave African businesses exposed to advanced persistent threats,' he explained. Experts warn of systemic risks The report emerges amid Morocco's most serious cybersecurity crisis in years. The National Social Security Fund (CNSS) recently suffered a devastating breach that exposed the salary information of approximately 2 million individuals across 500,000 companies. The Algerian hacking group 'JabaRoot DZ' claimed responsibility for the attack. The breach triggered an unprecedented security lockdown across government digital infrastructure. Multiple ministries and public administrations shut down their online platforms as a preventive measure. The direct housing assistance platform closed first, followed by websites for the Ministry of Education, General Secretariat of Government, and the Mediator Institution. Morocco's tax department also suspended its digital services. Morocco's Center for Monitoring, Detection and Response to Computer Attacks identified the source as a critical security flaw in the WordPress 'SureTriggers' module, widely used by institutional websites. This vulnerability allows hackers to bypass security protocols and access sensitive data. The danger lies in its ability to create automatic interconnections with hundreds of third-party applications like Google, Facebook, Slack, and Gmail, giving cybercriminals access to sophisticated chain attacks. The CNSS incident has sparked intense debate about cybersecurity governance in Morocco. Security experts argue the breach likely resulted from both human error and technical vulnerabilities. Many government agencies still use outdated operating systems from 2011, which no longer receive security updates and leave networks highly vulnerable to attack. The Maghreb country has also experienced a wave of retaliatory attacks, including distributed denial-of-service (DDoS) campaigns. Most recently, the Algerian group DDOS54 launched what they described as a 'major campaign' against Moroccan government systems, affecting several ministerial websites including the Agriculture Ministry portal and the national tax portal. Security experts recommend government institutions implement regular penetration testing, with at least 50 tests performed every six months. They also advocate establishing a national cybersecurity center to work alongside the existing General Directorate of Information Systems Security (DGSSI) to better coordinate Morocco's digital defenses. Despite these challenges, Morocco ranks relatively well in global cybersecurity standings. The country is classified among 'vigilant actors' in the fight against financial crime according to the 2025 Global Economic and Financial Crime Index, placing 75th out of 177 countries with a score of 2.14 points. For organizations, Kaspersky recommends keeping all software updated, limiting exposure of remote desktop services, implementing comprehensive endpoint detection solutions, utilizing threat intelligence, and maintaining regular data backups. 'Organizations in Africa should prioritize a unified approach by enhancing collaboration, investing in specialized cybersecurity training, and promoting digital literacy to effectively combat the rising tide of cybercrime,' Yamout concluded. Read also: Morocco Ranks Among Top Five Arab Nations in Global Cybersecurity Index 2024 Tags: cyberattacksCybersecurity in MoroccoGITEX Africa 2025Kaspersky
Biz Bahrain
12-04-2025
- Biz Bahrain
Kaspersky Research Sandbox 3.0: more power, less hardware
Kaspersky has launched a major update to Kaspersky Research Sandbox, introducing version 3.0 with advanced capabilities for deeper file analysis, interactive threat investigation, and significantly reduced hardware requirements. Designed for security teams and threat researchers, the enhanced solution provides more flexibility, efficiency, and cost-effectiveness in detecting and analyzing modern cyber threats. Kaspersky Research Sandbox has been developed directly out of the company's in-lab sandboxing complex, a technology that's been evolving for over two decades. It incorporates all the knowledge about malware behaviors acquired through continuous threat research, allowing Kaspersky to detect over 400,000 new malicious objects every day. One of the key advancements in Kaspersky Research Sandbox 3.0 is the introduction of visual interaction during sample detonation (VNC). This feature enables security analysts to interact with the execution environment in real time, monitor malware behavior as it unfolds, and run investigation tools to uncover additional threat details. This deeper level of analysis enhances the ability to detect sophisticated threats that adapt to traditional sandboxing methods. The updated sandbox now also offers the option to work with Kaspersky Security Network (KSN) as an alternative to Kaspersky Private Security Network (KPSN). This flexibility provides a more cost-effective and faster deployment option which is particularly useful for pilot projects. Additionally, this change reduces hardware requirements by half, making the solution more accessible for organizations with limited resources. To address the growing use of obfuscation techniques in modern attacks, Kaspersky Research Sandbox 3.0 now incorporates Microsoft AMSI (Antimalware Scan Interface) output. This integration significantly improves detection of packed and obfuscated scripts, including malicious PowerShell activity, a tactic increasingly exploited by threat actors. Further improving threat intelligence capabilities, the update introduces extended static analysis. By examining key file attributes such as strings, headers, sections, import and export tables and entropy graphs for executable files, analysts gain critical insights into malware characteristics, even for operating systems not yet supported for dynamic analysis, such as macOS. Alongside these technological enhancements, the user interface has been completely redesigned to improve usability and streamline the research process. The enhanced System Activities page now offers improved visualization, allowing analysts to filter reports and focus only on relevant malicious processes. The History table search function makes it easier to retrieve previous analysis results, helping security teams quickly resume investigations. 'With Kaspersky Research Sandbox 3.0, we're providing security teams with even more extensive analysis capabilities, greater visibility and control over malware behavior and a significantly decreased entry threshold for organizations with limited hardware resources. Built on over two decades of malware research, Kaspersky Research Sandbox combines our deep threat analysis expertise with cutting-edge technology. It empowers security teams with professional interactive malware investigation tool with even deeper analysis and optimized performance – now with twice lowered hardware requirements,' comments Boris Storonkin, Threat Intelligence Product Manager at Kaspersky. For more information about Kaspersky Research Sandbox 3.0, please visit the link.
Zawya
11-04-2025
- Business
- Zawya
14% increase in spyware attacks on businesses in Africa: Kaspersky presents a cyberthreat report at GITEX Africa
As part of the company's participation at the GITEX Africa conference, taking place in Morocco on 14-16 April 2025, Kaspersky ( will address the dynamics for cyberthreats in the African region as per the latest anonymised data from the Kaspersky Security Network (KSN)[1]. From 2023 to 2024 businesses in Africa were targeted by web threats, on-device threats, and attacks aiming to steal data, including spyware and password stealers. Phishing and ransomware continue to be significant threats in the region, with 66 million phishing link clicks seen by Kaspersky in the African region in 2024, including over 14.8 million phishing link clicks by corporate users. Web-based threats, or online threats, are a category of cybersecurity risks that may cause an undesirable event or action affecting users browsing the Internet. According to Kaspersky data, there were 131 580 587 web threats detected in 2024 in the African region, including almost 20 million attack attempts in Kenya, almost 17 million in South Africa, and 12.6 million in Morocco. Businesses were targeted by web threats more often in 2024 than in 2023, with threat detections increasing by 1.2%. Local (on device) threats include malware that is spread via removable USB drives, CDs and DVDs, or that initially makes way onto the computer in non-open form (for example, programs in complex installers, encrypted files, etc.). According to Kaspersky telemetry, local (on device) threat detections in organisations in the African region in 2024 increased by 4% compared to 2023. Among the countries that saw growth in local threats detected in organisations were Nigeria (169% increase), Ethiopia (86%), South Africa (32%), Senegal (11%), and Morocco (9%). There has been a spike of threats related to data theft. According to Kaspersky data, there was a 14% growth in spyware attack detections on businesses in the African region from 2023 to 2024. Spyware is secretly installed on a user's computer to monitor their actions and collect their data. Apart from that, there has been a 26% increase in password stealer detections. Password stealers are a type of malware designed to harvest login credentials and other sensitive data. 'Our statistics show an increase in attack detections for several types of cyberthreats, and the factors driving these increases are multifaceted. In the B2B sector, the continuing shift toward hybrid work models and the rush to digitise operations — often outpacing cybersecurity investments — may leave businesses in Africa exposed to advanced persistent threats. In the B2C space, the explosion of digital financial services, coupled with low digital literacy rates, makes individuals prime targets for opportunistic attacks,' comments Maher Yamout, Lead Cybersecurity Researcher with Kaspersky Global Research and Analysis Team. 'Organisations in Africa should prioritise a unified approach by enhancing collaboration, investing in specialised cybersecurity training, and promoting digital literacy to effectively combat the rising tide of cybercrime. Initiatives like the African Cyber Surge operation and targeted educational programs can serve as blueprints for building a resilient digital ecosystem across the continent.' To stay protected, Kaspersky suggests following the recommendations below. Individual users: Do not download and install applications from untrusted sources. Do not click on any links from unknown sources or suspicious online advertisements. Always use two-factor authentication when available. Create strong and unique passwords, using a mix of lower-case and upper-case letters, numbers, and punctuation. Use a reliable password manager to help to remember them. Always install updates when they become available; they contain fixes for critical security issues. Ignore messages asking to disable security systems for office or cybersecurity software. Use a robust security solution appropriate to your system type and devices, such as Kaspersky Premium ( Organi s ations: Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities. Do not expose remote desktop services (such as RDP) to public networks unless absolutely necessary and always use strong passwords for them. Use solutions such as Kaspersky NEXT EDR Expert ( for comprehensive visibility across all endpoints on a company's corporate network to get superior defense, automate routine EDR tasks, enable analysts to speedily hunt out, prioritise, investigate, and neutralise complex threats and APT-like attacks. Use the latest Threat Intelligence ( information to stay aware of actual TTPs used by threat actors. Back up corporate data regularly. Backups should be isolated from the network. Make sure you can quickly access the backups in an emergency if needed. The Kaspersky stand at GITEX Africa ( in Morocco will be located in Hall 13, 13C-20, while a keynote titled ' When AI/ML fails in cybersecurity, humans are the last line of defense ' will take place at the Dark Stage on April 15 at 2:10 PM. Distributed by APO Group on behalf of Kaspersky. For further information please contact: Nicole Allman INK&Co. ( nicole@ Follow us: Facebook: X: YouTube: Instagram: Blog: About Kaspersky: Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company's comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at
Tahawul Tech
11-04-2025
- Tahawul Tech
Kaspersky Research Sandbox 3.0: more power, less hardware
Kaspersky has launched a major update to Kaspersky Research Sandbox, introducing version 3.0 with advanced capabilities for deeper file analysis, interactive threat investigation, and significantly reduced hardware requirements. Designed for security teams and threat researchers, the enhanced solution provides more flexibility, efficiency, and cost-effectiveness in detecting and analysing modern cyber threats. Kaspersky Research Sandbox has been developed directly out of the company's in-lab sandboxing complex, a technology that's been evolving for over two decades. It incorporates all the knowledge about malware behaviours acquired through continuous threat research, allowing Kaspersky to detect over 400,000 new malicious objects every day. One of the key advancements in Kaspersky Research Sandbox 3.0 is the introduction of visual interaction during sample detonation (VNC). This feature enables security analysts to interact with the execution environment in real time, monitor malware behaviour as it unfolds, and run investigation tools to uncover additional threat details. This deeper level of analysis enhances the ability to detect sophisticated threats that adapt to traditional sandboxing methods. The updated sandbox now also offers the option to work with Kaspersky Security Network (KSN) as an alternative to Kaspersky Private Security Network (KPSN). This flexibility provides a more cost-effective and faster deployment option which is particularly useful for pilot projects. Additionally, this change reduces hardware requirements by half, making the solution more accessible for organizations with limited resources. To address the growing use of obfuscation techniques in modern attacks, Kaspersky Research Sandbox 3.0 now incorporates Microsoft AMSI (Antimalware Scan Interface) output. This integration significantly improves detection of packed and obfuscated scripts, including malicious PowerShell activity, a tactic increasingly exploited by threat actors. Further improving threat intelligence capabilities, the update introduces extended static analysis. By examining key file attributes such as strings, headers, sections, import and export tables and entropy graphs for executable files, analysts gain critical insights into malware characteristics, even for operating systems not yet supported for dynamic analysis, such as macOS. Alongside these technological enhancements, the user interface has been completely redesigned to improve usability and streamline the research process. The enhanced System Activities page now offers improved visualisation, allowing analysts to filter reports and focus only on relevant malicious processes. The History table search function makes it easier to retrieve previous analysis results, helping security teams quickly resume investigations. 'With Kaspersky Research Sandbox 3.0, we're providing security teams with even more extensive analysis capabilities, greater visibility and control over malware behaviour and a significantly decreased entry threshold for organisations with limited hardware resources. Built on over two decades of malware research, Kaspersky Research Sandbox combines our deep threat analysis expertise with cutting-edge technology. It empowers security teams with professional interactive malware investigation tool with even deeper analysis and optimised performance – now with twice lowered hardware requirements', comments Boris Storonkin, Threat Intelligence Product Manager at Kaspersky. For more information about Kaspersky Research Sandbox 3.0, please visit the link.
