Head of Threat Research, Kaspersky
As Head of Threat Research team, Alexander leads top experts on protection from cyberthreats and is responsible for organizing, conducting researches aimed to obtain valuable cyber threat intelligence. The expertise gained from these researches provides the foundation for the further development of Kaspersky's cybersecurity solutions, enabling instantly response to new threats, providing reliable protection against them across all platforms. Alexander joined Kaspersky in 2006 as a malware analyst in the Packed Objects Analysis Group. Within this role he acquired great experience in reverse engineering and software development. In 2013, he became a leader in the Heuristic Detection Group and, several years later, the group’s manager. The division provided generic detections for all kinds of threats as well as developing malware detection methods. As a lead malware analyst, Alexander designed and developed a number of technologies that currently form the basis of Kaspersky’s anti-virus engine. In 2018, Alexander became Head of the Heuristic Detection and Vulnerability Research Team. The team was responsible for heuristic and generic malware detection, developing new threat protection technologies, static and dynamic exploit detection, vulnerability assessment and patch management, packed objects analysis and format parsers. In 2019, Alexander became Head of Anti-Malware Research. In this position he worked on improving threat detection, creating new technologies for protection against advanced threats, and the development of current malware detection mechanisms. Alexander graduated with honors from the Department of Mechanics and Mathematics at Moscow State University.Kaspersky proporciona información sobre la actividad y los TTPs del APT BlindEagle. Grupo que apunta a organizaciones e individuos en Colombia, Ecuador, Chile, Panamá y otros países de América Latina.
Hemos elaborado este informe con el propósito de compartir información de inteligencia avanzada para hacer frente a los grupos de APT asiáticos.
Encontramos una imagen de firmware de la UEFI infectada con un implante malicioso, es el objeto de esta investigación. Hasta donde sabemos, este es el segundo caso conocido en que se ha detectado un firmware malicioso de la UEFI usado por un actor de amenazas.
RevengeHotels es una campaña de cibercrimen mediante malware, dirigida contra hoteles, hostales y empresas de turismo y hostelería ubicados sobre todo, pero no solo, en Brasil. Hemos confirmado que han caído víctimas más de 20 marcas de hoteles.