Security Researcher, Global Research & Analysis Team
Jornt works as a local security expert for the BeNeLux region in Kaspersky’s Global Research and Analysis Team (GReAT). During his time at the company, Jornt has managed several different high-profile projects. For instance, he helped the Dutch police with the Coinvault case, that led to the arrest of two malware authors. After this success, Jornt was a driving force behind the NoMoreRansom project. Together with various law enforcement agencies, he identified several servers that held cryptographic keys of ransomware victims. As a result, more than 35,000 people got their files back without paying the criminals and the action prevented millions of dollars going into the pockets of criminals. Jornt also speaks at national and international conferences, is a regular media commentator and alongside his malware research, offers malware reverse engineering training. Before joining Kaspersky in 2014, Jornt worked as a researcher/developer for Security Matters. Whilst he was there, he implemented and designed detection modules for Intrusion Detection Systems that operate in an Industrial Control System (ICS) environment. Prior to that, Jornt worked as a security consultant for Digidentity, where he improved existing products by creating new software and cryptographic algorithms. He has also worked as a consultant at the Rijkswaterstaat Security Operations Center (the governmental institution responsible for roads and water management), where he was actively involved in securing ICS environments.Kaspersky proporciona información sobre la actividad y los TTPs del APT BlindEagle. Grupo que apunta a organizaciones e individuos en Colombia, Ecuador, Chile, Panamá y otros países de América Latina.
Hemos elaborado este informe con el propósito de compartir información de inteligencia avanzada para hacer frente a los grupos de APT asiáticos.
Encontramos una imagen de firmware de la UEFI infectada con un implante malicioso, es el objeto de esta investigación. Hasta donde sabemos, este es el segundo caso conocido en que se ha detectado un firmware malicioso de la UEFI usado por un actor de amenazas.
RevengeHotels es una campaña de cibercrimen mediante malware, dirigida contra hoteles, hostales y empresas de turismo y hostelería ubicados sobre todo, pero no solo, en Brasil. Hemos confirmado que han caído víctimas más de 20 marcas de hoteles.