Kaspersky KATA 7.0: The next level of targeted attack protection
According to Kaspersky's IT Security Economics 2024 report, an overwhelming majority of organizations report network attacks. Large enterprises lead with 97% reporting an attack, followed by SMEs at 88%, and SMBs at 83%. With this in mind, Kaspersky updates its solutions regularly to ensure businesses are equipped to meet evolving security requirements.
The latest enhancements in KATA 7.0 address key customer challenges by delivering full visibility across IT infrastructure, advanced defense against sophisticated threats, and a streamlined, resource-efficient security solution. The update introduces network telemetry export from Kaspersky Endpoint Security for Windows and Linux, adding one more additional source of network data collection to copy of SPAN traffic, which improves visibility and threat detection.
The introduction of new asset management, network map, and network session table modules, provides SOC analysts with enhanced tools for monitoring and managing network security through graphical representations, advanced filtering, and interactive features. These additions create a complete network inventory and management system.
The updated platform also strengthens internal traffic monitoring with new NDR IDS rules for east-west traffic analysis, improving the detection of lateral movement, data exfiltration and other malicious attempts that could previously have gone unnoticed. Additionally, new risk and anomaly detection capabilities identify hidden threats and potential security vulnerabilities before they escalate into breaches, helping organizations proactively manage cybersecurity risks.
As KATA offers comprehensive security at both the network and endpoint levels, its Endpoint Detection and Response technology, EDR Expert, has also undergone significant updates in version 7.0. The variety of collected telemetry types has been expanded, providing enhanced visibility into an event at endpoints.
Threat hunting search capabilities have also been improved, with search now available across all the events attributes. This enables more effective threat detection and creates more accurate exceptions to minimize false positives. Sigma-rules support has also added with this update meaning it is now possible to find threats according to the condition contained in the Sigma rule in historical data or new events collected from the endpoints.
'With the launch of KATA 7.0, we are reinforcing our commitment to providing enterprises with a fully integrated security solution capable of detecting and mitigating complex threats across both network and endpoint levels,' said Alexander Rumyantsev, Senior Product Manager Cloud & Network Security at Kaspersky. 'These enhanced NDR capabilities, expanded visibility, and real-time intelligence empower organizations to detect and mitigate threats more effectively than ever before.'
For more information about Kaspersky Anti Targeted Attack 7.0, please visit the link.
About Kaspersky
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company's comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Zawya
2 days ago
- Zawya
AmiViz extends Kaspersky alliance across GCC following Egypt success
Dubai, UAE: AmiViz, the Middle East's leading cybersecurity-focused value-added distributor, and global cybersecurity leader Kaspersky have announced the expansion of their successful partnership from Egypt into the wider GCC region. This development builds on years of strong collaboration in Egypt, where both companies have empowered partners with robust cybersecurity solutions while addressing a rapidly evolving threat landscape. The partnership in Egypt has proven to be a powerful model of synergy, combining Kaspersky's globally recognized security technologies with AmiViz's partner enablement capabilities and strong distribution network. With a solid foundation of trust, performance, and shared vision, the two companies are now extending their alliance across key GCC markets. 'Our collaboration with Kaspersky in Egypt has demonstrated the true power of partnership, driving growth, innovation, and trust in the cybersecurity space,' said Ilyas Mohammed, COO at AmiViz. 'With our strong partner ecosystem and digital-first approach, we're excited to scale this success across the GCC and deliver even greater value and protection to our customers.' This regional expansion reflects a mutual commitment to strengthening cybersecurity resilience through smarter partner engagement and broader access to cutting-edge solutions. AmiViz will accelerate Kaspersky's reach through its highly evolved distribution model and local expertise, while Kaspersky brings its extensive portfolio of threat intelligence and endpoint security to more organizations. 'As cybersecurity demand continues to grow across the Middle East, we're excited to expand our collaboration with AmiViz into the Gulf region, building on the success of our partnership in Egypt,' said Samer Malak, Head of Channel for Middle East, Turkiye and Africa at Kaspersky. 'Together, we aim to equip our partners with Kaspersky's award-winning portfolio, enabling them to better protect their customers and address evolving cybersecurity needs.' About AmiViz AmiViz is a leading cybersecurity-focused value-added distributor headquartered in the Middle East, with a unique marketplace designed to serve the interests of enterprise resellers and vendors. Our unwavering focus on cybersecurity solutions ensures unparalleled expertise and personalised service for our partners. At AmiViz, cybersecurity isn't an afterthought-it's our core mission. We deliver top-tier products and services that safeguard businesses. Our close collaboration with vendors, resellers, and consultants ensures tailored solutions that address regional challenges. We empower businesses to thrive in a digital world by providing cutting-edge tools, knowledge, and support. About Kaspersky Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company's comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and over 200,000 corporate clients protect what matters most to them.
Gulf Business
2 days ago
- Gulf Business
Crypto scam alert: 5 things to know about the new Google Forms fraud, says Kaspersky
Image: Getty Images/ For illustrative purposes Kaspersky researchers have flagged a new scam campaign targeting cryptocurrency users by abusing the legitimacy of Google Forms. Here's what you need to know: 1. The scam starts with a fake Google Forms confirmation Attackers are using Google Forms – a free tool typically used for surveys – to trigger automated confirmation emails. These emails appear to come from Google itself, tricking users into thinking they've received a legitimate crypto transaction alert. The form usually includes only one field: the user's email address. 2. Emails mimic crypto exchange notifications The phishing emails are carefully designed to look like alerts from a cryptocurrency exchange. They mention a pending crypto payout and urge users to click a link before the offer 'expires.' This manufactured urgency pushes recipients to act without verifying the source. 3. Clicking the link takes you to a scam site If the user clicks the link, they land on a website made to resemble a crypto transaction platform. Here, victims are asked to contact so-called 'blockchain support' and make a small commission payment in cryptocurrency to receive the fake transfer. Following this process often leads to loss of funds, as the entire transaction is fabricated. 4. The attack bypasses spam filters using trusted infrastructure Since the email is technically sent from a legitimate Google domain, it often passes through spam filters undetected. This makes the scam harder to identify. The combination of a real Google email address and familiar design elements can deceive even cautious users. 5. Stay vigilant Andrey Kovtun, Email Threats Protection group manager at Kaspersky, warns that 'the campaign demonstrates a cunning exploitation of a trusted platform.' Avoid clicking unexpected links Watch for suspicious details like unfamiliar Google Forms content Use reliable security tools to block fraudulent sites If an email promises free crypto but asks for payment first, it's likely a scam. Users should verify the source and never trust links blindly — even if the sender appears legitimate. Read:
Zawya
5 days ago
- Zawya
Kaspersky reveals SharePoint ToolShell vulnerabilities stem from incomplete 2020 fix
Kaspersky's Global Research and Analysis Team (GReAT) discovered that the recently exploited ToolShell vulnerabilities in Microsoft SharePoint originate from an incomplete fix for CVE-2020-1147, first reported in 2020. The SharePoint vulnerabilities have emerged as a major cybersecurity threat this year amid active exploitation. Kaspersky Security Network showed exploitation attempts worldwide, including in Egypt, Jordan, Russia, Vietnam and Zambia. The attacks target organizations across government, finance, manufacturing, forestry and agriculture sectors. Kaspersky solutions proactively detected and blocked ToolShell attacks before the vulnerabilities were publicly disclosed. Kaspersky GReAT researchers analyzed the published ToolShell exploit and found it alarmingly similar to the 2020 CVE-2020-1147 exploit. This suggests that the CVE-2025-53770 patch is, in fact, an effective fix for the vulnerability that CVE-2020-1147 attempted to address five years ago. The connection to CVE-2020-1147 became evident following the discovery of CVE-2025-49704 and CVE-2025-49706, patched on July 8. However, these fixes could be bypassed by adding a single forward slash to the exploit payload. Once Microsoft learned of active exploitation of these vulnerabilities, they responded with comprehensive patches that addressed potential bypass methods, designating the vulnerabilities as CVE-2025-53770 and CVE-2025-53771. The surge in attacks against SharePoint servers worldwide occurred during the window between initial exploitation and full patch deployment. Despite patches now being available for the ToolShell vulnerabilities, Kaspersky expects attackers will continue exploiting this chain for years to come. "Many high-profile vulnerabilities remain actively exploited years after discovery — ProxyLogon, PrintNightmare and EternalBlue still compromise unpatched systems today. We expect ToolShell to follow the same pattern: its ease of exploitation means the public exploit will soon appear in popular penetration testing tools, ensuring prolonged use by attackers," said Boris Larin, principal security researcher at Kaspersky GReAT. To stay safe, Kaspersky recommends: Organizations using Microsoft SharePoint must apply the latest security patches immediately. This applies to all high-risk vulnerabilities, as even brief exposure can lead to compromise. Deploy cybersecurity solutions that protect against zero-day exploits when patches aren't yet available. Kaspersky Next, with its Behavior Detection component, proactively blocks exploitation of such vulnerabilities. Read the full report on About Kaspersky Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company's comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and over 200,000 corporate clients protect what matters most to them. Learn more at
