Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers
Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal
Kaspersky is a cybersecurity software provider whose endpoint tools and security advisories shape how organizations detect and respond to attacks.
Search across headline titles and summaries.
Background for this topic.
Kaspersky is a cybersecurity vendor whose software protects endpoints and servers through malware detection, behavioral monitoring, web and application controls, and centralized administration. Its threat-intelligence research and detection content are also used to identify campaigns, indicators of compromise, and malicious files. News under this tag commonly concerns product vulnerabilities, detection capabilities, advisories, and the handling of customer or threat data.
Deployments matter because endpoint agents operate with extensive privileges and inspect files, processes, network traffic, and sometimes sensitive content. A flaw in an agent, management console, update mechanism, or communication channel could therefore enable local or remote compromise, depending on exposure and configuration; administrators should track vendor advisories, patch promptly, and restrict management access. Organizations must also assess telemetry collection, data residency, and applicable procurement or regulatory restrictions before deployment. During an investigation, Kaspersky detections can provide useful evidence, but analysts should validate alerts and preserve independent forensic data rather than treating a single product verdict as definitive.
Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal
YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users