KME A.I CyberSecurity Scoring
KME
Company Information
Website:http://me.kaspersky.com/en/
Employees number:31
Number of followers:14,043
NAICS:541514
Industry Type:Computer and Network Security
Homepage:kaspersky.com
KME Risk Score (AI oriented)
Between 700 and 749
KMEComputer and Network Security
Updated:
26/03/2026
26/03/2026
749/1000
Moderate
Ba
KME Global Score (TPRM)
xxxx
KMEComputer and Network Security
Score locked

KMEModerate
Current Score
749Ba (MODERATE)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
746
JUNE 2026
746
MAY 2026
749
APRIL 2026
749
MARCH 2026
749
FEBRUARY 2026
749
JANUARY 2026
749
DECEMBER 2025
749
NOVEMBER 2025
748
OCTOBER 2025
748
SEPTEMBER 2025
748
AUGUST 2025
748
JUNE 2021
749
Cyber Attack
16 Jun 2021 • KME
European Finance Company and Middle Eastern Government Department: China-linked hackers exploit ToolShell to hit telecom, government networks globally
Chinese Threat Actors Exploit Zero-Day ToolShell Vulnerability in Global Cyber Espionage Campaign
732
CRITICAL-17
ETIKAS1769561687
Chinese Threat Actors Exploit Zero-Day ToolShell Vulnerability in Global Cyber Espionage Campaign
New research from Symantec reveals that China-linked threat actors exploited the recently patched ToolShell vulnerability (CVE-2025-53770) to breach a telecommunications company in the Middle East and government agencies across Africa and South America in July 2025. The attacks, which began just days after Microsoft released patches, highlight the rapid weaponization of zero-day flaws by state-backed cyber operatives.
The campaign involved the deployment of Zingdoor, a Go-based HTTP backdoor previously attributed to the Chinese group Glowworm (Earth Estries/FamousSparrow), and KrustyLoader, a Rust-written malware linked to UNC5221, another China-nexus actor. Additional victims included a state technology agency in Africa, a Middle Eastern government department, and a European finance company. Attackers also leveraged ShadowPad, a modular Trojan, and the Sliver command-and-control framework, often abused for post-exploitation activities.
ToolShell, a critical flaw in on-premise SharePoint servers, allowed unauthenticated remote code execution and full system access. Microsoft confirmed that at least three Chinese groups Budworm (Linen Typhoon), Sheathminer (Violet Typhoon), and Storm-2603 exploited the vulnerability, with Storm-2603 deploying Warlock ransomware in some attacks. A related path traversal bug (CVE-2025-53771) was patched simultaneously.
The attackers used a mix of living-off-the-land binaries (LOLBins) and publicly available tools, including:
- Certutil (file download/decode)
- GoGo Scanner (automated network scanning)
- Revsocks (SOCKS5 proxy for firewall evasion)
- Procdump/Minidump/LsassDumper (credential harvesting)
- PetitPotam (CVE-2021-36942) (LSA spoofing for lateral movement)
Symantec’s investigation found that malicious activity in the Middle Eastern telecom firm began on July 21, 2025, with attackers sideloading Zingdoor via a legitimate Trend Micro binary and later deploying KrustyLoader on July 25. The campaign’s scale suggests mass scanning for vulnerable systems, followed by targeted intrusions for espionage and persistent access.
While overlaps exist with Glowworm’s past operations, Symantec could not conclusively attribute the attacks to a single group, though all evidence points to China-based actors. The incidents underscore the global reach of state-sponsored cyber threats and the urgency of patching critical vulnerabilities even as attackers exploit them within days of disclosure.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for KME ??
What was KME's A.I Rankiteo Cyber Score in June 2026 ??
What was KME's A.I Rankiteo Cyber Score in May 2026 ??
What was KME's A.I Rankiteo Cyber Score in April 2026 ??
What was KME's A.I Rankiteo Cyber Score in March 2026 ??
What was KME's A.I Rankiteo Cyber Score in February 2026 ??
What was KME's A.I Rankiteo Cyber Score in January 2026 ??
What was KME's A.I Rankiteo Cyber Score in December 2025 ??
What was KME's A.I Rankiteo Cyber Score in November 2025 ??
What was KME's A.I Rankiteo Cyber Score in October 2025 ??
What was KME's A.I Rankiteo Cyber Score in September 2025 ??
What was KME's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on KME's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with KME ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view KME's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?