Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign
by William Gamazo Sanchez and Joseph C. Chen In November 2019, we published a blog analyzing an exploit kit we named Capesand that exploited Adobe Flash and Microsoft Internet Explorer flaws. During our analysis of the indicators of compromise (IoCs) in the deployed samples that were infecting the victim’s machines, we noticed some interesting characteristics: […] more…DDoS Attacks in Q4 2018
News overview In Q4 2018, security researchers detected a number of new botnets, which included not only Mirai clones for a change. The fall saw increased activity on the part of the Chalubo bot, whose first attacks were registered in late August. Although the new malware employs snippets of Mirai code and the same persistence […] more…Inside of the WASP’s nest: deep dive into PyPI-hosted malware
Photo by Matheus Queiroz on Unsplash In late 2022 we decided to start monitoring PyPI, arguably the most important Python repository, as there were a number of reports on it hosting malware. PyPI took exceptional relevance amongst all repositories as, historically, it was trusted by default by many software developers. Any security breach or abuse […] more…Celebrate National Download Day With This Safe Downloading Checklist
Happy Download Day! (Yes, there’s a day for that.) Today is an excellent day to share downloading best practices to keep all your devices safe from malicious content. It’s tempting to download “free” shows, movies, and video games, but the consequences of doing so can be quite expensive. All it takes is for one malicious […] more…White House Announces Possible Rise in Cyberattacks—What You Can Do to Stay Safe
The White House recently reissued a warning to American businesses in response to the unprecedented economic sanctions the U.S. has imposed on Russia for the Ukraine invasion, stating, “There is now evolving intelligence that Russia may be exploring options for potential cyberattacks.” Along with this statement, the White House published a fact sheet outlining the […] more…The Big Reason Why You Should Update Your Browser (and How to Do It)
The humble internet browser. Dutifully taking you the places you want to go online, whether that’s the bank, the store, the movies, or even to work. All the more reason to make sure your browser gets every last bit of protection it can. It’s easy to fire up your browser without a second thought. Arguably, […] more…Travel Smart: Protecting Your Family’s Smartphones While on Vacation
Families are hitting the road again. And it’s absolutely no surprise that they’re taking their smartphones with them. Perhaps what is surprising is that so many of them may be hitting the road without any digital or mobile protection. Our recent research shows that 68% of people in the U.S. said that they’re planning to travel for leisure this year, slightly higher than the international average of 64%.1 However, our research also discovered […] more…DDoS attacks in Q1 2021
News overview Q1 2021 saw the appearance of two new botnets. News broke in January of the FreakOut malware, which attacks Linux devices. Cybercriminals exploited several critical vulnerabilities in programs installed on victim devices, including the newly discovered CVE-2021-3007. Botnet operators use infected devices to carry out DDoS attacks or mine cryptocurrency. Another active bot […] more…Mobile malware evolution 2020
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. The year in figures In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. Trends of the year In their campaigns to infect mobile […] more…DDoS attacks in Q4 2020
News overview Cybercriminals are constantly on the lookout for means and methods to make attacks more destructive. In Q4 2020, Citrix ADC (application delivery controller) devices became one such tool, when perpetrators abused their DTLS interface. The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, […] more…An overview of targeted attacks and APTs on Linux
Perhaps unsurprisingly, a lot has been written about targeted attacks on Windows systems. Windows is, due to its popularity, the platform for which we discover most APT attack tools. At the same time, there’s a widely held opinion that Linux is a secure-by-default operating system that isn’t susceptible to malicious code. It’s certainly true that […] more…Understanding Trojan Viruses and How to Get Rid of Them
Understanding Trojan Viruses and How to Get Rid of Them Basic online scenario—You log onto your computer and notice that something’s just not right, but you can’t quite put your finger on it. Something just seems…a bit off. If you’ve found yourself in this situation, or even thinking you are, there’s a real possibility you […] more…Malicious Optimizer and Utility Android Apps on Google Play Communicate with Trojans that Install Malware, Perform Mobile Ad Fraud
By Lorin Wu (Mobile Threats Analyst) We recently discovered several malicious optimizer, booster, and utility apps (detected by Trend Micro as AndroidOS_BadBooster.HRX) on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes, perform mobile ad fraud, and download as many as 3,000 malware variants or malicious […] more…The Top Technology Takeaways From CES 2020
Another Consumer Electronics Show (CES) has come and gone. Every year, this trade show joins practically everyone in the consumer electronics industry to show off the latest and greatest cutting-edge innovations in technology. From bendable tablets to 8k TVs and futuristic cars inspired by the movie “Avatar,” CES 2020 did not disappoint. Here are a […] more…Lessons Learned: A Decade of Digital Parenting
Give yourself a high-five, parents. Pour yourself a cup of coffee or your favorite celebratory drink and sip it slow — real slow. Savor the wins. Let go of the misses. Appreciate the lessons learned. You’ve come a long way in the last decade of raising digital kids, and not all of it has been […] more…49 Disguised Adware Apps With Optimized Evasion Features Found on Google Play
By Jessie Huang We recently found 49 new adware apps on Google Play, disguised as games and stylized cameras. These apps are typical adware, hiding themselves within mobile devices to show ads and deploying anti-uninstall and evasion functions. These apps are no longer live but before they were taken down by Google, the total number […] more…More information
- Facebook eyes paid Workplace feature expansion, ends free tier
- Trump’s attorney-general choice wants to ‘overcome encryption’
- New Mac malware infects and spreads via Xcode projects
- MacID: How to unlock your Mac using Touch ID
- US schools track teens by putting chips into students’ ID cards
- WannaCry: When the Theoretical Becomes Real
- Google Offers $31,337 for RCE Vulnerabilities
- US law enforcement sought mobile user data more than 1.3 million times in 2011
- Resolved: PASS Server Software Upgrade Scheduled for December 6
- Kinder, gentler hacks: A bevy of low-stakes early computer breaches