Understanding Code Signing Abuse in Malware Campaigns
Using a machine learning system, we analyzed 3 million software downloads, involving hundreds of thousands of internet-connected machines, and provide insights in this three-part blog series. In the first part of this series, we took a closer look at unpopular software downloads and the risks they pose to organizations. We also briefly mentioned the problem […] more…CVE-2017-0780: Denial-of-Service Vulnerability can Crash Android Messages App
by Jason Gu and Seven Shen Just about anyone can appreciate a good old meme GIF every now and then, but what if one caused your Android Messages to crash? A denial-of-service vulnerability we recently disclosed to Google can do exactly that and more. Designated as CVE-2017-0780, we’ve confirmed it to be in the latest […] more…Lurk: Retracing the Group’s Five-Year Campaign
by Fyodor Yarochkin and Vladimir Kropotov (Senior Threat Researchers) Fileless infections are exactly what their namesake says: they’re infections that don’t involve malicious files being downloaded or written to the system’s disk. While fileless infections are not necessarily new or rare, it presents a serious threat to enterprises and end users given its capability to […] more…Results of PoC Publishing
Dreams of a Threat Actor There are two crucial features of the Android OS protection system: it is impossible to download a file without user’s knowledge on a clean device; it is impossible to initialize installation of a third-party app without user’s knowledge on a clean device. These approaches greatly complicate malware writers’ lives: to […] more…All your creds are belong to us
Download the full report (PDF) With astonishing annual revenues of over a hundred billion dollars, the gaming industry has in the past been compared to Hollywood’s burgeoning business, repeatedly demonstrating the influence behind its ever expanding and loyal fan base. Having an endless list of “big hit” video-games coexisting peacefully with humble but still fun-filled […] more…“All your creds are belong to us”
Download the full report (PDF) With astonishing annual revenues of over a hundred billion dollars, the gaming industry has in the past been compared to Hollywood’s burgeoning business, repeatedly demonstrating the influence behind its ever expanding and loyal fan base. Having an endless list of “big hit” video-games coexisting peacefully with humble but still fun-filled […] more…Attack on Zygote: a new twist in the evolution of mobile threats
The main danger posed by apps that gain root access to a mobile device without the user’s knowledge is that they can provide access to far more advanced and dangerous malware with highly innovative architecture. We feared that Trojans obtaining unauthorized superuser privileges to install legitimate apps and display advertising would eventually start installing malware. […] more…Kaspersky Security Bulletin. Spam and phishing in 2015
Download PDF The year in figures According to Kaspersky Lab, in 2015 The proportion of spam in email flows was 55.28%, which is 11.48 percentage points lower than in 2014. 79% of spam emails were no more than 2 KB in size. 15.2% of spam was sent from the US. 146,692,256 instances that triggered the […] more…More information
- And you you thought you were safe behind your laptop screen…
- Senators Push to Reform Police’s Cellphone Tracking Tools
- Verizon to introduce SDN security feature later this month
- NASA CIO allows HPE contract to expire, refuses to sign-off on authority to operate
- TrueCrypt Provides Good Data Protection: Audit
- Hardware Move – Multiple Services Unavailable – January 9, 2014
- Intel beefs up open source Raspberry Pi challenger and slashes price
- Apple blames leaked nude celebrity photos on ‘targeted attack’
- 13 Year-Old Configuration Flaw Impacts Most SAP Deployments
- OpenAI to Offer Remedies to Resolve Italy’s ChatGPT Ban