Fake Ransomware Infection Spooks Website Owners
Starting this past Friday we have seen a number of websites showing a fake ransomware infection. Google search results for “FOR RESTORE SEND 0.1 BITCOIN” were sitting at 6 last week and increased to 291 at the time of writing this. Upon visiting their website webmasters have been met with an alarming message: SITE ENCRYPTED […] more…Streaming wars continue — what about cyberthreats?
Last year became a banner year for the online entertainment industry. Driven by the pandemic lockdown restrictions and imposed work-from-home policies, people got to spend more time at home looking for replacements for familiar sources of entertainment. While theatres and sports stadiums suffered from a lack of live events, other businesses, like online streaming services, […] more…DDoS attacks in Q3 2021
News overview Q3 2021 brought two new DDoS attack vectors, potentially posing a serious threat, including for major web resources. A team of researchers from the University of Maryland and the University of Colorado Boulder found a way to spoof the victim’s IP address over TCP. To date, amplification attacks have mostly been carried out […] more…Spam and phishing in Q3 2021
Quarterly highlights Scamming championship: sports-related fraud This summer and early fall saw some major international sporting events. The delayed Euro 2020 soccer tournament was held in June and July, followed by the equally delayed Tokyo Olympics in August. Q3 2021 also featured several F1 Grand Prix races. There was no way that cybercriminals and profiteers could […] more…How we took part in MLSEC and (almost) won
This summer Kaspersky experts took part in the Machine Learning Security Evasion Competition (MLSEC) — a series of trials testing contestants’ ability to create and attack machine learning models. The event is comprised of two main challenges — one for attackers, and the other for defenders. The attacker challenge was split into two tracks — […] more…Introducing VirusTotal MSSP Program: Differentiate and become indispensable with preventive capabilities
Today we are excited to announce our VirusTotal MSSP partner program, providing partners a competitive advantage to differentiate and enrich their security offering with world-class crowdsourced intelligence. Before we continue, you can find full information of the program on our program website, and we invite you to attend our kick-off webinar next November 17th, 5pm […] more…Extracting type information from Go binaries
During the 2021 edition of the SAS conference, I had the pleasure of delivering a workshop focused on reverse-engineering Go binaries. The goal of the workshop was to share basic knowledge that would allow analysts to immediately start looking into malware written in Go. A YouTube version of the workshop was released around the same […] more…APT trends report Q3 2021
For more than four years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They […] more…Russian-speaking cybercrime evolution: What changed from 2016 to 2021
Experts at Kaspersky have been investigating various computer incidents on a daily basis for over a decade. Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that […] more…Trickbot module descriptions
Trickbot (aka TrickLoader or Trickster), is a successor of the Dyre banking Trojan that was active from 2014 to 2016 and performed man-in-the-browser attacks in order to steal banking credentials. Trickbot was first discovered in October 2016. Just like Dyre, its main functionality was initially the theft of online banking data. However, over time, its […] more…Google Keep cheat sheet: How to get started
Google Keep lets you create notes and to-do lists that sync across your computer and phone or tablet. It’s handy in a variety of ways: You can record voice memos, and Keep will transcribe them as text notes. You can include images in your notes, and if text is shown in an image, the image […] more…Ransomware in the CIS
Introduction These days, when speaking of cyberthreats, most people have in mind ransomware, specifically cryptomalware. In 2020–2021, with the outbreak of the pandemic and the emergence of several major cybercriminal groups (Maze, REvil, Conti, DarkSide, Avaddon), an entire criminal ecosystem took shape, leading to a mounting worldwide wave of attacks on large organizations with pockets […] more…What’s in the latest Firefox update? 93 improves SmartBlock, debuts sponsored search suggestions
Mozilla this week updated Firefox to version 93, which now blocks downloads over insecure connections, improves the browser’s anti-tracking prowess and introduces Firefox Suggest, the newest way the company will try to earn revenue. The organization’s security engineers also patched seven vulnerabilities, four marked “High,” Firefox’s second-most-serious label. The majority of those vulnerabilities were in […] more…Ransomware in a global context
Today we are proud to announce our very first VirusTotal Ransomware Activity Report. This initiative is designed to help researchers, security practitioners and the general public better understand the nature of ransomware attacks by sharing VirusTotal’s visibility. We are also organizing a series of webinars describing the main findings of our research, so please join […] more…Suit Blames Baby’s Death on Cyberattack at Alabama Hospital
An Alabama woman whose 9-month-old daughter died has filed suit against the hospital where she was born claiming it did not disclose that its computer systems had been crippled by a cyberattack, which resulted in diminished care that resulted in the baby’s death. read more more…Why Can’t We Automate Everything?
You can’t automate every business process. While I love automation and promote the concept, I know its limitations. This viewpoint needs to be recognized and observed as more security officials implement automation within their organizations. I’d estimate that for most enterprises, the first 80 percent of migrating and integrating processes to automation is easy to […] more…More information
- Strong security of Apple Pay exposes weakness in banking system
- New point-of-sale malware Multigrain steals card data over DNS
- Microsoft Windows Kernel CVE-2017-0050 Local Privilege Escalation Vulnerability
- Outlook “mail issues” phishing – don’t fall for this scam!
- Who is SophosLabs: James Wyke, Senior Threat Researcher
- Facebook Blocks 115 Accounts on Eve of US Election
- How to Fix “Not Secure” Warnings and SSL Issues in WordPress (8 Steps)
- Top 5 email security best practices to prevent malware distribution
- ‘Machete’ Cyberspies Target Military in Venezuela, Ecuador
- Norsk Hydro Restoring Systems, But Not Paying Ransom