Patch Tuesday: Fixes for LNK, SMB, and SharePoint Bugs
This month’s Patch Tuesday had the highest number of entries so far in 2020 — a whopping 129, a continuation of the trend seen from the previous months. The update includes fixes for LNK, SMB, SharePoint, and Win32k vulnerabilities. While the update contained a significant number of patches, only 11 were rated Critical. One of […] more…Big threats using code similarity. Part 1
Today, we are announcing the release of KTAE, the Kaspersky Threat Attribution Engine. This code attribution technology, developed initially for internal use by the Kaspersky Global Research and Analysis Team, is now being made available to a wider audience. You can read more about KTAE in our official press release, or go directly to its […] more…Looking at Big Threats Using Code Similarity. Part 1
Today, we are announcing the release of KTAE, the Kaspersky Threat Attribution Engine. This code attribution technology, developed initially for internal use by the Kaspersky Global Research and Analysis Team, is now being made available to a wider audience. You can read more about KTAE in our official press release, or go directly to its […] more…Does PC Cleaning Improve Performance?
If you would like to maintain or restore the performance of your PC, cleaning it is a task you don’t want to overlook. In addition to boosting the speed of your PC, cleaning it on a regular basis also helps protect your personal information and identity from criminals. Cleaning your PC frees up storage space […] more…Cycldek: Bridging the (air) gap
Key findings While investigating attacks related to a group named Cycldek post 2018, we were able to uncover various pieces of information on its activities that were not known thus far. In this blog post we aim to bridge the knowledge gap on this group and provide a more thorough insight into its latest activities […] more…The zero-day exploits of Operation WizardOpium
Back in October 2019 we detected a classic watering-hole attack on a North Korea-related news site that exploited a chain of Google Chrome and Microsoft Windows zero-days. While we’ve already published blog posts briefly describing this operation (available here and here), in this blog post we’d like to take a deep technical dive into the […] more…Spam and phishing in Q1 2020
Quarterly highlights Don’t get burned Burning Man is one of the most eagerly awaited events among fans of spectacular performance and installation art. The main obstacle to attending is the price of admission: a standard ticket will set you back $475, the number is limited, and the buying process is a challenge all by itself […] more…IT threat evolution Q1 2020
Targeted attacks and malware campaigns Operation AppleJeus: the sequel In 2018, we published a report on Operation AppleJeus, one of the more notable campaigns of the threat actor Lazarus, currently one of the most active and prolific APT groups. One notable feature of this campaign was that it marked the first time Lazarus had targeted […] more…IT threat evolution Q1 2020. Statistics
These statistics are based on detection verdicts for Kaspersky products received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, Kaspersky solutions blocked 726,536,269 attacks launched from online resources in 203 countries across the globe. A total of 442,039,230 unique URLs were recognized as malicious by Web Anti-Virus components. […] more…Cloud configuration drift leaves organizations open to attack, research finds
Many organizations are automating their cloud infrastructure deployments through code. This allows them to establish a secure configuration baseline early in their DevOps lifecycle, but the security posture of most cloud resources later drifts due to undocumented changes that often remain undetected. [ Follow these 5 tips for better cloud security. | Get the latest […] more…Good Malware Protection Doesn’t Need to Slow You Down!
Good malware protection doesn’t need to slow you down! “Security software slows down my PC.” This is a comment that is often heard when talking about malware protection on computers and laptops. While this may be true for many security products, even including the security software that is built into the Windows operating system, this […] more…Netwalker Fileless Ransomware Injected via Reflective Loading
By Karen Victor Threat actors are continuously creating more sophisticated ways for malware to evade defenses. We have observed Netwalker ransomware attacks that involve malware that is not compiled, but written in PowerShell and executed directly in memory and without storing the actual ransomware binary into the disk. This makes this ransomware variant a fileless […] more…Cyberthreats on lockdown
Every year, our anti-malware research team releases a series of reports on various cyberthreats: financial malware, web attacks, exploits, etc. As we monitor the increase, or decrease, in the number of certain threats, we do not usually associate these changes with concurrent world events – unless these events have a direct relation to the cyberthreats, […] more…May Patch Tuesday: More Fixes for SharePoint, TLS, Runtime, and Graphic Components Released
This month’s Patch Tuesday includes 111 fixes for Microsoft. Of the 111 vulnerabilities, 16 have been rated Critical while the rest have been ranked Important. Four of the vulnerabilities rated as Important for this release were disclosed by the Zero Day Initiative (ZDI): two for remote code execution (RCE) and two for escalation of privileges. […] more…Shipping Giant Toll Confirms Hackers Stole Data in Recent Attack
After initially claiming that it had found no evidence of data being stolen as a result of the recently disclosed ransomware attack, Australian shipping giant Toll admitted on Tuesday that the attackers did manage to steal some data. read more more…DDoS attacks in Q1 2020
News overview Since the beginning of 2020, due to the COVID-2019 pandemic, life has shifted almost entirely to the Web — people worldwide are now working, studying, shopping, and having fun online like never before. This is reflected in the goals of recent DDoS attacks, with the most targeted resources in Q1 being websites of […] more…More information
- Firefox 14 gets kudos for security
- Know Your Audience When Speaking to Security Practitioners
- ANGEL archive scheduled for October 9
- Bugs in Lego Resale Site Allowed Hackers to Hijack Accounts
- Update: WebAccess Maintenance: Certificate Replacement
- SSCC 183 – It’s Data Privacy Day! Do something! [PODCAST]
- Microsoft ChakraCore Scripting Engine CVE-2018-8543 Remote Memory Corruption Vulnerability
- FBI Warns of Spoofed IC3 Website
- PCI DSS – Why it works
- UK’s NCSC Adopts HackerOne for Vulnerability Coordination Disclosure