Applied YARA training Q&A
Introduction On August 31, 2021 we ran a joint webinar between VirusTotal and Kaspersky, with a focus on YARA rules best practices and real world examples. If you didn’t have the chance to watch the webinar live, you can see it as a recording on Brighttalk: Applied YARA training. During the webinar we received an […] more…QakBot technical analysis
Main description QakBot, also known as QBot, QuackBot and Pinkslipbot, is a banking Trojan that has existed for over a decade. It was found in the wild in 2007 and since then it has been continually maintained and developed. In recent years, QakBot has become one of the leading banking Trojans around the globe. Its […] more…Gaming-related cyberthreats in 2020 and 2021
The video game industry is soaring, not in the least thanks to the lockdowns, which forced people to look for new ways to entertain themselves and socialize. Even with things going back to normal, gaming is expected to have a very bright future. Newzoo estimates the industry to gross 175.8 billion USD in 2021, which […] more…4 Viral Apps Risking Your Personal & Smartphone Security
Mobile phones have gone through an incredible transformation since their inception in the 1970s. Now, the sheer number of applications is dizzying, as are their privacy policies; however, smartphone apps can bring hours of fun and belly laughs, and occasionally, a viral app captures the world’s attention. Don’t let potential risks to your personal information safety ruin all smartphone apps for you. All you need to share and play safely is a […] more…Chipotle’s Marketing Account Hacked: Protect Yourself From Phishing Lures
Over the past few years, food delivery apps have made it easy for people to get their favorite cuisines brought to their doorsteps. In 2020, consumers grew more accustomed to the convenience of ordering take-out when dining in at restaurants was no longer an option. But as we look ahead into 2022, this trend is here to stay. According to a new report by ResearchAndMarkets, the global online […] more…IT threat evolution Q2 2021
Targeted attacks The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools and methodologies: one such example is the infamous “DLL side-loading triad”: a legitimate executable, a malicious DLL to be side-loaded by it and an encoded payload, generally dropped from a self-extracting archive. This was first thought to […] more…IT threat evolution in Q2 2021. PC statistics
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, in Q2 2021: Kaspersky solutions blocked 1,686,025,551 attacks from online resources across the globe. Web antivirus recognized 675,832,360 unique URLs as malicious. Attempts to run malware for stealing money […] more…XLSM Malware with MacroSheets
Excel-based malware has been around for decades and has been in the limelight in recent years. During the second half of 2020, we saw adversaries using Excel 4.0 macros, an old technology, to deliver payloads to their victims. They were mainly using workbook streams via the XLSX file format. In these streams, adversaries were able to enter code straight into cells (that’s why they were called macro-formulas). Excel 4.0 also used API level functions like […] more…Spam and phishing in Q2 2021
Quarterly highlights The corporate sector In Q2 2021, corporate accounts continued to be one of the most tempting targets for cybercriminals. To add to the credibility of links in emails, scammers imitated mailings from popular cloud services. This technique has been used many times before. A fake notification about a Microsoft Teams meeting or a request […] more…7 Safety Tips to Schooling in a Digital World
This fall, many students are headed back-to-school full time. However, just as workplaces now accommodate for remote work, schools are accommodating hybrid learning environments. While this may signal the end of things like snow days, it’s also created a new, more flexible style of learning that relies on computers, online connectivity, and apps to connect students with teachers and learning resources. It’s also a trend that’s […] more…APT trends report Q2 2021
For more than four years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They […] more…DDoS attacks in Q2 2021
News overview In terms of big news, Q2 2021 was relatively calm, but not completely eventless. For example, April saw the active distribution of a new DDoS botnet called Simps — the name under which it introduced itself to owners of infected devices. The malware creators promoted their brainchild on a specially set-up YouTube channel and Discord […] more…What is a VPN and Can it Hide My IP Address?
There’s a lot of misinformation about Virtual Private Networks, what they do, and the security benefits they offer. For this article, I’d like to do some myth-busting about how a VPN actually works and why you should use one. What is a VPN and how does it protect me? A VPN is an app that you install on your device to help keep your personal data safe as you browse the internet You may […] more…How to Secure Your Smart Home: A Step-by-Step Guide
How many rooms in your home contain a smart device? From Peloton bikes to showerheads with Bluetooth speakers, smart home technology is rapidly making its way into every room in every household. In fact, the number of smart households (those that contain smart home technology) in the U.S. is expected to grow to 77.05 million by 2025. But with new technology comes new challenges. Many product designers rush to get their smart devices to market, […] more…Managed Detection and Response in Q4 2020
Download full report (PDF) As cyberattacks become more sophisticated, and security solutions require more resources to analyze the huge amount of data gathered every day, many organizations feel the need for advanced security services that can deal with this growing complexity in real time, 24/7. This article contains some analytical findings from Managed Detection and […] more…COVID-19 Vaccine Passports: 5 Security Tips for You and Your Family
Depending on where your travels take you, you might need a new passport—a COVID-19 vaccine passport. In an effort to kickstart travel and local economies, these so-called vaccine passports are more accurately a certificate. Such a “passport” can offer proof that the holder has been fully vaccinated against the virus, and there are several of these passports developing in the wings. With all of this in motion, I wanted to give families a look at […] more…More information
- Update: Faculty Activity Insights (FAIS) Update – August 28
- Bill would force patent trolls to pay defendants’ legal bills
- Washington DC’s surveillance cameras hacked… to send spam
- Did Facebook’s emotion experiment break the law? ICO probes
- Man in Austria Used Legos to Hack Amazon’s Kindle E-Book Security
- Google Released Second Fix for Quick Share Flaws After Patch Bypass
- Not so safe: Security software can put computers at risk
- virustotal += Blueliv URL scanner
- Nvidia’s $40B deal for Arm could affect Apple
- Microsoft Warns of Exploited Exchange Server Zero-Day