Bug Alert! All 330 Million Twitter Users Need to Change Their Passwords Immediately
Tweet, tweet! No, that’s not a bird you’re hearing outside your window, that’s Twitter kindly reminding you to change your password immediately. And that goes for every single user, as it was discovered just today, on World Password Day no less, that all 330 million Twitter users need to change their passwords to their accounts […] more…How To Protect Today’s Smart Home
We love our kids, and we want the best for them. In today’s connected world, the role of a parent includes deciding how much to let technology impact our kids’ lives. Sometimes that role involves the choice to either disconnect more so our little ones can develop without too much tech influence, or to take […] more…Kaspersky Security Bulletin 2016. The ransomware revolution
Download the PDF Introduction In 2016, ransomware continued its rampage across the world, tightening its hold on data and devices, and on individuals and businesses. The numbers speak for themselves: 62 new ransomware families made their appearance. There was an 11-fold increase in the number of ransomware modifications: from 2,900 new modifications in January/March, to […] more…Kaspersky Security Bulletin 2016. Story of the year
Download the PDF Introduction In 2016, ransomware continued its rampage across the world, tightening its hold on data and devices, and on individuals and businesses. The numbers speak for themselves: 62 new ransomware families made their appearance. There was an 11-fold increase in the number of ransomware modifications: from 2,900 new modifications in January/March, to […] more…One Bit To Rule A System: Analyzing CVE-2016-7255 Exploit In The Wild
Recently, Google researchers discovered a local privilege escalation vulnerability in Windows which was being used in zero-day attacks, including those carried out by the Pawn Storm espionage group. Microsoft was able to release a patch by the next Patch Tuesday, November 8. This entry provides a complete analysis of the vulnerability based on samples acquired […] more…Patch Tuesday of November 2016: Six Critical Bulletins, Eight Important
November is the second-to-last Patch Tuesday of 2016, and it brings a slightly higher than typical number of bulletins: six Critical bulletins and eight Important bulletins. The 8th is the earliest date that Patch Tuesday can take place in a month; December’s Patch Tuesday (and the last of 2016) takes place in exactly five weeks. Among the […] more…Together is Power: FOCUS 16 and the Future of Cybersecurity
I led last week’s FOCUS 16 conversation with a simple question – “Are we safer together, or apart?” It was a powerful way to begin my keynote, and you can safely presume the answer I gave on behalf of all of us at Intel Security: cybersecurity outcomes are best when we work together. Together is […] more…Kaspersky DDOS intelligence report for Q3 2016
Q3 events Cybercrime as a Service In the last few months the scale of the global ‘Cybercrime as a Service’ infrastructure has been revealed – fully commercialized, with DDoS as one of the most popular services capable of launching attacks the likes of which have never seen before in terms of volume and technological complexity. […] more…Boo! The Spookiest Mobile Hacks of 2016
Endless candy, an excuse to dress up as a character from your favorite comic book, and carving pumpkins with family… What’s not to love about Halloween? But witches, ghosts, and goblins aren’t the only things to fear this time of year. This Halloween, there’s a different kind of spooky story—mobile hacks. Mobile security threats are […] more…Windows zero-day exploit used in targeted attacks by FruityArmor APT
A few days ago, Microsoft published the “critical” MS16-120 security bulletin with fixes for vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Silverlight and Microsoft Lync. One of the vulnerabilities – CVE-2016-3393 – was reported to Microsoft by Kaspersky Lab in September 2016. Here’s a bit of background on how this zero-day was discovered. […] more…Spam and phishing in Q2 2016
Download the full report (PDF) Spam: quarterly highlights The year of ransomware in spam Although the second quarter of 2016 has only just finished, it’s safe to say that this is already the year of ransomware Trojans. By the end of Q2 there was still a large number of emails with malicious attachments, most of […] more…Operation Ghoul: targeted attacks on industrial and engineering organizations
Introduction Kaspersky Lab has observed new waves of attacks that started on the 8th and the 27th of June 2016. These have been highly active in the Middle East region and unveiled ongoing targeted attacks in multiple regions. The attackers try to lure targets through spear phishing emails that include compressed executables. The malware collects […] more…IT threat evolution in Q2 2016. Overview
Download the full report (PDF) Targeted attacks and malware campaigns Cha-ching! Skimming off the cream Earlier in the year, as part of an incident response investigation, we uncovered a new version of the Skimer ATM malware. The malware, which first surfaced in 2009, has been re-designed. So too have the tactics of the cybercriminals using […] more…KSN Report: Mobile ransomware in 2014-2016
Part 1. KSN Report: PC ransomware in 2014-2016 Download PDF version Statistics The activity of mobile ransomware, although not as widely covered in the media as PC ransomware, also skyrocketed over the period covered by this report. Especially in the second half. Fig. 12: The number of users encountering mobile ransomware at least once in […] more…IT threats during the 2016 Olympic Games in Brazil
Olympic threats designed to trick you Are you planning to visit Brazil during the Olympic Games? Or watch it online? In this blog post we discuss the threats to visitors aiming to travel to Brazil to watch the games and to those planning to watch it online. In the first part we’ll talk about phishing […] more…Spam and phishing in Q1 2016
Spam: features of the quarter Trending: dramatic increase in volume of malicious spam The first quarter of 2016 saw a dramatic increase in the number of unsolicited emails containing malicious attachments. Over the last two years the number of email antivirus detections on computers with a Kaspersky Lab product installed fluctuated between 3 and 6 […] more…More information
- Adobe Plugs Security Holes in Acrobat, Reader Software
- Google Boosts Detection of Malicious Documents in Gmail
- Malware Wastes Paper, Triggers Printing and Ads
- Breached American Airlines Email Accounts Abused for Phishing
- VirusTotal += Tencent
- OpenSSH Patches Vulnerabilities Allowing MitM, DoS Attacks
- Veracode Buys Longbow Security for Automated Root Cause Analysis Tech
- Will World War III begin in cyberspace?
- Companies Respond to ‘Downfall’ Intel CPU Vulnerability
- Hacker Falsely Claiming to Breach FireEye Arrested, CEO Says