Stop using password manager browser extensions
It’s been over a year since I presented on LostPass at ShmooCon, and in that time, many more bugs have been found in password managers. The most severe of which are in browser-based password managers extensions such as LastPass. Tavis Ormandy yesterday demonstrated a remote code execution on the latest LastPass version. This isn’t the […] more…TorrentLocker Changes Attack Method, Targets Leading European Countries
The TorrentLocker ransomware, which has been in a lull as of late, has recently come back with new variants (Detected by Trend Micro as Ransom_CRYPTLOCK.DLFLVV, Ransom_CRYPTLOCK.DLFLVW, Ransom_CRYPTLOCK.DLFLVS and Ransom_CRYPTLOCK.DLFLVU). These new variants are using a delivery mechanism that uses abused Dropbox accounts. This new type of attack is in line with our 2017 prediction that […] more…Spam and phishing in 2016
The year in figures According to Kaspersky Lab, in 2016: The proportion of spam in email flows was 58.31%, which is 3.03 percentage points more than in 2015. 62.16% of spam emails were no more than 2 KB in size. 12.08% of spam was sent from the US. Trojan.Win32.Bayrob was the most popular malware family […] more…Breaking The Weakest Link Of The Strongest Chain
Around July last year, more than a 100 Israeli servicemen were hit by a cunning threat actor. The attack compromised their devices and exfiltrated data to the attackers’ command and control server. In addition, the compromised devices were pushed Trojan updates, which allowed the attackers to extend their capabilities. The operation remains active at the […] more…Tracking the Decline of Top Exploit Kits
The latter half of 2016 saw a major shift in the exploit kit landscape, with many established kits suddenly dropping operations or switching business models. Angler, which has dominated the market since 2015, suddenly went silent. We tracked 3.4 million separate Angler attacks on our clients in the first quarter of 2016, and the rate […] more…Updated Sundown Exploit Kit Uses Steganography
This year has seen a big shift in the exploit kit landscape, with many of the bigger players unexpectedly dropping out of action. The Nuclear exploit kit operations started dwindling in May, Angler disappeared around the same time Russia’s Federal Security Service made nearly 50 arrests last June, and then in September Neutrino reportedly went […] more…Home Routers: Mitigating Attacks that can Turn them to Zombies
by Kevin Y. Huang, Fernando Mercês and Lion Gu With more households running smart devices that access the internet, the router is typically their only doorkeeper. And whether an end user has a laptop/desktop and router combo, or a miscellany of other devices connected to the network, the security risks are the same. Based on […] more…Businesses as Ransomware’s Goldmine: How Cerber Encrypts Database Files
Possibly to maximize the earning potential of Cerber’s developers and their affiliates, the ransomware incorporated a routine with heavier impact to businesses: encrypting database files. These repositories of organized data enable businesses to store, retrieve, sort, analyze, and manage pertinent information. When utilized effectively they help maintain the organization’s efficiency, so holding these mission-critical files […] more…Spam and phishing in Q3 2016
Download the full report (PDF) Spam: quarterly highlights Malicious spam Throughout 2016 we have registered a huge amount of spam with malicious attachments; in the third quarter, this figure once again increased significantly. According to KSN data, in Q3 2016 the number of email antivirus detections totaled 73,066,751. Most malicious attachments contained Trojan downloaders that […] more…SQLi, XSS zero-days expose Belkin IoT devices, Android smartphones
LONDON, UK – Research director Scott Tenaglia and lead research engineer Joe Tanen detailed the vulnerabilities during their ‘Breaking BHAD: Abusing Belkin Home Automation devices’ talk at the Black Hat Europe conference in London last Friday. The zero-day flaws specifically relate to Belkin’s smart home products and accompanying Android mobile application, which is used to […] more…IT threat evolution Q3 2016. Statistics
Download the full report (PDF) Statistics All the statistics used in this report were obtained using Kaspersky Security Network (KSN), a distributed antivirus network that works with various anti-malware protection components. The data was collected from KSN users who agreed to provide it. Millions of Kaspersky Lab product users from 213 countries and territories worldwide […] more…Untangling the Ripper ATM Malware
Last August , security researchers released a blog discussing a new ATM malware family called Ripper which they believe was involved in the recent ATM attacks in Thailand. Large numbers of ATMs were also temporarily shut down as a precautionary measure. That analysis gave an overview of the techniques used by the malware, the fact that it targets three major ATM vendors, and […] more…A malicious pairing of cryptor and stealer
We have already seen some cryptor attacks where malicious programs with different functions have been used in combination. For example, one version of the Shade cryptor checks victim computers for signs of accounting activity; if it finds any, it doesn’t encrypt the files, but instead installs remote control tools in the infected system. The bot […] more…The Hunt for Lurk
In early June, 2016, the Russian police arrested the alleged members of the criminal group known as Lurk. The police suspected Lurk of stealing nearly three billion rubles, using malicious software to systematically withdraw large sums of money from the accounts of commercial organizations, including banks. For Kaspersky Lab, these arrests marked the culmination of […] more…Spam and phishing in Q2 2016
Download the full report (PDF) Spam: quarterly highlights The year of ransomware in spam Although the second quarter of 2016 has only just finished, it’s safe to say that this is already the year of ransomware Trojans. By the end of Q2 there was still a large number of emails with malicious attachments, most of […] more…IT threat evolution in Q2 2016. Statistics
Download the full report (PDF) All the statistics used in this report were obtained using Kaspersky Security Network (KSN), a distributed antivirus network that works with various anti-malware protection components. The data was collected from KSN users who agreed to provide it. Millions of Kaspersky Lab product users from 213 countries and territories worldwide participate […] more…More information
- Facebook Nabs Russia-Linked Campaign to Fuel US Chaos
- CrowdStrike Speeding Up Remediation of Systems Hit by Blue Screen of Death
- 5 reasons not to root Android
- Facebook scans private messages to inflate the "Like" counter on websites
- No Exit: The Case for Moving Security Information Front and Center
- Researchers dismantle decade-long Iranian cyberespionage operation
- Tripwire for Real War? Cyber’s Fuzzy Rules of Engagement
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security"
- DOJ’s charges against China reframe security, surveillance debate
- Apple releases OS X 10.10.1 with Wi-Fi reliability fixes and more