Super Hero like Speed on DXL
Speed and Agility Superheroes are part of the lore of American culture — the thought of human-being acquiring superhuman power such as flight, invisibility, breathing underwater has always been intriguing to many. The thought of speed and agility is one of those sets of powers that has caught a lot of attention — the ability […] more…How Security Products are Tested – Part 1
The demand for tests appeared almost simultaneously with the development of the first antivirus programs – in the mid-to-late 1990s. Demand created supply: test labs at computer magazines started to measure the effectiveness of security solutions with the help of self-made methodologies, and later an industry of specialized companies emerged with a more comprehensive approach […] more…Mobile apps and stealing a connected car
The concept of a connected car, or a car equipped with Internet access, has been gaining popularity for the last several years. The case in point is not only multimedia systems (music, maps, and films are available on-board in modern luxury cars) but also car key systems in both literal and figurative senses. By using […] more…Do web injections exist for Android?
Web injection attacks There’s an entire class of attacks that targets browsers – so-called Man-in-the-Browser (MITB) attacks. These attacks can be implemented using various means, including malicious DLLs, rogue extensions, or more complicated malicious code injected into pages in the browser by spoofing proxy servers or other ways. The purpose of an MITB attack may […] more…Kaspersky Security Bulletin 2016. The ransomware revolution
Download the PDF Introduction In 2016, ransomware continued its rampage across the world, tightening its hold on data and devices, and on individuals and businesses. The numbers speak for themselves: 62 new ransomware families made their appearance. There was an 11-fold increase in the number of ransomware modifications: from 2,900 new modifications in January/March, to […] more…Kaspersky Security Bulletin 2016. Story of the year
Download the PDF Introduction In 2016, ransomware continued its rampage across the world, tightening its hold on data and devices, and on individuals and businesses. The numbers speak for themselves: 62 new ransomware families made their appearance. There was an 11-fold increase in the number of ransomware modifications: from 2,900 new modifications in January/March, to […] more…Malicious code and the Windows integrity mechanism
Introduction Ask any expert who analyzes malicious code for Windows which system privileges malware works with and wants to acquire and, without a second thought, they’ll tell you: “Administrator rights”. Are there any studies to back this up? Unfortunately, I was unable to find any coherent analysis on the subject; however, it is never too […] more…Kaspersky Security Bulletin. Predictions for 2017
Download the PDF Yet another year has flown past and, as far as notable infosec happenings are concerned, this is one for the history books. Drama, intrigue and exploits have plagued 2016 and, as we take stock of some of the more noteworthy stories, we once again cast our gaze forward to glean the shapes […] more…How Intel Security Made a Manufacturing Company’s Interconnected Security Dream a Reality
Thomas Langer, Head of IT security for the German-based industrial packaging group MAUSER, needed a comprehensive security solution to protect his company’s intricate infrastructure. His one requirement: the solution must help them to share threat intelligence among all endpoints and networks, across 80 locations worldwide. That same threat intelligence would then be automatically analyzed and […] more…Defense Evolved: From Threat Intelligence, to Investigation, to Orchestration with DXL
In my last post, I discussed the attributes of our adversaries, the drivers behind their activities, and their recent attack methodologies. I also discussed the threat defense efficacy curve, which illustrates how cyber defense capabilities decline in efficacy over time as attackers develop countermeasures to evade them. My FOCUS 16 keynote last week also explained […] more…IT threat evolution Q3 2016. Statistics
Download the full report (PDF) Statistics All the statistics used in this report were obtained using Kaspersky Security Network (KSN), a distributed antivirus network that works with various anti-malware protection components. The data was collected from KSN users who agreed to provide it. Millions of Kaspersky Lab product users from 213 countries and territories worldwide […] more…Intel Security Innovation Alliance 2016 DEVCON Awards
Innovation and enthusiasm fuel the Intel Security Innovation Alliance program, and we are excited to see that our partners are actively pursuing opportunities to integrate their products with our technologies to extend our open, connected ecosystem. Every year at the Intel Security Innovation Alliance Developers Conference (SIA DEVCON)—which takes place in conjunction with the Intel […] more…The Rise and Fall of Encryptor RaaS
by Stephen Hilt and Fernando Mercês Back in July 2015, a new ransomware as a service named “Encryptor RaaS” (detected by Trend Micro as RANSOM_CRYPRAAS.SM) entered the threat scene, rivaling or at least expecting to succeed the likes of similar get-rich-quick schemes from Tox and ORX Locker. The newcomer appeared to be a dark horse: […] more…Gugi: from an SMS Trojan to a Mobile-Banking Trojan
In the previous article, we described the mechanisms used by Trojan-Banker.AndroidOS.Gugi.c to bypass a number of new Android 6 security features. In this article, we review the entire Gugi mobile-banking Trojan family in more detail. The use of WebSocket by Gugi The mobile-banking Trojan family, Trojan-Banker.AndroidOS.Gugi is interesting due to its use of the WebSocket […] more…IT threat evolution in Q2 2016. Statistics
Download the full report (PDF) All the statistics used in this report were obtained using Kaspersky Security Network (KSN), a distributed antivirus network that works with various anti-malware protection components. The data was collected from KSN users who agreed to provide it. Millions of Kaspersky Lab product users from 213 countries and territories worldwide participate […] more…IT threat evolution in Q2 2016. Overview
Download the full report (PDF) Targeted attacks and malware campaigns Cha-ching! Skimming off the cream Earlier in the year, as part of an incident response investigation, we uncovered a new version of the Skimer ATM malware. The malware, which first surfaced in 2009, has been re-designed. So too have the tactics of the cybercriminals using […] more…More information
- Microsoft Git for Visual Studio CVE-2019-1349 Remote Code Execution Vulnerability
- Microsoft discloses security breach of customer support database
- Why it makes sense for Apple to join the ‘Fediverse’
- Police arrest man in UK over US Defense Department network intrusion
- Trump’s national security pick is a cybersecurity hawk
- Japan’s Alsok to launch warning system for unwelcome drones
- Is Amazon hacking our apps? Or doing us all a security favour?
- 13 tech luminaries we lost in 2020
- How Twitter Survived Its Biggest Hack—and Plans to Stop the Next One
- Leaked Credentials Service Shuts Down