Lucene search
K
SecurelistRecent

1025 matches found

Securelist
Securelist
added 2017/12/18 10:0 a.m.14 views

Jack of all trades

Nowadays, it's all too easy to end up with malicious apps on your smartphone, even if you're using the official Google Play app store. The situation gets even worse when you go somewhere other than the official store – fake applications, limited security checks, and so on. However, the spread of...

7.2AI score
Exploits0
Securelist
Securelist
added 2017/12/14 10:0 a.m.44 views

Kaspersky Security Bulletin. Overall statistics for 2017

All the statistics used in this report were obtained using Kaspersky Security Network KSN, a distributed antivirus network that works with various anti-malware protection components. The data was collected from KSN users who agreed to provide it. Millions of Kaspersky Lab product users from 213...

6.8AI score
Exploits0
Securelist
Securelist
added 2017/12/12 10:0 a.m.16 views

Still Stealing

Two years ago in October 2015 we published a blogpost about a popular malware that was being distributed from the Google Play Store. Over the next two years we detected several similar apps on Google Play, but in October and November 2017 we found 85 new malicious apps on Google Play that are...

7.4AI score
Exploits0
Securelist
Securelist
added 2017/12/06 9:0 a.m.27 views

Cybercriminals vs financial institutions in 2018: what to expect

Introduction – key events in 2017 2017 was a year of great changes in the world of cyberthreats facing financial organizations. Firstly, in 2017 we witnessed a continuation of cyberattacks targeting systems running SWIFT — a fundamental part of the world's financial ecosystem. Attackers were able...

7.2AI score
Exploits0
Securelist
Securelist
added 2017/12/05 10:0 a.m.30 views

Kaspersky Security Bulletin: Review of the Year 2017

Introduction The end of the year is a good time to take stock of the main cyberthreat incidents that took place over the preceding 12 months or so. To reflect on the impact these events had on organizations and individuals, and consider what they could mean for the overall evolution of the threat...

6.9AI score
Exploits0
Securelist
Securelist
added 2017/11/28 10:0 a.m.20 views

Kaspersky Security Bulletin: Story of the year 2017

Download the Kaspersky Security Bulletin: Story of the year 2017 Introduction: what we learned in 2017 In 2017, the ransomware threat suddenly and spectacularly evolved. Three unprecedented outbreaks transformed the landscape for ransomware, probably forever. The attacks targeted businesses and...

6.9AI score
Exploits0
Securelist
Securelist
added 2017/11/27 10:0 a.m.16 views

IoT lottery: finding a perfectly secure connected device

Black Friday and Cyber Monday are great for shopping. Vendors flood the market with all kinds of goods, including lots of exciting connected devices that promise to make our life easier, happier and more comfortable. Being enthusiastic shoppers just like many other people around the world, at...

7.8AI score
Exploits0
Securelist
Securelist
added 2017/11/23 10:0 a.m.44 views

Android commercial spyware

There's certainly no shortage of commercial spying apps for Android, with most positioned as parental control tools. In reality, however, these apps barely differ from spyware, with the exception perhaps of the installation method. There's no need to even resort to Tor Browser or other darknet...

7.1AI score
Exploits0
Securelist
Securelist
added 2017/11/21 10:0 a.m.50 views

Threat Predictions for Connected Life in 2018

Download the Kaspersky Security Bulletin: Threat Predictions for Connected Life in 2018 Introduction: To be awake is to be online The average home now has around three connected computers and four smart mobile devices. Hardly surprising, considering that 86 per cent of us check the Internet sever...

7.8AI score
Exploits0
Securelist
Securelist
added 2017/11/17 10:0 a.m.41 views

Kaspersky Lab – Beyond Black Friday Threat Report, November 2017

Introduction The festive holiday shopping season, which covers Thanksgiving, Black Friday and Cyber Monday in late November as well as Christmas in December, now accounts for a significant share of annual sales for retailers, particularly in the U.S., Europe and APAC. Those selling clothing,...

6.6AI score
Exploits0
Securelist
Securelist
added 2017/11/16 10:0 a.m.516 views

Investigation Report for the September 2014 Equation malware detection incident in the US

Background In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee's home computer system. Given that Kaspersky Lab has been at the forefront of fighting cyberespionage and cybercriminal activities ...

10CVSS9.4AI score0.9941EPSS
Exploits251
Securelist
Securelist
added 2017/11/15 10:2 a.m.38 views

Threat Predictions for Cryptocurrencies in 2018

The landscape in 2017 Today, cryptocurrency is no longer only for computer geeks and IT pros. It's starting to affect people's daily life more than they realize. At the same time, it is fast becoming an attractive target for cybercriminals. Some cyberthreats have been inherited from e-payments,...

7.1AI score
Exploits0
Securelist
Securelist
added 2017/11/15 10:2 a.m.31 views

Threat Predictions for Financial Services and Fraud in 2018

The landscape in 2017 In 2017 we've seen fraud attacks in financial services become increasingly account-centric. Customer data is a key enabler for large-scale fraud attacks and the frequency of data breaches among other successful attack types has provided cybercriminals with valuable sources o...

6.9AI score
Exploits0
Securelist
Securelist
added 2017/11/15 10:2 a.m.29 views

Threat Predictions for Connected Health in 2018

The landscape in 2017 In 2017, Kaspersky Lab research revealed the extent to which medical information and patient data stored within the connected healthcare infrastructure is left unprotected and accessible online for any motivated cybercriminal to discover. For example, we found open access to...

6.9AI score
Exploits0
Securelist
Securelist
added 2017/11/15 10:2 a.m.53 views

Threat Predictions for Automotive in 2018

The landscape in 2017 Modern cars are no longer just electro-mechanical vehicles. With each generation, they become more connected and incorporate more intelligent technologies to make them smarter, more efficient, comfortable and safe. The connected-car market is growing at a five-year compound...

7.3AI score
Exploits0
Securelist
Securelist
added 2017/11/15 10:1 a.m.84 views

Kaspersky Security Bulletin: Threat Predictions for 2018

Download the Kaspersky Security Bulletin: Threat Predictions for 2018 Introduction As hard as it is to believe, it's once again time for our APT Predictions. Looking back at a year like 2017 brings the internal conflict of being a security researcher into full view: on the one hand, each new even...

7.2AI score
Exploits0
Securelist
Securelist
added 2017/11/15 10:0 a.m.45 views

Threat Predictions for Industrial Security in 2018

The landscape in 2017 2017 was one of the most intense in terms of incidents affecting the information security of industrial systems. Security researchers discovered and reported hundreds of new vulnerabilities, warned of new threat vectors in ICS and technological processes, provided data on...

6.9AI score
Exploits0
Securelist
Securelist
added 2017/11/14 9:41 a.m.530 views

APT Trends report Q3 2017

Introduction Beginning in the second quarter of 2017, Kaspersky's Global Research and Analysis Team GReAT began publishing summaries of the quarter's private threat intelligence reports in an effort to make the public aware of what research we have been conducting. This report serves as the next...

9.3CVSS8.2AI score0.99933EPSS
Exploits29
Securelist
Securelist
added 2017/11/10 10:45 a.m.1376 views

IT threat evolution Q3 2017. Statistics

Q3 figures According to KSN data, Kaspersky Lab solutions detected and repelled 277,646,376 malicious attacks from online resources located in 185 countries all over the world. 72,012,219 unique URLs were recognized as malicious by web antivirus components. Attempted infections by malware that ai...

10CVSS8.6AI score0.99933EPSS
Exploits88
Securelist
Securelist
added 2017/11/10 10:9 a.m.70 views

IT threat evolution Q3 2017

Targeted attacks and malware campaigns Re-enter the dragon In July, we reported on the recent activities of a targeted attack group called 'Spring Dragon' also known as LotusBlossom, whose activities data back to 2012. Spring Dragon makes extensive use of spear-phishing and watering-hole attacks...

7.6AI score
Exploits0
Securelist
Securelist
added 2017/11/08 10:0 a.m.46 views

Using legitimate tools to hide malicious code

The authors of malware use various techniques to circumvent defensive mechanisms and conceal harmful activity. One of them is the practice of hiding malicious code in the context of a trusted process. Typically, malware that uses concealment techniques injects its code into a system process, e.g...

7.2AI score
Exploits0
Securelist
Securelist
added 2017/11/06 10:0 a.m.59 views

DDoS attacks in Q3 2017

News Overview In the third quarter of 2017, the trends of the preceding quarters continued to develop further. The number of DDoS attacks in China, the United States, South Korea and Russia increased, which were reflected in the statistics we gathered for botnets. A sharp surge in the number more...

7.1AI score
Exploits0
Securelist
Securelist
added 2017/11/03 10:0 a.m.2213 views

Spam and phishing in Q3 2017

Quarterly highlights Blockchain and spam Cryptocurrencies have been a regular theme in the media for several years now. Financial analysts predict a great future for them, various governments are thinking about launching their own currencies, and graphics cards are swept off the shelves as soon a...

9.3CVSS7.9AI score0.99933EPSS
Exploits29
Securelist
Securelist
added 2017/11/01 11:26 a.m.59 views

Silence – a new Trojan attacking financial organizations

More information about the Silence Trojan is available to customers of Kaspersky Intelligence Reporting Service. Contact: [email protected] In September 2017, we discovered a new targeted attack on financial institutions. Victims are mostly Russian banks but we also found infected...

7.4AI score
Exploits0
Securelist
Securelist
added 2017/10/31 9:0 a.m.80 views

Tales from the blockchain

Cryptocurrency has gradually evolved from an element of a new world, utopian economy to a business that has affected even those sectors of society least involved in information technology. At the same time, it has acquired a fair number of "undesirable" supporters who aim to enrich themselves at...

7AI score
Exploits0
Securelist
Securelist
added 2017/10/30 9:0 a.m.1652 views

Gaza Cybergang – updated activity in 2017:

1. Summary information The Gaza cybergang is an Arabic-language, politically-motivated cybercriminal group, operating since 2012 and actively targeting the MENA Middle East North Africa region. The Gaza cybergang's attacks have never slowed down and its typical targets include government...

9.3CVSS8.6AI score0.99933EPSS
Exploits29
Securelist
Securelist
added 2017/10/26 9:0 a.m.468 views

Analyzing an exploit for СVE-2017-11826

The latest Patch Tuesday 17 October brought patches for 62 vulnerabilities, including one that fixed СVE-2017-11826 – a critical zero-day vulnerability used to launch targeted attacks – in all versions of Microsoft Office. The exploit for this vulnerability is an RTF document containing a DOCX...

9.3CVSS7.7AI score0.81454EPSS
Exploits3
Securelist
Securelist
added 2017/10/24 6:16 p.m.315 views

Bad Rabbit ransomware

UPDATE 27.10.2017. Decryption opportunity assessment. File recovery possibility. Verdicts What happened? On October 24th we observed notifications of mass attacks with ransomware called Bad Rabbit. It has been targeting organizations and consumers, mostly in Russia but there have also been report...

4.3CVSS7.5AI score0.99693EPSS
Exploits22
Securelist
Securelist
added 2017/10/24 9:0 a.m.129 views

Dangerous liaisons

It seems just about everyone has written about the dangers of online dating, from psychology magazines to crime chronicles. But there is one less obvious threat not related to hooking up with strangers – and that is the mobile apps used to facilitate the process. We're talking here about...

7AI score
Exploits0
Securelist
Securelist
added 2017/10/17 9:0 a.m.110 views

ATM malware is being sold on Darknet market

Disclaimer and warning ATM systems appear to be very secure, but the money can be accessed fairly easily if you know what you are doing. Criminals are exploiting hardware and software vulnerabilities to interact with ATMs, meaning they need to be made more secure. This can be achieved with the he...

7.3AI score
Exploits0
Securelist
Securelist
added 2017/10/16 2:28 p.m.720 views

BlackOasis APT and new targeted attacks leveraging zero-day exploit

More information about BlackOasis APT is available to customers of Kaspersky Intelligence Reporting Service. Contact: [email protected] Introduction Kaspersky Lab has always worked closely with vendors to protect users. As soon as we find new vulnerabilities we immediately inform the...

10CVSS9.5AI score0.99344EPSS
Exploits28
Securelist
Securelist
added 2017/10/10 9:0 a.m.76 views

ATMii: a small but effective ATM robber

While some criminals blow up ATMs to steal cash, others use less destructive methods, such as infecting the ATM with malware and then stealing the money. We have written about this phenomenon extensively in the past and today we can add another family of malware to the list - Backdoor.Win32.ATMii...

7.2AI score
Exploits0
Securelist
Securelist
added 2017/10/04 10:0 a.m.48 views

The Festive Complexities of SIGINT-Capable Threat Actors

To read the full paper and learn more about this, refer to "Walking in Your Enemy's Shadow: When Fourth-Party Collection Becomes Attribution Hell" Attribution is complicated under the best of circumstances. Sparse attributory indicators and the possibility of overt manipulation have proven enough...

7.4AI score
Exploits0
Securelist
Securelist
added 2017/09/28 12:0 p.m.18 views

Threat Landscape for Industrial Automation Systems in H1 2017

Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team Kaspersky Lab ICS CERT publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017. All statistical data used in this report was collected using the Kaspersk...

6.8AI score
Exploits0
Securelist
Securelist
added 2017/09/25 12:23 p.m.188 views

A simple example of a complex cyberattack

We're already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious...

9.3CVSS9.3AI score0.9679EPSS
Exploits1
Securelist
Securelist
added 2017/09/19 10:0 a.m.279 views

A Modern Hypervisor as a Basis for a Sandbox

In the field of information security, sandboxes are used to isolate an insecure external environment from a secure internal environment or vice versa, to protect against the exploitation of vulnerabilities, and to analyze malicious code. At Kaspersky Lab, we have several sandboxes, including an...

9.3CVSS10AI score0.86053EPSS
Exploits2
Securelist
Securelist
added 2017/09/18 9:0 a.m.84 views

An (un)documented Word feature abused by attackers

A little while back we were investigating the malicious activities of the Freakyshelly targeted attack and came across spear phishing emails that had some interesting documents attached to them. They were in OLE2 format and contained no macros, exploits or any other active content. However, a clo...

6.7AI score
Exploits0
Securelist
Securelist
added 2017/09/13 9:0 a.m.40 views

Connected Medicine and Its Diagnosis

Medical data is slowly but surely migrating from paper mediums to the digital infrastructure of medical institutions. Today, the data is "scattered" across databases, portals, medical equipment, etc. In some cases, the security of the network infrastructure of such organizations is neglected, and...

7AI score
Exploits0
Securelist
Securelist
added 2017/09/12 9:0 a.m.51 views

Miners on the Rise

Miners are a class of malware whose popularity has grown substantially this year. The actual process of cryptocurrency mining is perfectly legal, though there are groups of people who hoodwink unwitting users into installing mining software on their computers, or exploiting software vulnerabiliti...

7AI score
Exploits0
Securelist
Securelist
added 2017/09/07 9:10 a.m.71 views

Satoshi Bomb

Let us discuss what defines the profitability of bitcoin mining, what principles for mining speed adaptation were initially embedded into it, and why these principles can lead to the failure of the cryptocurrency in the long run. We assume that the reader has an idea of basic Bitcoin mechanics su...

7AI score
Exploits0
Securelist
Securelist
added 2017/08/31 11:0 a.m.58 views

Dissecting the Chrome Extension Facebook malware

It's been a few days since Kaspersky Lab's blog post about the Multi Platform Facebook malware that was spread through Facebook Messenger. At the same time as Kaspersky Lab were analyzing this threat, a few researchers where doing the same, including Frans Rosén, Security Advisor at Detectify...

6.9AI score
Exploits0
Securelist
Securelist
added 2017/08/30 2:43 p.m.66 views

Introducing WhiteBear

As a part of our Kaspersky APT Intelligence Reporting subscription, customers received an update in mid-February 2017 on some interesting APT activity that we called WhiteBear. Much of the contents of that report are reproduced here. WhiteBear is a parallel project or second stage of the Skipper...

7.3AI score
Exploits0
Securelist
Securelist
added 2017/08/29 9:0 a.m.40 views

Jimmy Nukebot: from Neutrino with love

"You FOOL! This isn't even my final form!" In one of our previous articles, we analyzed the NeutrinoPOS banker as an example of a constantly evolving malware family. A week after publication, this Neutrino modification delivered up a new malicious program classified by Kaspersky Lab as...

7.3AI score
Exploits0
Securelist
Securelist
added 2017/08/25 9:45 a.m.68 views

Neutralization reaction

Incident Response Guide PDF Despite there being no revolutionary changes to the cyberthreat landscape in the last few years, the growing informatization of business processes provides cybercriminals with numerous opportunities for attacks. They are focusing on targeted attacks and learning to use...

6.8AI score
Exploits0
Securelist
Securelist
added 2017/08/24 9:0 a.m.59 views

WAP-billing Trojan-Clickers on rise

During the preparation of the "IT threat evolution Q2 2017" report I found several common Trojans in the "Top 20 mobile malware programs" list that were stealing money from users using WAP-billing - a form of mobile payment that charges costs directly to the user's mobile phone bill so they don't...

7.3AI score
Exploits0
Securelist
Securelist
added 2017/08/24 8:37 a.m.41 views

New multi platform malware/adware spreading via Facebook Messenger

One good thing about having a lot of Facebook friends is that you simply act as a honey pot when your friends click on malicious things. A few days ago I got a message on Facebook from a person I very rarely speak to, and I knew that something fishy was going on. After just a few minutes analyzin...

7AI score
Exploits0
Securelist
Securelist
added 2017/08/22 9:0 a.m.1271 views

Spam and phishing in Q2 2017

Spam: quarterly highlights Delivery service Trojans At the start of Q2 2017, we registered a wave of malicious mailings imitating notifications from well-known delivery services. Trojan downloaders were sent out in ZIP archives, and after being launched they downloaded other malware –...

9.3CVSS8.4AI score0.99933EPSS
Exploits29
Securelist
Securelist
added 2017/08/17 9:0 a.m.55 views

Booking a Taxi for Faketoken

The Trojan-Banker.AndroidOS.Faketoken malware has been known about for already more than a year. Throughout the time of its existence, it has worked its way up from a primitive Trojan intercepting mTAN codes to an encrypter. The authors of its newer modifications continue to upgrade the malware,...

6.8AI score
Exploits0
Securelist
Securelist
added 2017/08/15 6:0 p.m.61 views

ShadowPad in corporate networks

ShadowPad, part 2: Technical Details PDF In July 2017, during an investigation, suspicious DNS requests were identified in a partner's network. The partner, which is a financial institution, discovered the requests originating on systems involved in the processing of financial transactions. Furth...

7.5AI score
Exploits0
Securelist
Securelist
added 2017/08/15 9:0 a.m.149 views

IT threat evolution Q2 2017

Targeted attacks and malware campaigns Back to the future: looking for a link between old and new APTs This year's Security Analyst Summit SAS included interesting research findings on several targeted attack campaigns. For example, researchers from Kaspersky Lab and King's College London present...

9.3CVSS7.2AI score0.50703EPSS
Exploits0
Total number of security vulnerabilities1025