PRINT
PRINT
SEND MAIL
SEND MAIL

Category: Security Feeds

Security FeedsCybercrimeSecurity technologySecurity conference

Why master YARA: from routine to extreme threat hunting cases. Follow-up

On 3rd of September, we were hosting our “Experts Talk. Why master YARA: from routine to extreme threat hunting cases“, in which several experts from our Global Research and Analysis Team and invited speakers shared their best practices on YARA usage. At the same time, we also presented our new online training covering some ninja secrets of using YARA to hunt for targeted attacks and APTs. Here is a brief summary of the agenda from that webinar: Tips and insights on efficient threat hunting…

Security FeedsAPTIndustrial threatsVulnerabilities and exploitsVulnerability Statistics

Threat landscape for industrial automation systems. H1 2020 highlights

Overall downward trend for percentages of attacked computers globally Beginning in H2 2019 we have observed a tendency for decreases in the percentages of attacked computers, both in the ICS and in the corporate and personal environments. In H1 2020 the percentage of ICS computers on which malicious objects were blocked has decreased by 6.6 percentage points to 32.6%. The number was highest in Algeria (58.1%), and lowest in Switzerland (12.7%). Despite the overall tendency for the percentages of attacked computers to decrease, we…

Security FeedsInternet of Things

Looking for sophisticated malware in IoT devices

One of the motivations for this post is to encourage other researchers who are interested in this topic to join in, to share ideas and knowledge and to help build more capabilities in order to better protect our smart devices. Research background Smart watches, smart home devices and even smart cars – as more and more connected devices join the IoT ecosystem, the importance of ensuring their security becomes patently obvious. It’s widely known that the smart devices which are now inseparable parts of…

Security FeedsAPTPublicationsFeaturedVulnerabilities and exploitsCyber espionageTargeted Attacks

An overview of targeted attacks and APTs on Linux

Perhaps unsurprisingly, a lot has been written about targeted attacks on Windows systems. Windows is, due to its popularity, the platform for which we discover most APT attack tools. At the same time, there’s a widely held opinion that Linux is a secure-by-default operating system that isn’t susceptible to malicious code. It’s certainly true that Linux hasn’t faced the deluge of viruses, worms and Trojans faced by those running Windows systems over the years. However, there is certainly malware for Linux – including PHP…

RDPSecurity FeedsMalware StatisticsPublicationsFeaturedMalicious spamThematic phishing

Digital Education: The cyberrisks of the online classroom

This past spring, as the COVID-19 pandemic took hold, online learning became the new norm as universities and classrooms around the world were forced to close their doors. By April 29, 2020, more than 1.2 billion children across 186 countries were impacted by school closures. Shortly after schools began to transition to emergency remote learning, it became clear that many were not ready for the kind of full-time, digital education now needed. Not all students had the technology that was required, from laptops to…

Security FeedsMalware StatisticsFeaturedMobile MalwareMalware reportsTrojan BankerTrojan-DropperStalkerwareSMS Trojan

IT threat evolution Q2 2020. Mobile statistics

IT threat evolution Q2 2020. Review IT threat evolution Q2 2020. PC statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, the second quarter saw: 1,245,894 detected malicious installers, of which 38,951 packages were related to mobile banking trojans 3,805 packages proved to be mobile ransomware trojans A total of 14,204,345 attacks on mobile devices were blocked Quarterly highlights In summing up the results of the…

Security FeedsMalware StatisticsFinancial malwareInternet of ThingsFeaturedVulnerabilities and exploitsMalware reportsMinerApple MacOSVulnerability StatisticsTrojan-Dropper

IT threat evolution Q2 2020. PC statistics

IT threat evolution Q2 2020. Review IT threat evolution Q2 2020. Mobile statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, in Q2: Kaspersky solutions blocked 899,744,810 attacks launched from online resources in 191 countries across the globe. As many as 286,229,445 unique URLs triggered Web Anti-Virus components. Attempted infections by malware designed to steal money via online access to bank accounts were logged on the…

RDPSecurity FeedsMalware DescriptionsFeaturedTargeted AttacksMalware TechnologiesMalware reportsexploit kits

IT threat evolution Q2 2020

IT threat evolution Q2 2020. PC statistics IT threat evolution Q2 2020. Mobile statistics Targeted attacks PhantomLance: hiding in plain sight In April, we reported the results of our investigation into a mobile spyware campaign that we call ‘PhantomLance’. The campaign involved a backdoor Trojan that the attackers distributed via dozens of apps in Google Play and elsewhere. Dr Web first reported the malware in July 2019, but we decided to investigate because the Trojan was more sophisticated than most malware for stealing money…

Security FeedsFeaturedVulnerabilities and exploitsMalware TechnologiesZero-day vulnerabilitiesMicrosoft Windows

Operation PowerFall: CVE-2020-0986 and variants

In August 2020, we published a blog post about Operation PowerFall. This targeted attack consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer 11 and an elevation of privilege exploit targeting the latest builds of Windows 10. While we already described the exploit for Internet Explorer in the original blog post, we also promised to share more details about the elevation of privilege exploit in a follow-up post. Let’s take a look at vulnerability CVE-2020-0986, how it was exploited by…