PRINT
PRINT
SEND MAIL
SEND MAIL

Category: Vulnerabilities and exploits

NEW TOOLS

Fud 100% services packages ready for sales

We offer a monthly Crypter service to make your files undetectable encrypted! this is how it works: You zip the files you want to encrypt and send them to our email cybersec@cybeseclabs.com then we will encrypt and make your files/file fud 100% (undetectable by any antivirus) and send them back to your email! We offer 3 packages: Standard Prenium Ultimate All those packages offer some unique futures to encrypt your file!  

Windows10

Black Window 10 v2

  Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

APTAPT reportsCyber espionageIndustrial threatsSecurity FeedsSofacySpear PhishingTargeted AttacksVulnerabilities and exploits

GreyEnergy’s overlap with Zebrocy

In October 2018, ESET published a report describing a set of activity they called GreyEnergy, which is believed to be a successor to BlackEnergy group. BlackEnergy (a.k.a. Sandworm) is best known, among other things, for having been involved in attacks against Ukrainian energy facilities in 2015, which led to power outages. Like its predecessor, GreyEnergy malware has been detected attacking industrial and ICS targets, mainly in Ukraine. Kaspersky Lab ICS CERT has identified an overlap between GreyEnergy and a Sofacy subset called “Zebrocy”. The…

FeaturedFinancial malwareKaspersky Security BulletinMalware StatisticsMinerSecurity FeedsTrojan BankerVulnerabilities and exploitsVulnerability Statistics

Kaspersky Security Bulletin 2018. Statistics

All the statistics used in this report were obtained using Kaspersky Security Network (KSN), a distributed antivirus network that works with various anti-malware protection components. The data was collected from KSN users who agreed to provide it. Millions of Kaspersky Lab product users from 213 countries and territories worldwide participate in this global exchange of information about malicious activity. All the statistics were collected from November 2017 to October 2018. The year in figures 30 .01% of user computers were subjected to at least…

APTBrowser PluginsCybercrimeData leaksFeaturedFinancial malwareInternet of ThingsKaspersky Security BulletinMobile SecurityOlympic DestroyerSecurity FeedsSmart homeSofacyTargeted AttacksTrojan BankerTurlaVulnerabilities and exploits

Kaspersky Security Bulletin 2018. Top security stories

Introduction The internet is now woven into the fabric of our lives. Many people routinely bank, shop and socialize online and the internet is the lifeblood of commercial organizations. The dependence on technology of governments, businesses and consumers provides a broad attack surface for attackers with all kinds of motives – financial theft, theft of data, disruption, damage, reputational damage or simply ‘for the lulz’. The result is a threat landscape that ranges from highly sophisticated targeted attacks to opportunistic cybercrime. All too often,…

FeaturedMicrosoft WindowsProof-of-ConceptSecurity FeedsVulnerabilities and exploitsZero-day vulnerabilities

A new exploit for zero-day vulnerability CVE-2018-8589

Yesterday, Microsoft published its security bulletin, which patches a vulnerability discovered by our technologies. We reported it to Microsoft on October 17, 2018. The company confirmed the vulnerability and assigned it CVE-2018-8589. In October 2018, our Automatic Exploit Prevention (AEP) systems detected an attempt to exploit a vulnerability in Microsoft’s Windows operating system. Further analysis revealed a zero-day vulnerability in win32k.sys. The exploit was executed by the first stage of a malware installer in order to gain the necessary privileges for persistence on the…

FeaturedFinancial malwareInternet of ThingsMalware DescriptionsMalware reportsMalware StatisticsMinerMobile MalwarePOS malwareSecurity FeedsTrojan BankerVulnerabilities and exploits

IT threat evolution Q3 2018. Statistics

These statistics are based on detection verdicts of Kaspersky Lab products received from users who consented to provide statistical data. Q3 figures According to Kaspersky Security Network: Kaspersky Lab solutions blocked 947,027,517 attacks launched from online resources located in 203 countries. 246,695,333 unique URLs were recognized as malicious by Web Anti-Virus components. Attempted infections by malware designed to steal money via online access to bank accounts were logged on the computers of 305,315 users. Ransomware attacks were registered on the computers of 259,867 unique…

APTFeaturedMicrosoft WindowsProof-of-ConceptSecurity FeedsVulnerabilities and exploitsZero-day vulnerabilities

Zero-day exploit (CVE-2018-8453) used in targeted attacks

Yesterday, Microsoft published their security bulletin, which patches CVE-2018-8453, among others. It is a vulnerability in win32k.sys discovered by Kaspersky Lab in August. We reported this vulnerability to Microsoft on August 17, 2018. Microsoft confirmed the vulnerability and designated it CVE-2018-8453. In August 2018 our Automatic Exploit Prevention (AEP) systems detected an attempt to exploit a vulnerability in Microsoft Windows operating system. Further analysis into this case led us to uncover a zero-day vulnerability in win32k.sys. The exploit was executed by the first stage…

FeaturedIndustrial control systemsIndustrial threatsMalware StatisticsSecurity FeedsSecurity PoliciesVulnerabilities and exploits

Threat Landscape for Industrial Automation Systems in H1 2018

For many years, Kaspersky Lab experts have been uncovering and researching cyberthreats that target a variety of information systems – those of commercial and government organizations, banks, telecoms operators, industrial enterprises, and individual users. In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial automation systems conducted during the first half of 2018. The main objective of these publications is to provide information support to global…

BotnetsDDoS-attacksInternet of ThingsMalware StatisticsMinerSecurity FeedsSpam LettersVulnerabilities and exploits

What are botnets downloading?

Spam mailshots with links to malware and bots downloading other malware are just a couple of botnet deployment scenarios. The choice of infectious payload is limited only by the imagination of the botnet operator or customer. It might be a ransomware, a banker, a miner, a backdoor, the list goes on, and you don’t need to go far for examples: take Gandcrab and Trik, or Locky and Necurs, for instance. Every day we intercept numerous file-download commands sent to bots of various types and…

Application ControlFeaturedPublicationsSecurity FeedsSecurity PoliciesVulnerabilities and exploitsVulnerability Statistics

Security assessment of corporate information systems in 2017

Each year, Kaspersky Lab’s Security Services department carries out dozens of cybersecurity assessment projects for companies worldwide. In this publication, we present a general summary and statistics for the cybersecurity assessments we have conducted of corporate information systems throughout 2017. We have analyzed several dozen projects for companies from various sectors, including government bodies, financial organizations, telecommunications and IT companies, as well as manufacturing and energy companies. The results and statistics on detected vulnerabilities are provided separately for each type of service provided: external…