Earlier today we became aware of a malicious website delivering Petya through the Hunter exploit kit. While there is nothing special about yet another exploit kit page, this one caught our attention because it mimics the index page of our sinkhole systems. Read Full Article
Attacking Diffie-Hellman protocol implementation in the Angler Exploit Kit
In Angler, threat actors used the Diffie-Hellman protocol to creating difficulties in firewall detection of the exploit and also making it harder for the analysts to get the exploit code. However, the experts from Kaspersky Lab managed to perform a successful attack against Diffie-Hellman protocol implementation and decipher the shellcode. Read Full Article
How exploit packs are concealed in a Flash object
The main role in performing a hidden attack is played by exploits to software vulnerabilities that can be used to secretly download malicious code on the victim machine. Recently, we have come across a new technique used to hide exploit-based attacks: fraudsters packed the exploit pack in the Flash file. Read Full Article
New gTLDs, same attacks
Cybercriminals around the world have already started to point their guns and attacks at the new gTLDs, the ‘generic Top Level Domains’ approved by ICANN and offered by registrars to people interested in buying a new domain name. Recently we… Read Full Article
Microsoft Updates Internet Explorer against Highly Targeted 0day Distributing Pirpi
The patch is up! Microsoft is pushing out an Out of Band (OOB) security update MS14-021 to address the recently disclosed Internet Explorer 0day exploit incidents involving a known, high end threat actor. Cheers to a quick response from such… Read Full Article
Microsoft Updates April 2014 – Office and Internet Explorer Critical Vulnerabilities
Absolutely all of the latest versions of Microsoft Word and some versions of Internet Explorer maintain critical vulnerabilities enabling remote code execution. Today, Microsoft releases two critical patches to close multiple vulnerabilities with each. Two important updates are released to… Read Full Article
Kaspersky Security Bulletin 2013. Overall Statistics for 2013
PDF Version Contents Malware Evolution Corporate Threats Overall Statistics for 2013 2013 in figures Mobile Threats Significant Events Statistics Main findings Vulnerable applications exploited by cybercriminals Online threats (attacks via the web) Top 20 malicious programs on the Internet Countries… Read Full Article
CVE-2013-3906 : Another 0-day for Microsoft Office
On November 5, Microsoft announced the discovery of a new vulnerability CVE-2013-3906 which can be exploited when TIFF images are processed. By exploiting this vulnerability it is possible to attack software – including Microsoft Office and Lync – that uses a vulnerable… Read Full Article
The Icefog APT: A Tale of Cloak and Three Daggers
Since 2011 we have been tracking a series of attacks that we link to a threat actor called ‘Icefog’. We believe this is a relatively small group of attackers that are going after the supply chain — targeting government institutions, military contractors, maritime and ship-building groups, telecom operators, satellite operators, industrial and high technology companies and mass media, mainly in South Korea and Japan. Read Full Article
3rd Latin American Security Analysts Summit in Cancun
Last week, GReAT LatAm participated in the 3rd Latin American Security Analysts Summit, which took place in Cancun, Mexico. It was a great event as it brought together close to 30 journalists from 12 countries in the region as well as… Read Full Article