The 5th Hacker Halted USA is now taking place in Miami under the slogan – Unravel the Enigma of Insecurity after hurricane Sandy passed Florida last weekend. Day 1 is the keynote day, so luckily no splitted presentation-streams. After a… Read Full Article
T2’12: Huawei Routers, Pin Pad Terminals Under Security Scrutiny
On the first day of the T2’12 conference in Helsinki, researchers discuss major problems with the security of Huawei’s VRP (Versatile Routing Platform) and pin-pad payment terminals. Read Full Article
Spam in September 2012
The percentage of spam in email traffic grew by 2.3 percentage points from August and averaged 72.5% Read Full Article
ICS-JWG Fall Meeting 2012
The Industrial Control Systems Joint Working Group Fall Meeting 2012 is being held in Denver, Colorado this year, organized by the DHS ICS-CERT. Yesterday, Billy Rios from Spear Point Security kicked off the meeting with a discussion that included mention of vendors’ defensive postures and the exploit brokers out there.
Read Full ArticleFraud abusing Google Docs
Phishing is not exactly a ground-breaking technique. Quite the opposite, it seems like it has been around forever. This is an indicator of its effectiveness: we might think that it is unlikely that people would give away their banking credentials just because they are asked for them, but still there is a percentage who continue to become victims of one of the simplest fraud methods.
However both user awareness and anti-phishing tools are making harder for fraudsters to succeed in their attempts to get our money. We see this changing in the decrease in the percentage of spam. That is not the only reason: users are switching to new platforms such as social networks for direct communication.
Today I want to show you an example of the creativeness in avoiding spam and phishing filters.
Read Full ArticleTwitter Phishing Campaign Spreading Via Direct Messages
A Phishing campaign against twitter is actively being exploited in the wild. The attackers use stolen twitter accounts to send direct messages containing a shortened URL redirecting to the phishing site. Read Full Article
Securing Critical Information Infrastructure: Trusted Computing Base
Industrial systems, critically important installations and other key facilities require the very latest protection technologies. Read Full Article
miniFlame aka SPE: “Elvis and his friends”
In May 2012, a Kaspersky Lab investigation detected a new nation-state cyber-espionage malware, which we named “Flame” Read Full Article
miniFlame aka SPE: “Elvis and his friends”
While analyzing the Flame malware that we detected in May 2012, Kaspersky Lab experts identified some distinguishing features of Flame’s modules. Read Full Article
Stealing Currency Permits from the Government
Right after the Venezuelan presidential elections cybercriminals launched a new credential stealing malware joined by a social engineering campaign saying that supposedly the last election was a fraud. The name of the malicious file is “listas-fraude-electoral.pdf.exe” which is translates to… Read Full Article