Opinion

Last minute shopping – keep safe!

The holidays are nearly here! If you’re still searching for the final perfect present, and are thinking of buying online, here’s a few practical tips to help keep your last-minute purchases secure:

  1. Keep your Internet Security solution updated, not just to the day but to the hour! We release frequent updates to make sure you’re protected from the very newest malware. Scan your system before you start shopping.
  2. Don’t forget to use our Kaspersky Virtual Keyboard which is integrated in Kaspersky Internet Security products for all your online transactions, especially when you’re asked to input any personal data like your names, numbers (credit card, pin, date of birth, zip code, etc) or address.

    Using the virtual keyboard prevents Trojans from stealing information which you enter via the keyboard or other input device.

  3. Don’t shop from public WiFi networks which aren’t secured using WPA2. These networks can be easily hijacked by cybercriminals, and your sensitive financial data could be compromised.
  4. Make sure your system is up-to-date! You should make it a habit to download and install updates not just for your operating system but also for third party applications like:
    • Browsers like IE, Firefox, Opera, Safari, Google Chrome or any other you use
    • Adobe system applications.
    • Media players like Realpayer, Winamp, etc.

    You can use the Kaspersky Vulnerability Scan integrated in Kaspersky Internet Security product to check your system for vulnerabilities.

  5. Check that the sites you shop on are secure! A secure online shopping site will have a valid digital certificate which is used to encryption and secure your online transaction and it will have an icon showing a closed padlock in the bottom or the top of your browser.

    The address bar should have an ‘https’ string before the page address.

    Remember – NEVER shop on a page which doesn’t have ‘https’ in the address bar:

    or if the padlock is open or broken, or if you get a warning regarding the digital certificate of the page you’re on!

Wishing you safe online shopping and happy holidays!

Last minute shopping – keep safe!

Your email address will not be published. Required fields are marked *

 

Reports

Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Lazarus covets COVID-19-related intelligence

As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that the Lazarus group is going after intelligence that could help these efforts by attacking entities related to COVID-19 research.

Sunburst: connecting the dots in the DNS requests

We matched private and public DNS data for the SUNBURST-malware root C2 domain with the CNAME records, to identify who was targeted for further exploitation. In total, we analyzed 1722 DNS records, leading to 1026 unique target name parts and 964 unique UIDs.

Subscribe to our weekly e-mails

The hottest research right in your inbox