Secure blogging

26 Oct 2004

minute read

Authors

Costin Raiu

Finally, we’re here! A weblog from the international antivirus lab at Kaspersky, with news, interesting details, top level security information and from time to time, even pictures! 🙂

While on the subject of blogging, I have to say that posting to this weblog is probably one of the most complex (and secure!) online processes I’ve seen. IP-based authentication, public/secret key pairs, passwords plus a few other extra security protocols which I cannot disclose. Just the way a proper security product should be. (grin)

Speaking of security and weblogs, there’s a new popular exploit on the internet targetting WordPress, maybe the most powerful weblogging software out there. This vulnerability is fixed by the WordPress 1.2.1 release, so if you are an WordPress user, make sure you run the latest update.

Authors

Costin Raiu

Secure blogging

Latest Posts

Latest Webinars

Reports

In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.

Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups.

We unveil a Lazarus campaign exploiting security company products and examine its intricate connections with other campaigns

How Kaspersky researchers obtained all stages of the Operation Triangulation campaign targeting iPhones and iPads, including zero-day exploits, validators, TriangleDB implant and additional modules.

Secure blogging

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

TOP 10 unattributed APT mysteries

Applied YARA training Q&A

PuzzleMaker attacks with Chrome zero-day exploit chain

Looking at Big Threats Using Code Similarity. Part 1

YARA webinar follow up

The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season

Gaming-related cyberthreats in 2023: Minecrafters targeted the most

Overview of IoT threats in 2023

How cybercrime is impacting SMBs in 2023

New ransomware trends in 2023

Latest Posts

IT threat evolution in Q3 2023. Mobile statistics

IT threat evolution Q3 2023

IT threat evolution in Q3 2023. Non-mobile statistics

Consumer cyberthreats: predictions for 2024

Latest Webinars

Responding to a data breach: a step-by-step guide

2024 Advanced persistent threat predictions

Overview of modern car compromise techniques and methods of protection

2023 APT Landscape Unveiled: Trends, Challenges, Solutions

Reports

HrServ – Previously unknown web shell used in APT attack

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

A cascade of compromise: unveiling Lazarus’ new campaign

How to catch a wild triangle

Subscribe to our weekly e-mails