Internal threats

Publications

What kids get up to online

To help children avoid potential dangers in the digital world, parents must understand what their children are interested in, know about the latest online trends, and be aware of ​​what might pose a risk.

Publications

We know what your kids did this summer

For many kids and teenagers, summer is all about ditching school books in favor of hobbies and fun. Every year we release a report on children’s interests, as reflected in their online activity. This summer, we investigated what they prefer in their free time.

Software

Modern OSs for embedded systems

At Kaspersky Lab we analyze the technologies available on cybersecurity market and this time we decided to look at what OS developers are offering for embedded systems (or, in other words, the internet of things). Our primary interest is how and to what degree these OSs can solve cybersecurity-related issues.

Publications

Netkids

Children today are completely at home in the digital space. They use digital diaries and textbooks at school, communicate via instant messaging, play games on mobile devices (not to mention PCs and consoles), and create mini masterpieces on tablets and laptops. This total immersion in the digital universe is a concern for many parents, but if they want their child to spend time online safely and usefully, they must not only understand the basic concepts of digital security and have a grasp of the threats, but also be able to explain them to their kid.

Industrial threats

OPC UA security analysis

This article discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. We hope to draw the attention of vendors that develop software for industrial automation systems and the industrial IoT to problems associated with using such widely available technologies.

Industrial threats

A silver bullet for the attacker

We confront hundreds of thousands of new threats every day and we can see that threat actors are on a constant lookout for new attack opportunities. According to our research, connecting a software license management token to a computer may open a hidden remote access channel for an attacker.

Reports

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Lazarus covets COVID-19-related intelligence

As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that the Lazarus group is going after intelligence that could help these efforts by attacking entities related to COVID-19 research.

Sunburst: connecting the dots in the DNS requests

We matched private and public DNS data for the SUNBURST-malware root C2 domain with the CNAME records, to identify who was targeted for further exploitation. In total, we analyzed 1722 DNS records, leading to 1026 unique target name parts and 964 unique UIDs.

What did DeathStalker hide between two ferns?

While tracking DeathStalker’s Powersing-based activities in May 2020, we detected a previously unknown implant that leveraged DNS over HTTPS as a C2 channel, as well as parts of its delivery chain. We named this new malware “PowerPepper”.

Subscribe to our weekly e-mails

The hottest research right in your inbox