Secure environment (IoT)

By closely observing more than 60 threat actors responsible for APT attacks worldwide, the team of experts has now compiled a list of the top emerging threats in the APT world. We think these will play an important role in 2015.

A long time has passed since we published our analysis of threats for home network devices. Since then, the situation has significantly changed – alas, not for the better.

Our homes today look more like small offices. We have tons of different devices connected to our network, everything from storage devices and network equipment to wireless network printers.

For the past seven years, a strong threat actor named Darkhotel, also known as Tapaoux, has carried out a number of successful attacks against a wide range of victims from around the world. It employs methods and techniques which go well beyond typical cybercriminal behavior.

More and more people keep talking about the feature of payments via NFC. The problem in this particular case is that somebody reversed the “Tarjeta BIP!” cards and found a means to re-charge them for free.

With the emergence of wearables, the convergence between the virtual and the physical world makes people feel more natural using technology all the time. Unfortunately, the emergence of new technologies also entails new security risks.

Now that the Internet of Things is all the rage, I wanted to take a look at a trend in IoT that I find particularly exciting and that’s wearable devices.

A typical modern home can have around five devices connected to the local network which aren’t computers, tablets or cellphones. As users in a connected digital environment we need to ask ourselves: ‘Are the devices connected to my network vulnerable? What could an attacker actually do if these devices were compromised? Is my home ‘hackable?’

The patch is up! Microsoft is pushing out an Out of Band (OOB) security update MS14-021 to address the recently disclosed Internet Explorer 0day exploit incidents involving a known, high end threat actor. Cheers to a quick response from such a large vendor on this issue! The story goes like this. The week of the

In mid-April we detected two new SWF exploits. After some detailed analysis it was clear they didn’t use any of the vulnerabilities that we already knew about. We sent the exploits off to Adobe and a few days later got confirmation that they did indeed use a 0-day vulnerability that was later labeled as CVE-2014-0515. The

The Mask is an advanced threat actor that has been involved in cyber-espionage operations since at least 2007. What makes The Mask special is the complexity of the toolset used by the attackers. This includes an extremely sophisticated piece of malware, a rootkit, a bootkit, Mac OS X and Linux versions and possibly versions for Android and iPad/iPhone (iOS).

A short while ago, we came across a set of similar SWF exploits and were unable to determine which vulnerability they exploited. We reported this to Adobe and it turned out that these ITW exploits targeted a 0-day vulnerability. Today, Adobe released a patch for the vulnerability. This post provides a technical analysis of the exploits and

Together with our partner CrySyS Lab, we’ve discovered two new, previously-unknown infection mechanisms for Miniduke. These new infection vectors rely on Java and IE vulnerabilities to infect the victim’s PC. While inspecting one of the C&C servers of Miniduke, we have found files that were not related to the C&C code, but seemed to be

Adobe Flash Player CVE-2013-0633 is a critical vulnerability that was discovered and reported to Adobe by Kaspersky Lab researchers Sergey Golovanov and Alexander Polyakov. The exploits for CVE-2013-0633 have been observed while monitoring the so-called -legal- surveillance malware created by the Italian company HackingTeam. In this blog, we will describe some of the attacks and the usage of this 0-day to deploy malware from -HackingTeam- marketed as Remote Control System.

It is clear that any attempt to predict the IT security landscape in 2030 will have to be a forecast of security and society in general. IT is now almost everywhere, and its scope will only increase in the future.