During the year, Kaspersky solutions repelled 975 491 360 attacks launched from online resources located all over the world and 273 782 113 unique URLs were recognized as malicious by web antivirus components. Read Full Article
Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium
During our investigation, we discovered that yet another 0-day exploit (CVE-2019-1458) was used in Operation WizardOpium attacks. Read Full Article
IT threat evolution Q3 2019. Statistics
Kaspersky solutions blocked 989,432,403 attacks launched from online resources in 203 countries across the globe; 560,025,316 unique URLs were recognized as malicious by Web Anti-Virus components. Read Full Article
Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium
Recently, we caught a new unknown exploit for Chrome browser. We promptly reported this to the Google. After reviewing of the PoC we provided, the company confirmed there was a zero-day vulnerability and assigned it CVE-2019-13720. Read Full Article
IT threat evolution Q2 2019. Statistics
Kaspersky solutions blocked 717,057,912 attacks launched from online resources in 203 countries across the globe, 217,843,293 unique URLs triggered Web Anti-Virus components. Read Full Article
Sodin ransomware exploits Windows vulnerability and processor architecture
When Sodin appeared in the first half of 2019, it immediately caught our attention for distributing itself through an Oracle Weblogic vulnerability and carrying out attacks on MSP providers. Read Full Article
How we hacked our colleague’s smart home
In this article, we publish the results of our study of the Fibaro Home Center smart home. We identified vulnerabilities in Fibaro Home Center 2 and Fibaro Home Center Lite version 4.540, as well as vulnerabilities in the online API. Read Full Article
IT threat evolution Q1 2019. Statistics
In Q1 2019, Kaspersky Lab solutions blocked attempts to launch one or more types of malware designed to steal money from bank accounts on the computers of 243,604 users and detected attacks using miners on the computers of 1,197,066 users. Read Full Article
IT threat evolution Q1 2019
Zebrocy and GreyEnergy, four zero-day vulnerabilities in Windows, attacks on cryptocurrency exchanges, a very old bug in WinRAR, attacks on smart devices and other events of the first quarter of 2019. Read Full Article
ScarCruft continues to evolve, introduces Bluetooth harvester
After publishing our initial series of blogposts back in 2016, we have continued to track the ScarCruft threat actor. ScarCruft is a Korean-speaking and allegedly state-sponsored threat actor that usually targets organizations and companies with links to the Korean peninsula. Read Full Article