Vulnerabilities and exploits

In 2013 we registered a sudden surge in the number of attacks targeting users’ financial information and money. In 2014, the situation changed considerably: the number of attacks and attacked users significantly decreased, as did the amount of financial phishing.

Users trust files signed with digital certificates, so cybercriminals are always keen to attach these certificates to their malicious files. This article explores the main threats associated with signed files, and proposes practical ways of minimizing the risks associated with launching them.

Microsoft’s security team begins 2015 with a minimal set of Security Bulletins, MS15-001 through MS15-008.

A cutting-edge IT security conference, was held from 18th -19th December. It was the second round, following its first occurrence in February 2014.

By closely observing more than 60 threat actors responsible for APT attacks worldwide, the team of experts has now compiled a list of the top emerging threats in the APT world. We think these will play an important role in 2015.

This section of the report forms part of the Kaspersky Security Bulletin 2014 and is based on data obtained and processed using Kaspersky Security Network (KSN). Kaspersky Lab products detected and neutralized a total of 6,167,233,068 threats during the reported period.

Next year Kaspersky Lab experts anticipate high-stakes targeted cyber-attacks pinpointing the banks. We expect fraudsters will try to develop new malware that can take cash directly from ATMs. 2015 is also likely to bring even more privacy concerns, security worries about Apple devices and renewed fears about connected devices.

Kaspersky Lab products detected and neutralized a total of 1,325,106,041 threats in the third quarter of 2014. Our solutions blocked 696,977 attacks that attempted to launch malware capable of stealing money from online banking accounts.

We collected Stuxnet files for two years. After analyzing more than 2,000 of these files, we were able to identify the organizations that were the first victims of the worm’s different variants in 2009 and 2010. Perhaps an analysis of their activity can explain why they became “patients zero” (the original, or zero, victims).

For the past seven years, a strong threat actor named Darkhotel, also known as Tapaoux, has carried out a number of successful attacks against a wide range of victims from around the world. It employs methods and techniques which go well beyond typical cybercriminal behavior.

In this blogpost, we will review in detail the possible vectors for an attack launched on a corporate network from an infected computer within it.

This morning was possibly one of the most information rich in the history of Microsoft’s patch Tuesdays.

In almost any company the IT security department faces two priority tasks: ensuring that critical systems operate continuously and reducing the risk of attacks on the corporate network.

Shortly after disclosure of the Bash bug called “Shellshock” we saw the first attempts by criminals to take advantage of this widespread vulnerability also known as CVE-2014-6271.

The “bash” vulnerability is an extremely powerful vulnerability due to its high impact and the ease with which it can be exploited.