Vulnerabilities and exploits

We collected Stuxnet files for two years. After analyzing more than 2,000 of these files, we were able to identify the organizations that were the first victims of the worm’s different variants in 2009 and 2010. Perhaps an analysis of their activity can explain why they became “patients zero” (the original, or zero, victims).

For the past seven years, a strong threat actor named Darkhotel, also known as Tapaoux, has carried out a number of successful attacks against a wide range of victims from around the world. It employs methods and techniques which go well beyond typical cybercriminal behavior.

In this blogpost, we will review in detail the possible vectors for an attack launched on a corporate network from an infected computer within it.

This morning was possibly one of the most information rich in the history of Microsoft’s patch Tuesdays.

In almost any company the IT security department faces two priority tasks: ensuring that critical systems operate continuously and reducing the risk of attacks on the corporate network.

Shortly after disclosure of the Bash bug called “Shellshock” we saw the first attempts by criminals to take advantage of this widespread vulnerability also known as CVE-2014-6271.

The “bash” vulnerability is an extremely powerful vulnerability due to its high impact and the ease with which it can be exploited.

An organization recently asked Kaspersky Lab to investigate an incident that had occurred in its corporate remote banking system: a bank asked for confirmation of a payment worth about US$80,000. The organization’s accountant had not made the payments himself, so the organization suspected a malware attack. But how was that possible?

Microsoft released four security bulletins this month addressing a total of 42 vulnerabilities in Internet Explorer (MS14-052), .NET (MS14-053), the Windows task scheduler (MS14-054), and several issues in Windows Lync Server (MS14-055).

With the emergence of wearables, the convergence between the virtual and the physical world makes people feel more natural using technology all the time. Unfortunately, the emergence of new technologies also entails new security risks.

Now that the Internet of Things is all the rage, I wanted to take a look at a trend in IoT that I find particularly exciting and that’s wearable devices.

We spotted an interesting attack from Brazilian bad guys aiming to change the DNS settings of home routers by using a web-based attack, some social engineering, and malicious websites.

Anyone using the Internet is at risk, regardless of age and regardless of what they like to do online. Cybercriminals can deploy an impressive arsenal and use it to get access to our money, our personal data and the resources of our computer systems.

A typical modern home can have around five devices connected to the local network which aren’t computers, tablets or cellphones. As users in a connected digital environment we need to ask ourselves: ‘Are the devices connected to my network vulnerable? What could an attacker actually do if these devices were compromised? Is my home ‘hackable?’

The second Tuesday of the month is here along with Microsoft’s August security updates, and with it brings interesting updates of OneNote and Internet Explorer.