Vulnerabilities and exploits

In this blogpost, we will review in detail the possible vectors for an attack launched on a corporate network from an infected computer within it.

This morning was possibly one of the most information rich in the history of Microsoft’s patch Tuesdays.

In almost any company the IT security department faces two priority tasks: ensuring that critical systems operate continuously and reducing the risk of attacks on the corporate network.

Shortly after disclosure of the Bash bug called “Shellshock” we saw the first attempts by criminals to take advantage of this widespread vulnerability also known as CVE-2014-6271.

The “bash” vulnerability is an extremely powerful vulnerability due to its high impact and the ease with which it can be exploited.

An organization recently asked Kaspersky Lab to investigate an incident that had occurred in its corporate remote banking system: a bank asked for confirmation of a payment worth about US$80,000. The organization’s accountant had not made the payments himself, so the organization suspected a malware attack. But how was that possible?

Microsoft released four security bulletins this month addressing a total of 42 vulnerabilities in Internet Explorer (MS14-052), .NET (MS14-053), the Windows task scheduler (MS14-054), and several issues in Windows Lync Server (MS14-055).

With the emergence of wearables, the convergence between the virtual and the physical world makes people feel more natural using technology all the time. Unfortunately, the emergence of new technologies also entails new security risks.

Now that the Internet of Things is all the rage, I wanted to take a look at a trend in IoT that I find particularly exciting and that’s wearable devices.

We spotted an interesting attack from Brazilian bad guys aiming to change the DNS settings of home routers by using a web-based attack, some social engineering, and malicious websites.

Anyone using the Internet is at risk, regardless of age and regardless of what they like to do online. Cybercriminals can deploy an impressive arsenal and use it to get access to our money, our personal data and the resources of our computer systems.

A typical modern home can have around five devices connected to the local network which aren’t computers, tablets or cellphones. As users in a connected digital environment we need to ask ourselves: ‘Are the devices connected to my network vulnerable? What could an attacker actually do if these devices were compromised? Is my home ‘hackable?’

The second Tuesday of the month is here along with Microsoft’s August security updates, and with it brings interesting updates of OneNote and Internet Explorer.

Today Adobe released the security bulletin APSB14-19, crediting Kaspersky Lab for reporting CVE-2014-0546.

Over the last 10 months, we have analyzed a massive cyber-espionage operation which we call “Epic Turla”. The attackers have infected several hundred computers in more than 45 countries, including government institutions, embassies, military, education, research and pharmaceutical companies. We observed exploits against older (patched) vulnerabilities, social engineering techniques and watering hole strategies.