Vulnerabilities and exploits

Over the past few weeks, we have been busy researching the Command and Control infrastructure used by Duqu

Kaspersky Lab malware analyst Dmitry Besthuzhev looks at cybercrime in Latin America and makes a prediction regarding state-sponsored cyber-attacks in the region.

Not so long ago we wrote about cybercriminals using infected computers to generate virtual money via Bitcoin

A look at the top five database breaches and the technologies that may have helped limit the damage.

A simple message on a Google forum in August sparked an investigation which would eventually bring down the DigiNotar certificate authority.

Once the driver is loaded, it decrypts a small block that contains its registry key and the name of the registry value to be read from that key. It also contains the name of the driver object to create

In this edition of Lab Matters, Ryan Naraine interviews Kaspersky Lab CTO Nikolay Nikolay Grebennikov about malicious threats on mobile devices. Grebennikov talks about the taxonomy of threats and explains Kaspersky Lab’s vision for protecting data on smart phones.

New information suggests Duqu was used to spy on Iran’s nuclear program.

Dutch Certificate Authority KPN/Getronics has announced the suspension of the issuance of digital certificates.

In April, the .co.cc and .cz.cc sub-domains were absolutely littered with malware distributing web sites, and the unusually telling DNS registration setup on .co.cc and .cz.cc had forecast the previously upcoming Apple FakeAv.

First things first, I have to point out a mistake in the previous text. When analyzing the fourth incident in Iran, we stated that there were two network attacks on a victim machine from the IP address 63.87.255.149. It could have been an exclusive version of Duqu, but it turned out to be a big mistake.

Tim Armstrong looks at the timeline of the Sony breach and pieces together the relevant details at each point in time. He discusses the known facts of the case and the potential future fallout.

Here’s the latest of our malware calendar wallpapers.

Our investigation and research of Duqu malware continues.

In September we saw a 3700% increase in JavaScript-based redirection scripts, specifically Trojan.JS.Redirector.ro. This malicious redirector went from 908th place to 15th place in the list of the most detected malware in Sweden in one month. This code only redirects users to another URL, and I thought it was strange that we did not really see an increase of detected malware in September?