Vulnerabilities and exploits

There are countless firms that sell expensive computer security products and gear. But most experts will tell you that the one step you can take to most improve the security of your home or work computer is to have and follow strict password security. But what makes a password strong (or weak)?

The following statistics were compiled in April using data from computers running Kaspersky Lab products: 221 mln network attacks blocked,190 mln malicious programs detected, 86 mln heuristic verdicts registered.

Rumors on underground forums say that the PSN data is for sale, and that it actually contains the CCV2 code…

Here’s the latest of our malware wallpaper calendars.

Royal Wedding news is being used by cibercriminals to infect people and to steal their money

After a long service black out Sony reported yesterday that their PSN gamer network has been compromised. Sony further admitted that all kinds of user data had become available to an unknown attacker.  Some of the personal details available to the attackers include your name, address, and email address, date of birth, PSN login name and password.  In fact even password security answers may have been obtained.  In addition to these items Sony stated “While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility.”  Sony does not speculate on when their network may come back online but states that they are rebuilding it, and undergoing external security audits.

Kaspersky Lab malware researcher Vicente Diaz joins the Lab Matters webcast to discuss the banking malware epidemic in Europe and offer suggestions for consumers doing business on the Web.

This month, Microsoft is releasing 17 bulletins to address 63 security vulnerabilities across a wide range of Windows products. Out of these vulnerabilities, 12 are rated critical and 51 important.

Almost exactly one month ago we warned about a zero-day in Flash which was being exploited in targeted attacks.

The .co.cc domains, littered with malicious sub domains hosting exploit pages and malicious java applets for the past several months, are now hosting FakeAv pages and “BestAntivirus2011.exe”.

Here’s the latest of our malware wallpaper calendars.

In this edition of the Lab Matters webcast, malware researcher Tillmann Werner and Ryan Naraine discuss the ongoing battle to control the Conficker botnet and the need for the computer security industry to consider newer approaches to mitigating the botnet epidemic.

Over the past couple months, some advertising networks have been distributing ads that redirect browsers to sites hosting exploits. Spotify’s ad networks are the most recently outed.

Kaspersky lab discovered a new variant today, in the form of an obfuscated executable. Please review the technical details for further information. The threat was detected automatically thanks to the Kaspersky Security Network as UDS:DangerousObject.Multi.Generic.

Kaspersky Lab is still monitoring malicious websites involved in the recent Japan spam campaigns.