Q4 2020 in terms of DDoS attacks: DDoS market fall, bitcion rise, careful prognoses.
We analyzed and categorized the most popular websites and search queries over the festive period (December 20, 2020 — January 10, 2021) to find out how kids compensated for the lack of outdoor winter entertainment.
With privacy more often than not being traded for convenience, we believe that for many 2020 has fundamentally changed how much privacy people are willing to sacrifice in exchange for security and access to digital services.
Kaspersky solutions blocked 666,809,967 attacks launched from online resources in various countries across the world, 173,335,902 unique URLs were recognized as malicious by Web Anti-Virus.
In this report, we will focus mainly on what remote work means for businesses and employees from a security perspective.
Many of new digital educational tools are both enhancing the educational experience and introducing new threats. Here are the ones most likely to pose the biggest risks in the coming year.
In this report, we will dig deeper into two major consequences of (willing and unwilling) sharing personal data in public — doxing and the selling of personal data on the dark web — and try to untangle the connection between the two.
Kaspersky solutions blocked 1,416,295,227 attacks launched from online resources across the globe. Ransomware attacks were defeated on the computers of 121,579 unique users.
If Q2 2020 surprised us with an unusually high number of DDoS attacks for this period, the Q3 figures point to a normalization. Judging by the number of unique targets, in comparison with last quarter, cybercriminals were more attracted by European, and less by the Asian countries.
This past spring, as the COVID-19 pandemic took hold, online learning became the new norm as universities and classrooms around the world were forced to close their doors. By April 29, 2020, more than 1.2 billion children across 186 countries were impacted by school closures. Shortly after schools began to transition to emergency remote learning,
During the second quarter Kaspersky solutions blocked 899,744,810 attacks launched from online resources across the globe, as many as 286,229,445 unique URLs triggered Web Anti-Virus components.
The second quarter is normally calmer than the first, but this year is an exception. The long-term downward trend in DDoS-attacks has unfortunately been interrupted, and this time we are witnessing an increase.
We’ve already looked at links under old YouTube videos or in Wikipedia articles which at some point turned bad and began pointing to partner program pages, phishing sites, or even malware. It was as if the attackers were purposely buying up domains, but such a scenario always seemed to us too complicated.
Recently, we identified several cases where Google Analytics was misused: attackers injected malicious code into sites, which collected all the data entered by users, and then sent it via Analytics.
Over the past two years we have reviewed how adult content has been used to spread malware and abuse users’ privacy. This is a trend that’s unlikely to go away, especially under current circumstances. While many pornography platforms are enjoying an influx of new users and providing legitimate and safe services, the security risks remain, if not increase.
In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.
While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.
As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that the Lazarus group is going after intelligence that could help these efforts by attacking entities related to COVID-19 research.
We matched private and public DNS data for the SUNBURST-malware root C2 domain with the CNAME records, to identify who was targeted for further exploitation. In total, we analyzed 1722 DNS records, leading to 1026 unique target name parts and 964 unique UIDs.