Web threats

Mass website infections are one of the biggest problems in contemporary IT security

The Internet knows no borders, but according to our data, cybercrime has specific ‘geographical features’.

Parental Control puts parents in charge of all their children’s online activities.

Yesterday it was a dark day for many companies in Europe, but especially in the Netherlands. A piece of malware known as Worm.Win32.Dorifel infected over 3000 machines globally, and 90% of infected users were both from public and business sector organizations based in the Netherlands.

According to KSN data, Kaspersky Lab products detected and neutralized over 1 billion threats in Q2 2012.

Recently, we came across web malware that – instead of injecting an iframe pointing to a fixed existing address – generates a pseudo-random domain name, depending on the current date.

Every day in Latin America we register lots of similar attacks, each abusing local DNS settings. Actually these attacks are a bit different because they modify the local HOST file but the principle is the same.

It’s the last call on DNSChanger cleanup. On Monday, the FBI-run replacement DNS servers are coming down.

Next Monday, 9th of July, at 06:00 (MEZ) the temporary DNS-servers setup by FBI will be shut down. But still there are still thousands of infected machines – one can wonder, what will happen to them?

It is quite rare to analyze a malicious file written in the form of a cross-platform browser plugin. It is, however, even rarer to come across plugins created using cross-browser engines.

According to KSN data, Kaspersky Lab products detected and neutralized almost 1 billion malicious objects in Q1 2012.

The following statistics were compiled in April using data collected from computers running Kaspersky Lab products

The FBI’s “Operation Ghost Click” announcement in Nov 2011, involving the Rove Digital botnet delayed cleanup efforts that we previously discussed, continues to haunt both the internet networks and the mass media.

The investigation into the Duqu Trojan is into its sixth month, and March brought further progress as we were able to establish which language was used for its Framework code.

This month’s patch Tuesday fixes a small set of critical vulnerabilities in a variety of client side software and one “important” server side Forefront UAG data leakage/information disclosure issue. Six bulletins have been created to address eleven exploitable flaws.