The choice of security anti-virus (if we disregard the issue of cost) depends on its quality requirements. If the use of Internet is not that active, only trusted web-sites from a limited list are visited, correspondence is only with a limited number of people and there are no tones of spam, new programs are not downloaded from the Internet – requirements to anti-virus protection can be minimal.
Otherwise, however, if the network is used extensively, the volume of email is high, and search services are used on a regular basis – requirements to quality and functionally of anti-virus protection are much higher.
Reliability and usability are the most important criteria, as even the ‘absolute antivirus’ might prove to be absolutely useless if it conflicts with the system, strongly reduces its efficiency or from time to time “hangs”. If an antivirus requires special skills which most common users are devoid of, it will be too difficult to use (work with). Common user will simply ignore its messages and randomly click «Yes» or «No», depending on which is closer to the cursor. And if an antivirus asks the common user difficult questions, most probably the latter will disable, if not delete the program from the system. If a corporate antivirus version does not have features required to administrate the company’s network, most system administrators will rather choose a product which would be less secure but more convenient.
Comprehensive protection is the second critically important criteria. All computer domains, all types of files and network elements which can be potentially attacked by a virus have to be constantly under protection. The program should be able to detect a malicious code and protect all channels of possible intrusion (e-mail, WWW, FTP e. t.c.), leading into the computer and the network.
Quality of protection is the third key criteria. Any most sophisticated antivirus is of no use is it is unable to provide a required level of protection from malicious programs. Anti-viruses have to resist a quite aggressive environment which is constantly developing – often new viruses, worms, Trojans become much more complex than their previous versions.
As for protection quality, it is made up of the following features: level of detection of malicious programs, frequency and regularity of updates, ability to delete the virus code from the system properly, resource capacity, possibility of double protection (systems) by different manufacturers, ability to protect not only from known – but also from new viruses and Trojans.
In Q1 2018, we observed a significant increase in both the total number and duration of DDoS attacks against Q4 2017. The new Linux-based botnets Darkai (a Mirai clone) and AESDDoS are largely responsible for this hike. Read Full Article
In March 2018, Japanese media reported the hijacking of DNS settings on routers located in Japan, redirecting users to malicious IP addresses. The redirection led to the installation of Trojanized applications named facebook.apk and chrome.apk that contained Android Trojan-Banker. During our research we received some invaluable information about the true scale of this attack, we decided to call it ‘Roaming Mantis’. Read Full Article
Q4 2017 represented something of a lull: both the number and duration of DDoS attacks were down against the previous quarter. At the same time, the increase in the number of attacks on honeypot traps in the runup to holiday sales indicates that cybercriminals are keen to expand their botnets at the most opportune moment by pressuring owners of online resources and preventing them from making a profit. Read Full Article
According to KSN data, Kaspersky Lab solutions detected and repelled 277,646,376 malicious attacks from online resources located in 185 countries all over the world. Read Full Article
Our growing dependence on technology, connectivity and data means that businesses present a bigger attack surface than ever. Targeted attackers have become more adept at exploiting their victims’ vulnerabilities to penetrate corporate defences while ‘flying under the radar’. Read Full Article
In the third quarter of 2017, we registered a considerable increase in the number of both DDoS attacks and their targets. Traditionally, China is the country with the largest number of attack sources and targets. It was followed by the United States and South Korea. The popularity of Windows OS as a basis for creating a botnet has fallen noticeably, while the share of Linux-based botnets increased proportionally. Read Full Article
A little while back we were investigating the malicious activities of the Freakyshelly targeted attack and came across spear phishing emails that had some interesting documents attached to them. They were in OLE2 format and contained no macros, exploits or any other active content. Read Full Article
The threat from ransomware continues to grow. Between April 2016 and March 2017, we blocked ransomware on the computers of 2,581,026 Kaspersky Lab customers. In May, we saw the biggest ransomware epidemic in history, called WannaCry. Read Full Article
According to KSN data, Kaspersky Lab solutions detected and repelled 342, 566, 061 malicious attacks from online resources located in 191 countries all over the world. Read Full Article
The second quarter quite clearly showed that the DDoS-attack threat is perceived rather seriously. Some companies were prepared to pay cybercriminals literally after their first demand without waiting for the attack itself. This set off a whole new wave of fraud involving money extortion under threat of a DDoS attack, also known as “ransom DDoS”. Read Full Article