Over the past decade, APT have intensely targeted organizations and individuals across India. Its developing base of technology, its geographical location and bounds, its inclusive and riotous political energy, and its growing economic weight makes it a special place of interest… Read Full Article
In June, high-profile news events such as the FIFA World Cup and the situation in Ukraine were exploited by fraudsters to extract money and financial information from users. The holiday season has brought an increase in the number of fake notifications from various booking services containing malicious attachments.
Recently Kaspersky Lab has contributed to an alliance of law enforcement and industry organizations, to undertake measures against the internet domains and servers that form the core of an advanced cybercriminal infrastructure that uses the Shylock Trojan to attack online banking systems around the globe.
Looking past the 23 Critical Internet Explorer remote code execution vulnerabilities being patched this month by MS14-037 that require immediate attention, most interesting is CVE-2014-2783, the Internet Explorer "Extended Validation (EV) Certificate Security Feature Bypass Vulnerability". The vulnerability itself, reported… Read Full Article
Cybercriminals around the world have already started to point their guns and attacks at the new gTLDs, the 'generic Top Level Domains' approved by ICANN and offered by registrars to people interested in buying a new domain name. Recently we… Read Full Article
In February 2014, an article was published on a popular Russian IT website under a curious title - Studying the BillGates Linux Botnet. It described a Trojan with sufficiently versatile DDoS functionality. The capability that we found the most interesting… Read Full Article
The most popular uses of cloud services include: storing image scans of passports and other personal documents; synchronization of password, contact list, and email/message databases; creating sites; storing versions of source codes, etc.
At the end of last week we came across a curious method of distributing links to a phishing page that collects users’ personal data.
In 2013, together with our partner CrySyS Lab, we announced our research on a new APT actor we dubbed “Miniduke”.
Microsoft seized 22 domains previously owned by Vitalwerks, company behind dynamic dns service NO-IP