Tag Archives: Kaspersky Lab

Computers

Kaspersky founder warns nations face growing cyberattack threats

Leave a comment

State-of-the-art cyberweapons are now powerful enough to severely disrupt nations and the organizations responsible for their critical infrastructure, Kaspersky Lab founder and CEO Eugene Kaspersky says.

The comments were made in a recent speech to a select audience of UK police, politicians and CSOs.

That Kaspersky was invited to give the speech to such a high-level gathering is a clear signal that the British government takes the threat posed by cyber-weapons seriously.

“Today, sophisticated malicious programs – cyberweapons – have the power to disable companies, cripple governments and bring whole nations to their knees by attacking critical infrastructure in sectors such as communications, finance, transportation and utilities. The consequences for human populations could, as a result, be literally catastrophic,” said Kaspersky.

To read this article in full or to leave a comment, please click here

Source: FULL ARTICLE at PCWorld

Computers

Bitcoin mining malware spreading on Skype, researcher says

Leave a comment

Security researchers from Kaspersky Lab have identified a spam message campaign on Skype that spreads a piece of malware with Bitcoin mining capabilities.

Bitcoin (BTC) is a decentralized digital currency that has seen a surge in popularity since the beginning of the year and is currently trading at over US$130 per unit making it an attractive investment for legitimate currency traders, but also cybercriminals.

BTCs are generated according to a special algorithm on computers using their CPU and GPU resources. This operation is called Bitcoin mining and is usually performed by users who operate multi-GPU computer rigs. However, mining efforts can also be pooled for better results.

Cybercriminals have figured out that distributed Bitcoin mining is a perfect task for botnets and have started developing malware that can abuse the CPUs and GPUs of infected computers to generate Bitcoins.

To read this article in full or to leave a comment, please click here

…read more

Source: FULL ARTICLE at PCWorld

Computers

Researchers: Java's security problems unlikely to be resolved soon

Leave a comment

Since the start of the year, hackers have been exploiting vulnerabilities in Java to carry out a string of attacks against companies including Microsoft, Apple, Facebook and Twitter, as well as home users. Oracle has made an effort to respond faster to the threats and to strengthen its Java software, but security experts say the attacks are unlikely to let up any time soon.

Just this week, security researchers said the hackers behind the recently uncovered MiniDuke cyberespionage campaign used Web-based exploits for Java and Internet Explorer 8, along with an Adobe Reader exploit, to compromise their targets. Last month, the MiniDuke malware infected 59 computers belonging to government organizations, research institutes, think tanks and private companies from 23 countries.

The Java exploit used by MiniDuke targeted a vulnerability that hadn’t been patched by Oracle at the time of the attacks, Kaspersky Lab said in a blog post. Vulnerabilities that are made public or exploited before a patch is released are known as zero-day vulnerabilities, several of which have been used in the attacks against Java this year.

In February, software engineers from Microsoft, Apple, Facebook and Twitter had their work laptops infected with malware after visiting a community website for iOS developers that had been rigged with a Java zero-day exploit. The breaches were the result of a larger “watering hole” attack launched from multiple websites that also affected government agencies and companies in other industries, The Security Ledger reported.

To read this article in full or to leave a comment, please click here

…read more
Source: FULL ARTICLE at PCWorld

Computers

Adobe readies emergency patches for Reader, Acrobat

Leave a comment

Adobe Systems said it will release patches for two critical vulnerabilities disclosed last week that are actively being used by attackers.

The company said on Saturday the patches will be released sometime this week. Both vulnerabilities can be exploited if a user can be tricked into opening a malicious PDF, which is usually sent to targeted victims by email.

The latest vulnerabilities were discovered by security vendor FireEye, which said it supplied its findings to Adobe. An analysis by Kaspersky Lab of the exploit using the vulnerabilities found that it bypasses the “sandbox” built into Adobe Reader, which is a technology designed to contain attempts to install malicious software.

Kaspersky said the exploit had a level of sophistication seen in cyberespionage campaigns. The malicious software delivered to infected computers can record keystrokes as well as steal passwords and information about a computer’s configuration.

To read this article in full or to leave a comment, please click here

…read more
Source: FULL ARTICLE at PCWorld

Computers

Adobe confirms zero-day exploit bypasses Adobe Reader sandbox

Leave a comment

A recently found exploit that bypasses the sandbox anti-exploitation protection in Adobe Reader 10 and 11 is highly sophisticated and is probably part of an important cyberespionage operation, the head of the malware analysis team at antivirus vendor Kaspersky Lab said.

The exploit was discovered Tuesday by researchers from security firm FireEye, who said that it was being used in active attacks. Adobe confirmed that the exploit works against the latest versions of Adobe Reader and Acrobat, including 10 and 11, which have a sandbox protection mechanism.

“Adobe is aware of reports that these vulnerabilities are being exploited in the wild in targeted attacks designed to trick Windows users into clicking on a malicious PDF file delivered in an email message,” the company said in a security advisory published Wednesday.

Adobe is working on a patch, but in the meantime users of Adobe Reader 11 are advised to enable the Protected View mode by choosing the “Files from potentially unsafe locations” option under the Edit > Preferences > Security (Enhanced) menu.

To read this article in full or to leave a comment, please click here

…read more
Source: FULL ARTICLE at PCWorld

Computers

Researchers: Surveillance malware distributed via Flash Player exploit

Leave a comment

Political activists from the Middle East were targeted in attacks that exploited a previously unknown Flash Player vulnerability to install a so-called lawful interception program designed for law enforcement use, security researchers from antivirus vendor Kaspersky Lab said Tuesday.

Last Thursday, Adobe released an emergency update for Flash Player in order to address two zero-day—unpatched—vulnerabilities that were already being used in active attacks. In its security advisory at the time, Adobe credited Sergey Golovanov and Alexander Polyakov of Kaspersky Lab for reporting one of the two vulnerabilities, namely the one identified as CVE-2013-0633.

On Tuesday, the Kaspersky Lab researchers revealed more information about how they originally discovered the vulnerability. “The exploits for CVE-2013-0633 have been observed while monitoring the so-called ‘legal’ surveillance malware created by the Italian company HackingTeam,” Golovanov said in a blog post.

HackingTeam is based in Milan but also has a presence in Annapolis, Maryland, and Singapore. According to its website, the company develops a computer surveillance program called Remote Control System (RCS) that is sold to law enforcement and intelligence agencies.

To read this article in full or to leave a comment, please click here

…read more
Source: FULL ARTICLE at PCWorld

Computers

DaVinci surveillance malware distributed via zero-day Flash Player exploit, researchers say

Leave a comment

Political activists from the Middle East were targeted in attacks that exploited a previously unknown Flash Player vulnerability to install a so-called lawful interception program designed for law enforcement use, security researchers from antivirus vendor Kaspersky Lab said Tuesday. …read more
Source: FULL ARTICLE at Computerworld Latest

Computers

Kaspersky launches all-in-one security tool for SMBs

Leave a comment
Petr Merkulov explains Kaspersky Endpoint Security for Business.

Companies have to manage security across a wide range of issues and threats. Operating systems and applications have to be patched and updated. Active monitoring needs to be in place to identify and block malware threats. Data needs to be protected to prevent exposure or compromise. Mobile devices and the  BYOD (bring your own device) trend represent a new frontier of concerns.

Kaspersky intends to simplify the process for all of the above issues. Its new Endpoint Security for Business merges all of these functions into one product so that small and midsize business IT managers can see and control every aspect of security from one console.

Kaspersky Lab has been at the forefront of research into sophisticated cyber espionage attacks like Flame, Gauss, and Red October—insidious attacks that have compromised and exploited targets for years. The Moscow-based antimalware and computer security company unveiled the new Kaspersky Endpoint Security for Business at an analyst event last week in New York.

Part of the problem, particularly for SMBs, is that there are too many moving parts involved. “Complexity is the enemy of security,” said chief product officer Petr Merkulov.

To read this article in full or to leave a comment, please click here

Source: FULL ARTICLE at PCWorld

Computers

Bad Kaspersky antivirus update keeps users from accessing websites

Leave a comment

A faulty antivirus update issued by Kaspersky Lab on Monday left many of its home and business customers unable to access any websites on their computers.

Systems administrators using Kaspersky Endpoint Security (KES) on their corporate networks started reporting the problem on Kaspersky’s support forum on Monday afternoon, Eastern Time. The reports kept piling up until late in the evening.

“I have ~12,000 machines running KES8 and my help desk started getting calls about an hour ago saying users were having problems accessing various web sites,” one user named bradb21 reported.

Other users confirmed the problem and attempted to troubleshoot it themselves. Some reported success after disabling the Web protection component or turning off the product’s monitoring for port 80, 443 and other Web proxy ports.

To read this article in full or to leave a comment, please click here

Source: FULL ARTICLE at PCWorld

Computers

Red October malware discovered after years of stealing data in the wild

Leave a comment

A shadowy group of hackers has siphoned intelligence data worldwide from diplomatic, government, and scientific research computer networks for more than five years, including targets in the United States, according to a report from Kaspersky Lab.

Kaspersky Lab began researching the malware attacks in October and dubbed them “Rocra,” short for “Red October.” Rocra uses a number of security vulnerabilities in Microsoft Excel, Word, and PDF documents types to infect PCs, smartphones, and computer networking equipment. On Tuesday researchers discovered the malware platform also uses Web-based Java exploits.

It’s not clear who is behind the attacks, but Rocra uses at least three publicly known exploits originally created by Chinese hackers. Rocra’s programming, however, appears to be from a separate group of Russian-speaking operatives, according to the report from Kaspersky Lab.

The attacks are ongoing and targeted at high-level institutions in what are known as spear-fishing attacks. Kaspersky estimates that the Red October attacks have likely obtained hundreds of terabytes of data in the time it has been operational, which could be as early as May 2007.

To read this article in full or to leave a comment, please click here

Source: FULL ARTICLE at PCWorld