viruses

An (un)documented Word feature abused by attackers

An (un)documented Word feature abused by attackers

A little while back we were investigating the malicious activities of the Freakyshelly targeted attack and came across spear phishing emails that had some interesting documents attached to them. They were in OLE2 format and contained no macros, exploits or any other active content

Introducing WhiteBear

Introducing WhiteBear

As a part of our Kaspersky APT Intelligence Reporting subscription, customers received an update in mid-February 2017 on some interesting APT activity that we called WhiteBear. It is a parallel project or second stage of the Skipper Turla cluster of activity documented in another private report. Like previous Turla activity, WhiteBear leverages compromised websites and hijacked satellite connections for command and control (C2) infrastructure.  

New multi platform malware/adware spreading via Facebook Messenger

New multi platform malware/adware spreading via Facebook Messenger

One good thing about having a lot of Facebook friends is that you simply act as a honey pot when your friends click on malicious things. A few days ago I got a message on Facebook from a person I very rarely speak to, and I knew that something fishy was going on.  

IT threat evolution Q2 2017

IT threat evolution Q2 2017

The threat from ransomware continues to grow. Between April 2016 and March 2017, we blocked ransomware on the computers of 2,581,026 Kaspersky Lab customers. In May, we saw the biggest ransomware epidemic in history, called WannaCry.  

The return of Mamba ransomware

The return of Mamba ransomware

At the end of 2016, there was a major attack against San Francisco’s Municipal Transportation Agency. The attack was done using Mamba ransomware. 

Steganography in contemporary cyberattacks

Steganography in contemporary cyberattacks

A strong upward trend in malware developers using steganography for different purposes is seen, including for concealing C&C communication and for downloading malicious modules

DDoS attacks in Q2 2017

DDoS attacks in Q2 2017

Money remains the driving force of DDoS attacks.The growing interest in cryptocurrencies leads to an increase in their exchange-value in the second quarter of 2017.

No Free Pass for ExPetr

No Free Pass for ExPetr

Recently, there have been discussions around the topic that if our product is installed, ExPetr malware won’t write the special malicious code which encrypts the MFT to MBR. 

What makes identity-driven security the new age firewall

What makes identity-driven security the new age firewall

Propelled by the need to provide a holistic, identity-driven protection, Microsoft’s Enterprise Mobility & Security solutions (EM&S) stitches in intuitive security on a future-ready platform. What takes the cake though, is that it ensures productivity without compromising on user privilege.

Load More