IT News

BSides Denver 2017

13 May 2017

Everyone loves a decent security conference, and BSides Denver provides one with space to breathe. Folks in sunny Colorado looking for a fine local gathering found talks on advanced social engineering, APT herding, securing smart cities and more. Even though… Read Full Article

More Article Source

WannaCry ransomware used in widespread attacks all over the world

12 May 2017

Earlier today, our products detected and successfully blocked a large number of ransomware attacks around the world. In these attacks, data is encrypted with the extension “.WCRY” added to the filenames. Our analysis indicates the attack, dubbed “WannaCry”, is initiated through an SMBv2 remote code execution in Microsoft Windows.

More Article Source

DDOS attacks in Q1 2017

11 May 2017

Although the first quarter of 2017 was rather quiet compared to the previous reporting period, there were a few interesting developments. Despite the growing popularity of IoT botnets, Windows-based bots accounted for 59.81% of all attacks. Meanwhile, complex attacks that can only be repelled with sophisticated protection mechanisms are becoming more frequent.

More Article Source

False Positives: Why Vendors Should Lower Their Rates and How We Achieved the Best Results

10 May 2017

In pursuit of a high cyberthreat detection rate, the some developers of cybersecurity solutions neglect the subject matter of false positives, and unfairly so. Regretfully, only then does the idea dawn on these developers that high-quality protection from cyberthreats involves not only prevention but also a low false-positive rate.

More Article Source

Clash of Greed

04 May 2017

Yet, the more popular game is, the higher the probability that fraudsters will be looking to make a fortune on that popularity by, for example, organizing phishing attacks on the player base. Those phishing attacks, though always quite similar in their nature, are very competently planned.

More Article Source

Spam and phishing in Q1 2017

02 May 2017

Although the beginning of Q1 2017 was marked by a decline in the amount of spam in overall global email traffic, in March the situation became more stable, and the average share of spam for the quarter amounted to 55.9%. The US (18.75%) remained the biggest source of spam, followed by Vietnam (7.86%) and China (7.77%).

More Article Source

Use of DNS Tunneling for C&C Communications

28 April 2017

Often, virus writers don't even bother to run encryption or mask their communications. However, you do get the occasional off-the-wall approaches that don't fall into either of the categories. Take, for instance, the case of a Trojan that Kaspersky Lab researchers discovered in mid-March and which establishes a DNS tunnel for communication with the C&C server.

More Article Source

APT Trends report, Q1 2017

27 April 2017

Kaspersky Lab is currently tracking more than a hundred threat actors and sophisticated malicious operations in over 80 countries. During the first quarter of 2017, there were 33 private reports released to subscribers of our Intelligence Services, with IOC data and YARA rules to assist in forensics and malware-hunting.

More Article Source

Hajime, the mysterious evolving botnet

25 April 2017

Hajime (meaning �beginning’ in Japanese) is an IoT worm that was first mentioned on 16 October 2016 in a public report by RapidityNetworks. In this blogpost we outline some of the recent �improvements’ to Hajime, some techniques that haven’t been made public, and some statistics about infected IoT devices.

More Article Source

XPan, I am your father

24 April 2017

While we have previously written on the now infamous XPan ransomware family, some of it’s variants are still affecting users primarily located in Brazil. This sample is what could be considered as the “father” of other XPan ransomware variants. A considerable amount of indicators within the source code depict the early origins of this sample.

More Article Source