Kaspersky security news english / Deutsch

english

  • Spam and phishing in 2017


    The share of spam in email traffic in 2017 fell by 1.68% to 56.63%. The lowest share (52.67%) was recorded in December 2017. The highest (59.56%) belonged to September. In 2017, the Anti-Phishing system was triggered 246,231,645 times on computers of Kaspersky Lab users as a result of phishing redirection attempts.
  • Bingo, Amigo! Jackpotting: ATM malware from Latin America to the World


    Of all the forms of attack against financial institutions around the world, the one that brings traditional crime and cybercrime together the most is the malicious ecosystem that exists around ATM malware. Criminals from different backgrounds work together with a single goal in mind: jackpotting.
  • Zero-day vulnerability in Telegram


    In October 2017, we learned of a vulnerability in Telegram Messenger’s Windows client that was being exploited in the wild. It involves the use of a classic right-to-left override attack when a user sends files over the messenger service.
  • A vulnerable driver: lesson almost learned


    At first, it looked like we’d found a zero-day local privilege escalation vulnerability for Windows, but the sample that was triggering Exploit Checker events turned out to be the clean signed executable file, part of the multiplayer online game.
  • Gas is too expensive? Let’s make it cheap!


    A search online lead me to a discovery I didn’t think was possible nowadays. I realized almost immediately that critical security issues were probably involved. I found that out of the many tens of thousands of gas stations the company claimed to have installed their product in, 1,000 are remotely hackable.
  • BSides NYC, a volunteer organized event put on by and for the community


    Another edition of BSides NYC has passed, and as first time attendee and presenter, I was genuinely impressed with the impeccable organization, the content shared, and the interesting conversations that took place among enthusiasts and professionals from all over the world.
  • DDoS attacks in Q4 2017


    Q4 2017 represented something of a lull: both the number and duration of DDoS attacks were down against the previous quarter. At the same time, the increase in the number of attacks on honeypot traps in the runup to holiday sales indicates that cybercriminals are keen to expand their botnets at the most opportune moment by pressuring owners of online resources and preventing them from making a profit.
  • Every little bitcoin helps


    It often happens that inventions and technologies that start out good end up turning into dangerous tools in the hands of criminals. Blockchain is no exception to this rule, especially in its most common cryptocurrency incarnation. The attacks targeted employees of small companies, but such emails could be sent to any user’s personal mail.
  • Cybercriminals target early IRS 2018 refunds now


    On Monday, Jan 29th, IRS officially opened its 2018 season. Right after two days of the opening, we got phishing messages with a fake refund status websites.
  • Denis and Co.


    In April 2017, we published a detailed review of a malicious program that used DNS tunneling to communicate to its C&C. That study prompted us to develop a technology to detect similar threats, which allowed us to collect a multitude of malware samples using DNS tunneling.

in Deutsch

  • Spam and phishing in 2017


    The share of spam in email traffic in 2017 fell by 1.68% to 56.63%. The lowest share (52.67%) was recorded in December 2017. The highest (59.56%) belonged to September. In 2017, the Anti-Phishing system was triggered 246,231,645 times on computers of Kaspersky Lab users as a result of phishing redirection attempts.
  • Bingo, Amigo! Jackpotting: ATM malware from Latin America to the World


    Of all the forms of attack against financial institutions around the world, the one that brings traditional crime and cybercrime together the most is the malicious ecosystem that exists around ATM malware. Criminals from different backgrounds work together with a single goal in mind: jackpotting.
  • Zero-day vulnerability in Telegram


    In October 2017, we learned of a vulnerability in Telegram Messenger’s Windows client that was being exploited in the wild. It involves the use of a classic right-to-left override attack when a user sends files over the messenger service.
  • A vulnerable driver: lesson almost learned


    At first, it looked like we’d found a zero-day local privilege escalation vulnerability for Windows, but the sample that was triggering Exploit Checker events turned out to be the clean signed executable file, part of the multiplayer online game.
  • Gas is too expensive? Let’s make it cheap!


    A search online lead me to a discovery I didn’t think was possible nowadays. I realized almost immediately that critical security issues were probably involved. I found that out of the many tens of thousands of gas stations the company claimed to have installed their product in, 1,000 are remotely hackable.
  • BSides NYC, a volunteer organized event put on by and for the community


    Another edition of BSides NYC has passed, and as first time attendee and presenter, I was genuinely impressed with the impeccable organization, the content shared, and the interesting conversations that took place among enthusiasts and professionals from all over the world.
  • DDoS attacks in Q4 2017


    Q4 2017 represented something of a lull: both the number and duration of DDoS attacks were down against the previous quarter. At the same time, the increase in the number of attacks on honeypot traps in the runup to holiday sales indicates that cybercriminals are keen to expand their botnets at the most opportune moment by pressuring owners of online resources and preventing them from making a profit.
  • Every little bitcoin helps


    It often happens that inventions and technologies that start out good end up turning into dangerous tools in the hands of criminals. Blockchain is no exception to this rule, especially in its most common cryptocurrency incarnation. The attacks targeted employees of small companies, but such emails could be sent to any user’s personal mail.
  • Cybercriminals target early IRS 2018 refunds now


    On Monday, Jan 29th, IRS officially opened its 2018 season. Right after two days of the opening, we got phishing messages with a fake refund status websites.
  • Denis and Co.


    In April 2017, we published a detailed review of a malicious program that used DNS tunneling to communicate to its C&C. That study prompted us to develop a technology to detect similar threats, which allowed us to collect a multitude of malware samples using DNS tunneling.

Leave a Reply

Your email address will not be published. Required fields are marked *