ATM malware is being sold on Darknet market

by Konstantin Zykov
17 Oct 2017 at 9:00am
In May 2017, Kaspersky Lab researchers discovered a forum post advertising ATM malware that was targeting specific vendor ATMs. The forum contained a short description of a crimeware kit designed to empty ATMs with the help of a vendor specific API, without interacting with ATM users and their da...

BlackOasis APT and new targeted attacks leveraging zero-day exploit

by GReAT
16 Oct 2017 at 2:28pm
On October 10, 2017, Kaspersky Lab?s advanced exploit prevention systems identified a new Adobe Flash zero day exploit used in the wild against our customers. The exploit was delivered through a Microsoft Office document and the final payload was the latest version of FinSpy malware. We have repo...

ATMii: a small but effective ATM robber

by Konstantin Zykov
10 Oct 2017 at 9:00am
While some criminals blow up ATMs to steal cash, others use less destructive methods, such as infecting the ATM with malware and then stealing the money. We have written about this phenomenon extensively in the past and today we can add another family of malware to the list ? Backdoor.Win32.ATMii.

The Festive Complexities of SIGINT-Capable Threat Actors

by Juan Andrés Guerrero-Saade
4 Oct 2017 at 10:00am
The 2017 VirusBulletin conference is upon us and, as in previous years, we?re taking the opportunity to dive into an exciting subject, guided by our experience from doing hands-on APT research. This year we decided to put our heads together to understand the implications that the esoteric SIGINT ...

Threat Landscape for Industrial Automation Systems in H1 2017

by Kaspersky Lab ICS CERT
28 Sep 2017 at 12:00pm
Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017.

A simple example of a complex cyberattack

by Vasily Berdnikov
25 Sep 2017 at 12:23pm
We're already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious cam...

A Modern Hypervisor as a Basis for a Sandbox

by Vyacheslav Rusakov
19 Sep 2017 at 10:00am
In the field of information security, sandboxes are used to isolate an insecure external environment from a secure internal environment (or vice versa), to protect against the exploitation of vulnerabilities, and to analyze malicious code. At Kaspersky Lab, we have several sandboxes, we will look...

An (un)documented Word feature abused by attackers

by Alexander Liskin
18 Sep 2017 at 9:00am
A little while back we were investigating the malicious activities of the Freakyshelly targeted attack and came across spear phishing emails that had some interesting documents attached to them. They were in OLE2 format and contained no macros, exploits or any other active content.

Connected Medicine and Its Diagnosis

by Denis Makrushin
13 Sep 2017 at 9:00am
Results that had been obtained during research that we discussed in a previous article called for a more detailed analysis of the security problem, but now from within medical institutions (with the consent of their owners, of course). The analysis allowed us to work on mistakes and give a series...

Miners on the Rise

by Evgeny Lopatin
12 Sep 2017 at 9:00am
Over the last month alone, we have detected several large botnets designed to profit from concealed crypto mining. We have also observed growing numbers of attempts to install miners on servers owned by organizations. When these attempts are successful, the companies? business processes suffer be...

powered by dotcombinat


TOP Referrer

TOP Downloads

Mac OSX Widget



spam shirt

Partner Sites