Announcement

Collapse
No announcement yet.

Articles

Collapse

CMS Home Page

  • Filter
  • Time
  • Show
Clear All
new posts

  • ATM malware is being sold on Darknet market

    ATM malware is being sold on Darknet market

    In May 2017, Kaspersky Lab researchers discovered a forum post advertising ATM malware that was targeting specific vendor ATMs. The forum contained a short description of a crimeware kit designed to empty ATMs with the help of a vendor specific API, without interacting with ATM users and their data. The price of the kit was 5000 USD at the time of research.

    More...
    See more | Go to post

  • BlackOasis APT and new targeted attacks leveraging zero-day exploit

    BlackOasis APT and new targeted attacks leveraging zero-day exploit

    On October 10, 2017, Kaspersky Lab’s advanced exploit prevention systems identified a new Adobe Flash zero day exploit used in the wild against our customers. The exploit was delivered through a Microsoft Office document and the final payload was the latest version of FinSpy malware. We have reported the bug to Adobe who assigned it CVE-2017-11292 and released a patch earlier today.

    More...
    See more | Go to post

  • ATMii: a small but effective ATM robber

    ATMii: a small but effective ATM robber

    While some criminals blow up ATMs to steal cash, others use less destructive methods, such as infecting the ATM with malware and then stealing the money. We have written about this phenomenon extensively in the past and today we can add another family of malware to the list – Backdoor.Win32.ATMii.

    More...
    See more | Go to post

  • The Festive Complexities of SIGINT-Capable Threat Actors

    The Festive Complexities of SIGINT-Capable Threat Actors

    The 2017 VirusBulletin conference is upon us and, as in previous years, we’re taking the opportunity to dive into an exciting subject, guided by our experience from doing hands-on APT research. This year we decided to put our heads together to understand the implications that the esoteric SIGINT practice of fourth-party collection could have on threat intelligence research.

    More...
    See more | Go to post

  • Threat Landscape for Industrial Automation Systems in H1 2017

    Threat Landscape for Industrial Automation Systems in H1 2017

    Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017.

    More...
    See more | Go to post

  • A simple example of a complex cyberattack

    A simple example of a complex cyberattack

    We're already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious campaign that we detected a while ago – we named it 'Microcin' after microini, one of the malicious components used in it.

    More...
    See more | Go to post

  • A Modern Hypervisor as a Basis for a Sandbox

    A Modern Hypervisor as a Basis for a Sandbox

    In the field of information security, sandboxes are used to isolate an insecure external environment from a secure internal environment (or vice versa), to protect against the exploitation of vulnerabilities, and to analyze malicious code. At Kaspersky Lab, we have several sandboxes, we will look at just one of them that was customized to serve the needs of a specific product and became the basis of Kaspersky Anti Targeted Attack Platform.

    More...
    See more | Go to post

  • An (un)documented Word feature abused by attackers

    An (un)documented Word feature abused by attackers

    A little while back we were investigating the malicious activities of the Freakyshelly targeted attack and came across spear phishing emails that had some interesting documents attached to them. They were in OLE2 format and contained no macros, exploits or any other active content.

    More...
    See more | Go to post

  • Where i lived

    Where i lived

    Formerly known as Carr's Row,[4] Sandy Row is one of the oldest residential areas of Belfast.[5] Its growth in population was in large part due to the expansion of the linen industry in Rowland Street.[6] The name Sandy Row derived from the sandbank which abutted the road that followed the high-water mark resulting from the flow off the tidal waters of the Lagan River estuary. For over two thousand years, the road along the sandbank was the principal thoroughfare leading south from Carrickfergu...
    See more | Go to post

  • PS Comet

    PS Comet

    The original PS Comet

    Thurston's illustration, 1878 The original PS (Paddle Steamer) Comet was constructed for Henry Bell in 1811, by John Wood, a Port Glasgow shipbuilder, and completed on January 18, 1812. The first passenger vessel built in Europe, PS Comet was a wooden vessel of some 30 tons, about 40 feet in length, and 10 feet in beam, and originally fitted with four paddle wheels, arranged as two on each side, driven by an engine rated at three horsepower. The two sets of twin paddle wheels were later replaced by single wheel on each side, and the l...
    See more | Go to post
There are no articles in this category.
  • Filter
  • Time
  • Show
Clear All
new posts
Please log in to your account to view your subscribed posts.

Categories

Collapse

Article Tags

Collapse

Latest Articles

Collapse

  • ATM malware is being sold on Darknet market
    willie
    In May 2017, Kaspersky Lab researchers discovered a forum post advertising ATM malware that was targeting specific vendor ATMs. The forum contained a short description of a crimeware kit designed to empty ATMs with the help of a vendor specific API, without interacting with ATM users and their data. The price of the kit was 5000 USD at the time of research.

    More...
    10-17-2017, 12:57 PM
  • BlackOasis APT and new targeted attacks leveraging zero-day exploit
    willie
    On October 10, 2017, Kaspersky Lab’s advanced exploit prevention systems identified a new Adobe Flash zero day exploit used in the wild against our customers. The exploit was delivered through a Microsoft Office document and the final payload was the latest version of FinSpy malware. We have reported the bug to Adobe who assigned it CVE-2017-11292 and released a patch earlier today.

    More...
    10-17-2017, 02:20 AM
  • ATMii: a small but effective ATM robber
    willie
    While some criminals blow up ATMs to steal cash, others use less destructive methods, such as infecting the ATM with malware and then stealing the money. We have written about this phenomenon extensively in the past and today we can add another family of malware to the list – Backdoor.Win32.ATMii.

    More...
    10-10-2017, 01:03 PM
  • The Festive Complexities of SIGINT-Capable Threat Actors
    willie
    The 2017 VirusBulletin conference is upon us and, as in previous years, we’re taking the opportunity to dive into an exciting subject, guided by our experience from doing hands-on APT research. This year we decided to put our heads together to understand the implications that the esoteric SIGINT practice of fourth-party collection could have on threat intelligence research.

    More...
    10-04-2017, 03:32 PM
  • Threat Landscape for Industrial Automation Systems in H1 2017
    willie
    Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017.

    More...
    09-29-2017, 02:12 AM
  • A simple example of a complex cyberattack
    willie
    We're already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious campaign that we detected a while ago – we named it 'Microcin' after microini, one of the malicious components used in it.

    More...
    09-27-2017, 02:17 AM
Working...
X