Kaspersky Lab – Page 3 – WindowsTechs.com

The developers of the notorious FinSpy spyware are innovating — and thriving

Posted on July 10, 2019 by Sean Lyngaas

Like any competitive company, a spyware vendor has to innovate when its proprietary data is exposed or stolen. For Gamma Group, the maker of the notorious FinSpy spyware, the definitive moment came in 2014, when it was hacked and information about its software and clients was dumped online. Since then, FinSpy’s authors have revamped big portions of the software, improving the encryption and making the code harder for analysts to parse, according to new research from Kaspersky Lab. The updated spyware implants for iOS and Android have been used in nearly 20 countries in the last year or so across Asia, Europe, and the Middle East, the researchers said Wednesday. In Myanmar, an ongoing campaign has infected several dozen phones. The researchers suspect there are many more victims out there, given how popular FinSpy has been with government clients. “The developers behind FinSpy constantly monitor security updates for mobile platforms and tend to quickly […]

The post The developers of the notorious FinSpy spyware are innovating — and thriving appeared first on CyberScoop.

Continue reading The developers of the notorious FinSpy spyware are innovating — and thriving→

Who’s Behind the GandCrab Ransomware?

Posted on July 8, 2019 by BrianKrebs

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. What follows is a deep dive into who may be responsible for recruiting new members to help spread the contagion. Continue reading Who’s Behind the GandCrab Ransomware?→

Hackers Take Over IoT Devices to ‘Click’ on Ads

Posted on May 9, 2019 by Tara Seals

A video interview and Q&A with IoT specialist Dan Demeter of Kaspersky Lab. Continue reading Hackers Take Over IoT Devices to ‘Click’ on Ads→

Microsoft Office: The New Hot Target for Hackers

Posted on May 2, 2019 by Joan Goodchild

New research finds cybercriminals have changed their focus from web vulnerabilities to Microsoft Office, and it is extremely easy to exploit holes in the popular software. Recent research from Kaspersky Lab reveals 70 percent of the attacks its antivi… Continue reading Microsoft Office: The New Hot Target for Hackers→

MuddyWater APT Hones an Arsenal of Custom Tools

Posted on April 29, 2019 by Tara Seals

The attack group shows a moderate level of sophistication, but the stage is set for MuddyWater to take things to the next level. Continue reading MuddyWater APT Hones an Arsenal of Custom Tools→

MuddyWater APT Hones an Arsenal of Custom Tools

Posted on April 29, 2019 by Tara Seals

The attack group shows a moderate level of sophistication, but the stage is set for MuddyWater to take things to the next level. Continue reading MuddyWater APT Hones an Arsenal of Custom Tools→

Classified data key to new acquisition approach, Federal CISO says

Posted on April 25, 2019 by Sean Lyngaas

The strength of a new federal acquisition council on supply-chain security lies in its ability to directly involve classified information in agencies’ decisions to buy products and services, according to a senior White House official. The new regime contrasts from previous “whack-a-mole” approaches that were confined to the unclassified space, Federal Chief Information Officer Grant Schneider said Thursday at the 2019 Security Through Innovation Summit, presented by McAfee. He chairs the nascent interagency Federal Acquisition Security Council, which was established by a law signed by President Donald Trump in December. The law allows classified information to be used to support risk assessments while assuring the intelligence community that data is protected, Schneider added. “The Binding Operational Directive on Kaspersky was completely through open-source [information],” Schneider said, referring to a 2017 federal order that, due to security concerns, banned civilian agencies from using products made by Moscow-based Kaspersky Lab. “If we […]

The post Classified data key to new acquisition approach, Federal CISO says appeared first on CyberScoop.

Continue reading Classified data key to new acquisition approach, Federal CISO says→

Brazilian ‘pirates’ sail around two-factor authentication to vex banking sector

Posted on April 16, 2019 by Sean Lyngaas

For researchers investigating malicious network activity in a given country, scanning hacker forums is like reading tea leaves. The discussion boards can provide insight about which malware is most popular, its likely victims and some clues that can help identify the thieves cashing in. In Brazil, underground bazaars host a bevy of hackers that cybersecurity company Recorded Future has dubbed “pirates” for their willingness to change tactics at any time in order to find easy money. That traditionally could mean flooding a large number of users with text messages and counting on someone to click a link, or using spam to change the domain name settings on local routers. It’s clear now some so-called pirates are capable of more. Skilled Brazilian cybercriminals are able to circumvent two-factor authentication through SIM-swapping, by compromising desktops used for banking, or by directly interfering with the banking sessions, according to research published Tuesday by Recorded Future. The findings illuminate a Brazilian […]

The post Brazilian ‘pirates’ sail around two-factor authentication to vex banking sector appeared first on CyberScoop.

Continue reading Brazilian ‘pirates’ sail around two-factor authentication to vex banking sector→

New APT group TajMahal operates as a ‘full-blown spying network,’ Kaspersky says

Posted on April 10, 2019 by Jeff Stone

Researchers have uncovered an advanced persistent threat that for at least five years has used an array of hacking tools and covert automatic updates as part of a hacking campaign that bears little technical similarity to any other APT. The “TajMahal” cyber-espionage group uses software backdoors, audio recorders, keyloggers, screen and webcam grabbers, cryptography key stealers and up to 80 malicious modules as part of a “full-blown spying framework,” according to research published Wednesday by Kaspersky Lab. TajMahal relies on an entirely new base of code that has no similarities to other known malware or APT techniques, helping its operators avoid detection between August 2013 and April 2018, researchers found. “Just to highlight its capabilities, TajMahal is able to steal data from a CD burnt by a victim as well as from the printer queue,” Kaspersky said in a blog post. “It also can request to steal a particular file from […]

The post New APT group TajMahal operates as a ‘full-blown spying network,’ Kaspersky says appeared first on CyberScoop.

Continue reading New APT group TajMahal operates as a ‘full-blown spying network,’ Kaspersky says→

SAS 2019: Gaza Cybergang Blends Sophistication Levels in Highly Effective Spy Effort

Posted on April 10, 2019 by Tara Seals

The SneakyPastes campaign was highly effective but hardly advanced. Continue reading SAS 2019: Gaza Cybergang Blends Sophistication Levels in Highly Effective Spy Effort→