A Slice of 2017 Sofacy Activity

Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a highly active and prolific APT. From their high volume 0day deployment to their innovative and broad malware set, Sofacy is one of the top groups that we monitor, report, and protect against. 2017 was not any different in this regard. Continue reading A Slice of 2017 Sofacy Activity

Bingo, Amigo! Jackpotting: ATM malware from Latin America to the World

Of all the forms of attack against financial institutions around the world, the one that brings traditional crime and cybercrime together the most is the malicious ecosystem that exists around ATM malware. Criminals from different backgrounds work together with a single goal in mind: jackpotting. Continue reading Bingo, Amigo! Jackpotting: ATM malware from Latin America to the World

IoT lottery: finding a perfectly secure connected device

Being enthusiastic shoppers just like many other people around the world, at Kaspersky Lab we are, however paranoid enough to look at any Internet of Things (IoT)-device with some concern, even when the price is favorable. So we randomly took several different connected devices and reviewed their security set up. Continue reading IoT lottery: finding a perfectly secure connected device

Kaspersky Lab – Beyond Black Friday Threat Report, November 2017

This time of year is an ideal hunting ground for hackers, phishers and malware spreaders; disguising their attacks as offers too good to refuse, a concerned security message from your bank requiring urgent attention, a special rate discount from your credit card service, and more. Continue reading Kaspersky Lab – Beyond Black Friday Threat Report, November 2017

A Modern Hypervisor as a Basis for a Sandbox

In the field of information security, sandboxes are used to isolate an insecure external environment from a secure internal environment (or vice versa), to protect against the exploitation of vulnerabilities, and to analyze malicious code. At Kaspersky Lab, we have several sandboxes, we will look at just one of them that was customized to serve the needs of a specific product and became the basis of Kaspersky Anti Targeted Attack Platform. Continue reading A Modern Hypervisor as a Basis for a Sandbox

Connected Medicine and Its Diagnosis

Results that had been obtained during research that we discussed in a previous article called for a more detailed analysis of the security problem, but now from within medical institutions (with the consent of their owners, of course). The analysis allowed us to work on mistakes and give a series of recommendations for IT experts who service medical infrastructure. Continue reading Connected Medicine and Its Diagnosis

Steganography in contemporary cyberattacks

Today, a dangerous new trend is emerging: steganography is increasingly being used by actors creating malware and cyber-espionage tools. Most modern anti-malware solutions provide little, if any, protection from steganography, while any carrier in which a payload can be secretly carried poses a potential threat. Continue reading Steganography in contemporary cyberattacks

What Interests Children Online

In order to recognize relevant threats, our products collect anonymous statistics about potentially dangerous content that a child encounters. As part of this report, we analyze the collected data in our quest for the answer to the question of what interests the current generation of children online. Continue reading What Interests Children Online

Dridex: A History of Evolution

In the several years that the Dridex family has existed, there have been numerous unsuccessful attempts to block the botnet’s activity. The ongoing evolution of the malware demonstrates that the cybercriminals are not about to bid farewell to their brainchild, which is providing them with a steady revenue stream. Continue reading Dridex: A History of Evolution