supply-chain attack – Page 8

Free HTTPS Wildcard Certificates Are Now Available

Posted on March 14, 2018 by Lucian Constantin

Not-for-profit certificate authority Let’s Encrypt has started issuing wildcard HTTPS certificates for free, allowing organizations with a large number of web assets to significantly simplify their certificate management. Let’s Encrypt has… Continue reading Free HTTPS Wildcard Certificates Are Now Available→

Flaws in Development Tools Expose Android App Makers to Attacks

Posted on December 6, 2017 by Lucian Constantin

Millions of computers and servers that are used to develop, test and analyze Android applications were put at risk by vulnerabilities in widely used development tools. The flaws were discovered by researchers from Check Point Software Technologies and … Continue reading Flaws in Development Tools Expose Android App Makers to Attacks→

Cybercriminals vs financial institutions in 2018: what to expect

Posted on December 6, 2017 by Yury Namestnikov

During past few years, the number and quality of attacks aimed financial sector organizations has continuously grown. The financial institutions that have not already thought about cyber security, will soon face the consequences of hacker attacks. Continue reading Cybercriminals vs financial institutions in 2018: what to expect→

Kaspersky Security Bulletin: Review of the Year 2017

Posted on December 5, 2017 by David Emm

The end of the year is a good time to take stock of the main cyberthreat incidents that took place over the preceding 12 months or so. To reflect on the impact these events had on organizations and individuals, and consider what they could mean for the overall evolution of the threat landscape. Continue reading Kaspersky Security Bulletin: Review of the Year 2017→

Kaspersky Security Bulletin: Threat Predictions for 2018

Posted on November 15, 2017 by Juan Andrés Guerrero-Saade

Looking back at a year like 2017 brings the internal conflict of being a security researcher into full view: on the one hand, each new event is an exciting new research avenue for us, as what were once theoretical problems find palpable expression in reality. On the other hand, as people with a heightened concern for the security posture of users at large, each event is a bigger catastrophe. Continue reading Kaspersky Security Bulletin: Threat Predictions for 2018→

Supply Chain Attack Hits Maker of Popular MacOS Apps

Posted on October 20, 2017 by Lucian Constantin

Eltima Software, a maker of popular applications for macOS, had its website compromised by hackers who replaced the installers for two of its applications with trojanized versions. This is the latest in a string of software supply chain attacks that ha… Continue reading Supply Chain Attack Hits Maker of Popular MacOS Apps→

Hackers Distribute Malware-Infected Media Player to Hundreds of Mac Users

Posted on October 20, 2017 by Lucian Constantin

Yet another software supply-chain attack hits popular applications. Continue reading Hackers Distribute Malware-Infected Media Player to Hundreds of Mac Users→

ShadowPad in corporate networks

Posted on August 15, 2017 by GReAT

In July 2017, during an investigation, suspicious DNS requests were identified in a partner’s network. The source of the queries was a software package produced by NetSarang. Our analysis showed that recent versions of the software had been surreptitiously modified to include an encrypted payload that could be remotely activated by a knowledgeable attacker. Continue reading ShadowPad in corporate networks→