Vulnerabilities and exploits – Page 21

Analyzing an exploit for СVE-2017-11826

Posted on October 26, 2017 by Boris Larin

The latest Patch Tuesday (17 October) brought patches for 62 vulnerabilities, including one that fixed СVE-2017-11826 – a critical zero-day vulnerability used to launch targeted attacks – in all versions of Microsoft Office. The exploit for this vulnerability is an RTF document containing a DOCX document that exploits СVE-2017-11826 in the Office Open XML parser. Continue reading Analyzing an exploit for СVE-2017-11826→

BlackOasis APT and new targeted attacks leveraging zero-day exploit

Posted on October 16, 2017 by GReAT

On October 10, 2017, Kaspersky Lab’s advanced exploit prevention systems identified a new Adobe Flash zero day exploit used in the wild against our customers. The exploit was delivered through a Microsoft Office document and the final payload was the latest version of FinSpy malware. We have reported the bug to Adobe who assigned it CVE-2017-11292 and released a patch earlier today. Continue reading BlackOasis APT and new targeted attacks leveraging zero-day exploit→

BlackOasis APT and new targeted attacks leveraging zero-day exploit

Posted on October 16, 2017 by GReAT

Neutralization reaction

Posted on August 25, 2017 by Kaspersky Lab

Corporate information security services often turn out to be unprepared: their employees underestimate the speed, secrecy and efficiency of modern cyberattacks and do not recognize how ineffective the old approaches to security are. And if there is no clear understanding of what sort of incident it is, an attack cannot be repelled. We hope that our recommendations about identifying incidents and responding to them will help information security specialists create a solid foundation for reliable multi-level business protection. Continue reading Neutralization reaction→

IT threat evolution Q2 2017

Posted on August 15, 2017 by David Emm

The threat from ransomware continues to grow. Between April 2016 and March 2017, we blocked ransomware on the computers of 2,581,026 Kaspersky Lab customers. In May, we saw the biggest ransomware epidemic in history, called WannaCry. Continue reading IT threat evolution Q2 2017→

IT threat evolution Q2 2017. Statistics

Posted on August 15, 2017 by Roman Unuchek

According to KSN data, Kaspersky Lab solutions detected and repelled 342, 566, 061 malicious attacks from online resources located in 191 countries all over the world. Continue reading IT threat evolution Q2 2017. Statistics→

A King’s Ransom It is Not

Posted on July 20, 2017 by GReAT

The first half of 2017 began with two intriguing ransomware events, both partly enabled by wormable exploit technology dumped by a group calling themselves “The ShadowBrokers”. These WannaCry and ExPetr ransomware events are the biggest in the sense that they spread the quickest and most effectively of known ransomware to date. Continue reading A King’s Ransom It is Not→

Schroedinger’s Pet(ya)

Posted on June 27, 2017 by GReAT

Earlier today (June 27th), we received reports about a new wave of ransomware attacks spreading around the world, primarily targeting businesses in Ukraine, Russia and Western Europe. Our investigation is ongoing and our findings are far from final at this time. Despite rampant public speculation, the following is what we can confirm from our independent analysis. Continue reading Schroedinger’s Pet(ya)→

SambaCry is coming

Posted on June 9, 2017 by Mikhail Kuzin

Not long ago, news appeared online of a younger sibling for the sensational vulnerability EternalBlue. The story was about a new vulnerability for *nix-based systems – EternalRed (aka SambaCry). On May 30th our honeypots captured the first attack to make use of this particular vulnerability, but the payload in this exploit had nothing in common with the Trojan-Crypt that was EternalBlue and WannaCry. Continue reading SambaCry is coming→