1297 articles
An Indian-speaking threat actor, Dropping Elephant chooses targets mainly in the Asian region, paying particular attention to Chinese government/diplomatic organizations – and also to foreign embassies and diplomatic offices in China.
Despite the persistent myth of security-by-default, virtual infrastructures need protection every bit as much as physical ones. Almost all existing threats are relevant for virtual machines, too.
Spanish magazine Red Seguridad recently granted an award to the Kaspersky CyberSafety Management Games training program.
Security should be multilayered, and use of allowlists is appropriate as one of the security levels.
Information security experts have long been sounding the alarm about the poor defense of industrial systems, and of critical infrastructure systems in particular. Time to start
It now appears the number of servers bought and sold via xDedic might have been underestimated; it’s likely many more IPs have been compromised by xDedic players.
Securelist just released a new cyberespionage campaign alert, code-named “Operation Daybreak.”
Kaspersky Lab has lately researched an active cybercriminal trading platform xDedic. The main purpose of the xDedic marketplace is to facilitate buying and selling credentials of more than 70,000 hacked servers from all around the world.
Theoretically, every business should have already learned how to protect itself against ransomware. Actually it’s not the case.
ATMs and point-of-service systems are extremely vulnerable to malware — and software vendors are no longer patching them. Here’s how to make them safer.
A vulnerability affecting all versions of Windows since Windows 2000 through Windows 10 might have been discovered. It’s still uncertain, however.
Although the history of Microsoft Windows XP seemed to end in April 2014, the operating system was not completely gone; many embedded devices still ran Windows XP Embedded Service Pack 3, and as such they were dependent on its security updates.
One of the most popular techniques used to penetrate corporate defenses is the use of vulnerabilities found in working software, which, in fact, do not need to be brand-new 0-days.
In a highly surprising move, the notorious Teslacrypt authors have wrapped up their operation and released the ransomware’s master key.
The late April was especially “rich” with news related to bugs, attacks and Android-targeting malware.
An update to RannohDecryptor now allows to beat a newer version of CryptXXX too.
Gartner’s Magic Quadrant is a tool that helps to choose which vendor fits organizations best for a particular business purpose. It is designed for CIO’s, decision makers, and IT-security specialists of the businesses.
A new APT group is seen to have been exploiting hotpatching, a now-deprecated feature in Windows operating systems, to carry out their attacks.
Locky and Petya ransomware strains took the world by storm when they shouldn’t be successful at all.
Securelist has released a new report on DDoS attacks in the first quarter of 2016.
APT
Kaspersky Endpoint Security for Business
CISO
Ransomware
ddos