Kaspersky official blog

Kaspersky Lab experts analyze the security and privacy trends that emerged in 2014, including anonymous Tor browsing, ransomware, APT attacks and more.

Kaspersky Lab experts make predictions about what trends will emerge in the security industry in 2015.

Kaspersky Lab has gathered stats on the cyberthreats in 2014. The figures are appalling, but they don’t spell out doom and gloom. It is all about awareness.

Electronic devices becoming so smart that they take over mankind is a recurring theme in sci-fi. Chronophobia and futurophobia are widespread, too. But what’s the point of being afraid? Security in the coming age of Smarternet requires awareness and attention.

Kaspersky Lab released its new IT Threat Evolution Q3 2014 report, dedicated to the most important security incidents and trends in the cybersecurity sphere. It may seem like attacks are increasing more rapidly than ever, but it’s detection rates that are growing.

Microsoft has patched yet another bug in OLE, this time one that’s 19-years-old. While it is extremely surprising this bug hadn’t been discovered earlier, the crucial question here is the use of the underreviewed legacy code that developers have to drag along for decades.

Today’s software packages have become so huge and complex that stacks of patches issued one after the other are increasingly common. This has consequences for system administrators.

Linux bugs may affect or directly threaten entire virtualization infrastructures: Whatever OS is used on VMs, an attack on a hypervisor is possible from both the outside and inside, and exploitation of the dreaded Shellshock vulnerability on Linux-based hypervisors is a possibility, too.

Vulnerabilities vary. Some are considered critical, some – less problematic; their severity is determined by a few well-known factors such as ease of exploitability and popularity of software. But, no matter their differences they all require serious attention at a constant level, so that when the next Shellshock-like incident occurs, it won’t take cybersecurity world by surprise.

The recent developments with “big bugs” such as Heartbleed and Shellshock created a global security strain, with many questions emerging. Both bugs were open-source software-related, but indirectly they would constitute a threat to Windows-based infrastructure. In this post we review a few scenarios of an attack on mostly Windows-based network with Linux servers at certain points.

2014 is making its way into Cybersecurity history books with two global-scale software bugs discovered over 6 months. They are obviously not the last ones, and it is actually a good thing.

It’s been a day since the BashBug aka Shellshock bug was disclosed. What real damage has been inflicted and who is most in danger?

The Bash vulnerability affecting Unix, Linux and OS X systems is the latest Internet-wide bug to emerge, and a number of experts are saying it’s more dangerous than OpenSSL Heartbleed.

A new nasty bug discovered in Bourne again shell set the infosec on fire, Heartbleed-style. Is it as dangerous as the notorious OpenSSL flaw? It depends…

It’s been years since we’ve last heard of any large worm epidemics. Does it really mean that malware epidemics have gone away for good?

A large number of logins and passwords to accounts in several free email services – Mail.ru, Yandex and Gmail.com – had been leaked. Once again, passwords prove to provide insufficient protection. What does it mean for businesses?

Read highlights from our top posts in August.

Can we beat software vulnerabilities? It is not possible to do so completely, but there are ways to mend the issue.

Community Health Systems breach exposes the Social Security numbers of 4.5 million patients. Were you a victim? If so, how do you react?

Unpatched flaws in Android make your device vulnerable to “Invisible” infection. You better find out now in order to protect yourself.

Kaspersky Lab has just released a new report on the evolution of threats in Q2. Banking Trojans grow in numbers (and the level of danger they pose), while Russia remains the most malware-attacked country.