We analyzed the statistics we had collected from May to August 2015 and identified three main Trojan families that use root privileges on the device to achieve their goals.
Today I ran into a typical fraud email claiming to come from a U.S. bank but with a twist! Analyzing the attachment, it turns out that there’s no malware inside but instead a new middle step to fool lesser security software.
The main focus of Blue Termite is to attack Japanese organizations; and most of their C2s are located in Japan. The attack is still active and the number of victims has been increasing.
Today, I received this message from a friend living in Mexico via Whatsapp.
“Indicators of compromise” help to use threat data effectively: identify malware and quickly respond to incidents. These indicators are very often included in threat reports. How should information system administrators use this data in practice?
An operating system can be compared to a shield. All additional built-in security capabilities are rivets on the shield. What is more important is the architecture, the principles underlying the OS. This determines whether the shield will be made of paper, plywood or steel.
In Q2 2015, the percentage of spam in email traffic accounted for 53.4%. The USA (14.6%) and Russia (7.8%) remained the biggest sources of spam. China came third with 7.1%. The Anti-Phishing system was triggered 30,807,071 times on computers of Kaspersky Lab users.
Microsoft releases a new batch of fourteen security updates patching over fifty vulnerabilities, with one of them known to be abused in targeted attacks.
In 2015, many of Darkhotel’s techniques and activities remain in use. However, in addition to new variants of malicious .hta, we find new victims, .rar attachments with RTLO spearphishing, and the deployment of a 0day from Hacking Team.
Old tricks never die, and bad guys know that. We recently saw a big wave of malicious VBE files targeting Brazilian users, distributed via email messages.