About Kaspersky Lab
Interesting news, information and useful information about KL products
Members
3654
Category
Entertainment
LAN sockets in reception areas — unnecessary and dangerous

LAN sockets in reception areas — unnecessary and dangerous

Wired networks are generally considered more secure than Wi-Fi because they require physical access to connected devices. Nevertheless, such networks have their weaknesses, which we examine here.

LAN sockets in hallways and reception areas

Imagine that your company moves to a new office. Minor adjustments are made, perhaps some rooms are repurposed, but the previous tenant’s LAN sockets usually remain in place. After all, opening up the walls and rewiring everything takes time and money. However, some Ethernet ports might not be in the most suitable places. For example, you may find some in reception areas or hallways.

Many...

Read more...
About Kaspersky Lab
0
Transatlantic Cable podcast, episode 118

Transatlantic Cable podcast, episode 118

zJNbFuzY93EvryZ8cL0DXWrTneAOrFyQ.jpg?s=c38778358ad9db18c289ebe2db92c012

As we take on the 118th edition of the Kaspersky Transatlantic Cable podcast, Dave and I look to the future.

The first story is about Ring. Now, we all know about what Ring can do now, but as its relationships with law enforcement grow, are we ready for what the future holds? After that, we stay in the realm of Amazon and the future of Alexa. How would you feel if your virtual assistant had eyes and walked?

From the home space, we move to the air. This story is not “new” news, but it’s something worth keeping an eye on as the UK looks at tightening drone regulation. To close out the podcast, we take a look at healthcare and Google’s Project...

Read more...
About Kaspersky Lab
0
Cheat or death? The secret world of malware-like cheats in video games

Cheat or death? The secret world of malware-like cheats in video games

Fortnite? Overwatch? League of Legends? If you’ve heard of these games but don’t know an aim-bot from a wall-hack (let alone ESP), read on to understand why some ordinary folks feel like a fish out of water in competitive matches — and why that matters.

Yg3i6OYrx5AY2jf_Ng2_VHCzHOlpNXIA.jpg?s=a9d808093ee574276e10a01521c03403

As of 2018, video games represent one of the most lucrative businesses in the world, generating more than $43 billion in revenue in the United States alone. An entire media ecosystem has sprung up around the gaming industry, with e-sports or electronic sports tournaments broadcast on cable television attracting nearly 400 million viewers each year. Streaming platforms...

Read more...
About Kaspersky Lab
0
Beware of fleeceware

Beware of fleeceware

Remember how Pulp Fiction hitman Vincent Vega wanted to try a milkshake simply because it cost a whopping $5? That’s a completely normal reaction — many people automatically associate high price with some extraordinary quality. So, if they can sample an expensive product free, even those who don’t plan to buy are interested. Some smartphone app developers take advantage of this human trait.

01KWIi7vb3Vchd0fC--JQ6py8fHPC_jt.jpg?s=96dc9c680347e62ad16854f3a238b547The cost of curiosity

In late September, infosec researchers found a collection of calculators, QR code scanners, photo enhancers, and other programs with basic functionality on Google Play at clearly inflated subscription prices of up to €200 per month. The apps had been...

Read more...
About Kaspersky Lab
0
Terminator 6/3: Sarah Connor and a bag of chips

Terminator 6/3: Sarah Connor and a bag of chips

By the time this post goes online, Terminator: Dark Fate will have hit movie theaters worldwide. The creators of the film decided against giving it a version number, but it is the sixth movie in the franchise and completely discards the plots of the last three, so we’ll call it Terminator 6/3. In terms of practical information security, it contains only one real moment of interest: when the understandably paranoid Sarah Connor attempts to evade cell-phone tracking.

The thing is that Sarah, who has problems with the authorities in several (more precisely, all 50) U.S. states, carries her phone in an empty bag of potato chips. Her rationale...

Read more...
About Kaspersky Lab
0
Challenges and opportunities for European MSPs

Challenges and opportunities for European MSPs

With ongoing digital transformation and transition to cloud infrastructure, outsourcing of IT services and IT security in particular is on the rise. To get a better picture of current challenges and opportunities for MSPs across Europe, our experts conducted a survey of European MSP employees from the UK, France, Germany, Spain, Italy, Austria, Sweden, and Denmark. From this survey as well as the analytics of our annual online survey of business IT decision-makers, “Kaspersky Corporate IT Security and Risks Survey 2019,” they compiled “Maintaining MSP Momentum: Challenges and opportunities in an evolving IT security landscape.” Here are some...

Read more...
About Kaspersky Lab
0
Transatlantic Cable podcast, episode 117

Transatlantic Cable podcast, episode 117

weABbn9Ber2VVlRTMDe3eHXyVus2KpEj.jpg?s=00ad15544e6c233738c3137b790a909f

For the 117th episode of the Kaspersky Transatlantic Cable podcast, Dave and I change things up a bit. Instead of a 20-minute episode, we go a bit longer to talk with Santiago Pontiroli, one of the researchers from the Kaspersky Global Research and Analysis Team (GReAT).

Our first story relates to the United States and the energy sector. The issue in the story is tied to an energy company that suffered a cyberattack on its firewalls.

From Arizona, we head across the Atlantic to Eurasia. In this story we look at the impact of Bitcoin mining in the Republic of Georgia. Many are hung up on the environmental impact, but what if the energy is...

Read more...
About Kaspersky Lab
0
Chrome in the zero-day crosshairs

Chrome in the zero-day crosshairs

Thanks to the Kaspersky Exploit Prevention subsystem in our products, we recently detected an exploit — a malicious program letting attackers gain unauthorized access to the computer — through a vulnerability in the Google Chrome browser. It used a zero-day vulnerability, that is, one that was yet unknown to the developers. It was assigned the identifier CVE-2019-13720.

We reported the vulnerability to Google, which fixed it in the latest Chrome update. Here we describe how the attack that uses this vulnerability unfolds.

eEkyxszBXaWOJSJNNc6Ev6w96FoS6le_.jpg?s=4b940be4802d944ceaf7d1834504ca32WizardOpium: Bad news in Korean

The attacks, which we labeled Operation WizardOpium, began from a Korean news site where the...

Read more...
About Kaspersky Lab
0
Finding out what data apps really collect

Finding out what data apps really collect

Most apps collect some information about the user. Sometimes, they really need such data to operate: For example, a navigation app requires your positioning information to build a convenient route for you. Developers often use information about you to monetize or improve their service — with your prior consent. For example, they may collect anonymous statistics to find bottlenecks in their app and understand along what avenue it needs to be developed.

38yU_Gc1XhK6nEJWzsAJch5NBuJ5-hS4.jpg?s=b6b56a649ebc0e4826ae46e7083f6cb4

But some developers may abuse your trust by stealthily collecting information unrelated to their app’s functionality and by selling your data to third parties. Fortunately, you can use a couple of...

Read more...
About Kaspersky Lab
0
Transatlantic Cable podcast, episode 116

Transatlantic Cable podcast, episode 116

mnIKOdKcwW1JjCVc1SsRla9BBRlOhu5R.jpg?s=a4e802f2a6cfeb22eedd1e8e22d1722d

This week on the Kaspersky Transatlantic Cable podcast, Dave and I talk about a number of stories that tie back to the police theme.

To kick off episode 116, we take a look at a story within the automotive space. There, the author puts on his cybersleuthing hat to figure out that the license plates of cars used in photos would show up in Google search results.

The second story jumps more into the political arena, and conversation surrounding Facebook and a privately funded public police force. We stay on the topic of laws when we discuss the recent news of the FTC looking for consent with stalkerware apps. For our fourth story, we look at a...

Read more...
About Kaspersky Lab
0
A 30-year cybermaze, from the Cascade virus to recent days

A 30-year cybermaze, from the Cascade virus to recent days

A long time ago, in a galaxy far away viruses were created not for profit, but for somewhat perverse fun. And on MS-DOS. And there were very few of them. So, well, things were completely different. Among the first malware was a notorious virus called Cascade, which caused symbols to fall to the bottom of the screen, making work on the infected computer nearly impossible.

fzb9S9-lYcWxUE-KaNPCmJ4F3AY4cRbx.png?s=0c2658dc13563dd5c5d69139f45c9b09

Cascade was the first virus that Eugene Kaspersky ever encountered. It was 30 years ago, in 1989, and it changed his life completely. He disassembled the virus and wrote a tool that helped remove it. The tool became popular among his friends and acquaintances,...

Read more...
About Kaspersky Lab
0
The cybersecurity of the Terminator

The cybersecurity of the Terminator

The latest Terminator movie is set to hit the big screen. According to its creators, its plot is a continuation of the seminal Terminator 2: Judgment Day, with all installments in-between relegated to an alternative branch of reality. In general, the idea of an AI rebellion is clearly an information security problem, so we decided to examine the movie’s cyberlandscape. Our focus will be on the first two films in the franchise.

5lx-iIIUVPwyKlLyR41Gm4ocsFoyPO1s.jpg?s=9f5f08f6958837cf05fe17d102ceba24The Terminator

Let’s get this out of the way: We have no issues with the Terminator itself. The metalhead strictly follows its programming and displays savvy and flair in tracking down Sarah Connor. Keep in mind that the first...

Read more...
About Kaspersky Lab
0
Transatlantic Cable podcast, episode 115

Transatlantic Cable podcast, episode 115

R8xa5N1NTqthNje1ts7EdtR64mSmPNzU.jpg?s=6135b8486bc2cbcad7a65464b46006cf

The 115th installment of the Kaspersky Transatlantic Cable podcast takes a look at a wide range of stories from phishing devices in your home to the US military.

To kick things off, we look at some new research tied to Google Home and Amazon Alexa devices. This one is more of a proof of concept for malicious apps phishing from a smart device already in homes.

From there, we stay on the topic of Google and move from smart home devices to smart devices. This time, it’s the new Pixel, which has some issues with its face unlock feature. From smart devices, we jump over to the military, where the US Air Force is bidding happy trails to 8-inch floppy...

Read more...
About Kaspersky Lab
0
Threat Intelligence Portal: We need to go deeper

Threat Intelligence Portal: We need to go deeper

I understand perfectly well that for 95% of you this post will be of no use at all. But for the remaining 5%, it has the potential to greatly simplify your working week (and many working weekends). In other words, we’ve some great news for cybersecurity pros – SOC teams, independent researchers, and inquisitive techies: the tools that our woodpeckers and GReAT guys use on a daily basis to keep churning out the best cyberthreat research in the world are now available to all of you, and free at that, with the lite version of our Threat Intelligence Portal. It’s sometimes called TIP for short, and after I’ve said a few words about it here,...

Read more...
About Kaspersky Lab
0
6 accounts you should never abandon

6 accounts you should never abandon

Can you recall every online service account you have? Maybe you signed up to access some content or because a friend asked you to, then lost interest. Many users simply stop logging in and don’t bother to delete their accounts. The accounts sit there, dormant, waiting to be hacked — but if they are, you won’t know about it anytime soon, if ever.

clRJpnmWSKrdOCxzTJ1z7b6y79uvM1Co.jpg?s=fcb6c9d744bff7667cf51c30783cd91aAbandoned account: What could go wrong

Does it really matter what happens to an unwanted profile, though? If it gets hacked, so what? You didn’t need it anyway. However, in some cases, an abandoned account can be exploited to gain access to resources and important information that you do need. Here’s what you...

Read more...
About Kaspersky Lab
0
Risk management as the essential skill for a CISO

Risk management as the essential skill for a CISO

Last year, looking at feedback from my colleagues on the industry’s focus and issues, I had mixed feelings. A year later, it turns out the results of our new survey (available below) are even more interesting.

The very first impression you get as you look at the results of these two studies is this: Information security in general, and the role of CISO in particular, are becoming more and more important for business — at least, according to roughly 300 of my infosec peers. Definitely a good sign. So is the fact that more and more respondents have listed “risk management” and other business skills among the essential ones for their role.

isY96HR3OQRq9jTeiWgfkBaZmi9sSBBb.jpg?s=24998bae3bfcf3d5dc02ae0ed89c1aa6
Read more...
About Kaspersky Lab
0
Air alert: 8 dangerous drone incidents

Air alert: 8 dangerous drone incidents

Civilian UAVs are used increasingly frequently for photo and video shooting, cargo delivery, search-and-rescue operations, and other purposes. In the interests of safety — of both the drones and their surroundings — some countries have already introduced rules and restrictions on their use. Alas, not all UAV owners know or follow them. And, like any electronic devices, drones can sometimes get out of hand. What are the potential consequences? Here are some examples.

isAXoZf2_ZhhqLJfz2cftbc6Hfv-k9Ph.jpg?s=c3338bab9af2ac8b025934b9247ff78eWhite House down?

In January 2015, a drone crashed right on the lawn in front of the White House in Washington, D.C. An inebriated government officer had flown the drone from an...

Read more...
About Kaspersky Lab
0
Kaspersky Antidrone: What it’s for and how it works

Kaspersky Antidrone: What it’s for and how it works

Today, hundreds of civil drone models are available for sale — from fairly simple toys to impressive aircraft built to carry substantial weight. Most of them are used for entertainment or aerial video. But, as is the case with almost all technologies, sooner or later someone puts them to malicious use. That creates demand for systems to get rid of unwelcome aerial presence. Demand, in turn, breeds supply, and our enthusiasts have developed a solution called Kaspersky Antidrone.

hK12LWBc679SQjPrVo9u6ppE8DittkUV.jpg?s=5cdc1df2d31134dcf74cb081ee9e2bedHow can one be wronged by a drone?

To begin with, any civil UAV is, above all, a remotely controlled camera. Naturally, the world has already seen reports of...

Read more...
About Kaspersky Lab
0
5 things we learned at Kaspersky NEXT

5 things we learned at Kaspersky NEXT

This year’s Kaspersky NEXT event showcased research and discussions from some of Europe’s most prominent experts in the field of cybersecurity and artificial intelligence. From machine learning and AI right through to securing the IoT, here are five things we learned about at this year’s event, which took place in Lisbon on October 14.

5oDnd50uJkFZM_cUoJ2IEVX-_YmcMaDb.jpg?s=4ffd386179ca4f44eb8113fe1a9cb67eUsing AI to make the world more fair

Have you ever thought about how many decisions machines have made today? Or how many of those decisions were based on gender, race, or background? Chances are you don’t even realize just how many decisions are made by artificial intelligence instead of a human. Kriti Sharma,...

Read more...
About Kaspersky Lab
0
Transatlantic Cable podcast, episode 114

Transatlantic Cable podcast, episode 114

LttpQ9x0-RLK7vZlyugZeQartjHrjrPT.jpg?s=b995ef96e5336fd5dd97bc69befd7d4c

After a two-week hiatus, Dave returns for the 114th installment of the Kaspersky Transatlantic Cable podcast.

We open the episode looking at the latest news on the Facebook front. Unlike most of our podcasts, the focus won’t be on privacy snafus. Instead, we will look at the latest news with Facebook’s Libra. Following up on that, we head across California to Google. In this week’s story, the focus is on the privacy surrounding smart speakers and whether owners should disclose their presence to guests in the house.

The third story has us jumping to a more global scale, where ATM jackpotting is once again in the spotlight. This time, it is Cutlet...

Read more...
About Kaspersky Lab
0
“Puss in Boots” APT campaign

“Puss in Boots” APT campaign

Have you ever thought about what your answer would be if your precocious child asked, “What’s a politically motivated APT attack?” In fact, it’s straightforward. Just dust off your copy of Charles Perrault’s Puss in Boots and read it together with an eye on the cybersecurity aspects. After all, if we ignore the artistic liberties, such as a talking cat and ogres, the tale represents a marvelous example of a complex multivector APT attack against a (fictional) government. Let’s unpick this cybercrime together.

juM2MfxP8OK7vPxOdR6yUICPvYeRiVhG.jpg?s=5708e8fceaa93296748494bb5ed6868b

The tale opens with a miller posthumously leaving everything to his sons. The youngest son’s share of the inheritance includes the contact details of a...

Read more...
About Kaspersky Lab
0
Corporate phishing under the guise of performance appraisals

Corporate phishing under the guise of performance appraisals

In pursuit of business account credentials, cybercriminals are devising new ways to trick employees onto phishing sites. Previous spam campaigns have used SharePoint invitations and voice messages as bait.

Recently, our experts uncovered another phishing scheme in which cybercriminals try to mimic the performance appraisal process of the target company. The attack is twofold: Recipients think that the appraisal (a) is mandatory and (b) can lead to a pay raise. It’s worth noting that in some companies such appraisals are a routine part of the salary revision process and that’s why they don’t raise any suspicions.

It all begins,...

Read more...
About Kaspersky Lab
0
Transatlantic Cable podcast, episode 113

Transatlantic Cable podcast, episode 113

MhV8hH7D57ffEgrcPGeeyZWNawaMgA9o.jpg?s=de3750368ec055918f2f427759b41542

For episode 113 of the Kaspersky Transatlantic Cable podcast, I fly solo because Dave is still on holiday. We will return to our regularly scheduled programing in next week’s edition.

To kick off the episode, I discuss the latest snafu from Twitter, where verification numbers and e-mails may have been added to the company’s Tailored Audience program.

Twitter is still short on details, but this is a story that’s definitely worth keeping an eye on.

The second story looks at the latest round of Governments vs. Facebook & Encryption. We talk about this topic quite a bit, but it is one that comes back over and over as governments try to find their...

Read more...
About Kaspersky Lab
0
Protecting public clouds from common vulnerabilities

Protecting public clouds from common vulnerabilities

Many businesses already utilize a cloud environment that consists of on-premises private cloud and public cloud resources — a hybrid cloud. However, when it comes to cybersecurity, companies tend to focus more on protection of physical or virtualized environments, paying much less attention to the part of their infrastructure that resides in public clouds. Some of them are sure that cloud providers should be responsible for the protection; some think that public clouds are secure by design, and so not requiring any additional protection. But both those hypothesis are erroneous: public clouds are as much prone to software vulnerability...

Read more...
About Kaspersky Lab
0
Helping the victims of Yatron and FortuneCrypt ransomware

Helping the victims of Yatron and FortuneCrypt ransomware

Ransomware has been and remains a big headache for both users and experts alike. It is not a simple task to recover files encrypted by ransomware, and in many cases it’s impossible. But we have good news for the victims of Yatron and FortuneCrypt malware: Kaspersky experts have developed and published decryptors for the files this particular malware encrypts.

amAh1eIoq-7LRPlnMKao2wyxmX12g8uv.jpg?s=f4944a471c4dafce8e56557ac18894e1How to decrypt files encrypted by Yatron

Yatron ransomware is based on another encryptor, Hidden Tear, which has an unusual story. A few years ago, Turkish researcher Utku Sen created this malware for educational and research purposes and uploaded the source code to the...

Read more...
About Kaspersky Lab
0