Life of the Kaspersky Lab
Interesting news and useful information about KL life and products
Members
3347
Category
Entertainment
GReAT, Ask Them Anything 2.0

GReAT, Ask Them Anything 2.0

A lot has changed over the past four years. We’ve seen major ransomware and wipers take the Internet by storm. Empires of bots have done everything from mining crypto to helping change how people vote. And business travel has come to a standstill thanks to a viral enemy that caused a global pandemic.

As they say, what a time to be alive.

You know what hasn’t changed? Kaspersky’s Global Research and Analysis Team (GReAT) and its quest to help keep the good guys one step ahead of the bad ones in the virtual and physical world.

What does that have to do with four years ago? Well, my dear readers, let me tell you.

A bit over four years ago, I wrote on this very...

Read more...
Life of the Kaspersky Lab
0
Transatlantic Cable podcast, episode 168

Transatlantic Cable podcast, episode 168

In the latest episode of the Kaspersky podcast, we look into recent news about Donald Trump’s campaign website being hacked — briefly — to promote a cryptocurrency scam. It was only a single page, but the hack comes at a critical time in the US election cycle.

From there, we move on to a story about a psychotherapy clinic in Finland that was hacked. Patients are now finding their details on the dark web, and some have been contacted by an elusive individual called “The Ransom Guy.”

To wrap up, we look at a case of fake news in the retail sector. Anyone familiar with the dearly departed Woolworths chain knows it went under in 2008 — but that didn’t...

Read more...
Life of the Kaspersky Lab
0
Phishing through e-mail marketing services

Phishing through e-mail marketing services

Scammers have used various tricks over the years to bypass antiphishing technologies. Another scheme with a high success rate for delivering phishing links to targets is to use e-mail marketing services, also known as e-mail service providers (ESPs) — companies that specialize in delivering e-mail newsletters — to send messages. According to statistics we’ve obtained from our solutions, the method is gaining momentum.

Why ESP-based phishing works

Companies that are serious about e-mail threats thoroughly scan all e-mail — with antivirus, antiphishing, and antispam engines — before letting messages reach users’ inboxes. The engines not only scan...

Read more...
Life of the Kaspersky Lab
0
Windows XP source code leak: Tips for businesses

Windows XP source code leak: Tips for businesses

In late September, news broke that the source code for Windows XP had leaked online. A torrent file for downloading the operating system code was published on an anonymous forum, and it spread webwide quickly. Although Web analytics service StatCounter estimates that fewer than 1% of all computers actually run Windows XP, that still represents millions of devices globally.

Why a Windows XP source code leak is bad news

Microsoft discontinued support for Windows XP way back in 2014, so anyone still using it in 2020 is taking a big risk; Microsoft will never patch the new vulnerabilities that continue to pop up. The company makes one...

Read more...
Life of the Kaspersky Lab
0
Five life hacks for Netflix users

Five life hacks for Netflix users

With its vast content library, including original shows, all at an affordable price and without ads, not for nothing is Netflix one of the most popular streaming services in the world. That said, nothing is perfect: Navigating Netflix’s catalog can be a pain; movies have a tendency to disappear every now and then; and in many countries certain content is wholly inaccessible. However, none of those issues is insurmountable. Here’s how you can overcome them.

How to find hidden content categories

Netflix lets you search for content by various parameters: title, cast, genre, and so forth. If you’re looking through movie titles and actors’ names, that’s...

Read more...
Life of the Kaspersky Lab
0
Transatlantic Cable podcast, episode 167

Transatlantic Cable podcast, episode 167

Who would have thought that an episode of this podcast would start with Robin Hood? Well, you don’t have to go far; that’s exactly where we kick off this episode of the Transatlantic Cable podcast.

Our first story of the week takes a look at some Robin Hood types who, after using ransomware to steal from corporations, then donate a small fraction of the stolen money to nonprofit organizations. Sorry, but I am not going to call these guys heroes just yet.

From there, we head to the sky, to British Airways being hit with a record-setting GDPR fine. Sticking with travel news, Carnival Cruise Lines and some of its subsidiaries have been navigating...

Read more...
Life of the Kaspersky Lab
0
Training by security console

Training by security console

The notable shortage of cybersecurity specialists on the market in recent years has become particularly problematic in 2020. The pandemic, which has led to a widespread shift to remote working, has also highlighted the need to change security strategies at many companies. Even small firms have realized that the skills of their IT administrators are no longer sufficient to ensure business continuity and protect corporate information.

Management faces a choice: Hire an additional information security specialist or provide specialist advanced training to existing IT staff. Both approaches have merit, but the second is where we can help you out.

The changed...
Read more...
Life of the Kaspersky Lab
0
Leaky images and other foibles of office documents

Leaky images and other foibles of office documents

Reports, articles, marketing materials — all are document types most of us handle at some point. We write and edit them on computers, e-mail them to colleagues or friends, share them in the cloud, hand them to clients, and so much more.

If a file you intend to show to others contains information they shouldn’t see, however, you could run into problems. Let’s figure out how to prevent that.

Capricious images

Secrets such as passwords in the background often show up in images, and by no means do all editing tools get rid of them properly. For example, even if you thoroughly blur over sensitive information with a semitransparent brush,...

Read more...
Life of the Kaspersky Lab
0
Collaboration tools from a security perspective

Collaboration tools from a security perspective

For many companies, the mass transition of staff to remote working created a need for new tools. Years of fine-tuning employee interaction mechanisms went down the drain overnight as IT departments scrambled to deploy market-ready collaboration solutions. These solutions aroused no less interest among cybercriminals, who smelled an opportunity to gain remote access to companies’ information systems and spread malware through corporate networks.

New threat landscape

The problem with collaboration solutions is that at any moment they can be turned into vehicles for spreading infection across the corporate network. Just one negligent employee...

Read more...
Life of the Kaspersky Lab
0
Innovation in enterprise

Innovation in enterprise

It is no secret that business cannot survive without innovation. To gain competitive advantage, companies must continually develop, introducing new processes, new technologies, new tools. Wholesale digitalization has affected innovation in at least two ways. On the one hand, it has prepared the ground to ease the way for the adoption of new ideas. On the other, it has opened the door to new threats by complicating IT infrastructure.

Our colleagues investigated enterprise-level attitudes toward innovations: how they are implemented and what hinders the process. To do so, with the help of independent research company Savanta, they interviewed more than 300...

Read more...
Life of the Kaspersky Lab
0
Transatlantic Cable podcast, episode 166

Transatlantic Cable podcast, episode 166

We kick off this week’s edition of the Transatlantic Cable podcast by looking at an active scam in the UK. As if 2020 was not bad enough, now people need to be on the lookout for scams that are targeting them with travel and refunds that are more prevalent with everyone at home due to COVID-19 — and the impact on people’s wallets is continuing to get bigger.

From there, we jump across the Atlantic to Springfield, Massachusetts, whose school system was hit with ransomware. The only ones happy in this story were the kids who got an impromptu snow day.

We stay in the US for our third story, this about Google’s sharing of crime-related search data...

Read more...
Life of the Kaspersky Lab
0
How to choose a truly free smartphone game

How to choose a truly free smartphone game

Wherever and whenever you want to play, mobile games are there for you. You can occupy yourself on the subway or while waiting in line at the doctor’s office by battling in Fortnite or PUBG, or you can spend your lunch break gathering resources in Clash of Clans. What’s more, many developers provide such entertainment free.

Indeed, you’ll find many free-to-play mobile games in your app store, although among the greats lurk plenty that are more annoying than fun, filling your screen with ads, recommending payment every step of the way, even in some cases not appearing to do anything at all (while downloading a bunch of useless or outright...

Read more...
Life of the Kaspersky Lab
0
Transaction and account security tips for eBay

Transaction and account security tips for eBay

eBay is one of the most popular marketplaces in the world, and one of the reasons is that it’s generally safe and reliable. But when you engage in monetary transactions, you always assume the risk of losing money as a result of fraud or negligence, to name just two causes. What can you do to protect yourself as much as possible from fraud and deception when using eBay?

eBay’s increasing number of measures to ensure its users’ security is representative of a general trend. The site has programs to protect both buyers and sellers. The programs recommend some clear risk-minimizing practices. Nevertheless, it does not hurt to once again list...

Read more...
Life of the Kaspersky Lab
0
MontysThree: Industrial cyberspy

MontysThree: Industrial cyberspy

Our experts have found traces of activity of a new cybercriminal group that spies on industrial enterprises. The crooks are carrying out targeted attacks, using a tool that our researchers call MontysThree, looking for documents on victims’ computers. The group appears to have been active since at least as far back as 2018.

How MontysThree infects computers

The cybercriminals use classic spear-phishing techniques to penetrate victims’ computers, sending e-mails containing executable files that look like documents in .pdf or .doc format to employees of industrial enterprises. Such files are typically named “Corporate data update,” “Technical...

Read more...
Life of the Kaspersky Lab
0
Transatlantic Cable podcast, episode 165

Transatlantic Cable podcast, episode 165

The SAS is here — digitally, of course; it is 2020, after all. To kick off the latest iteration of the Transatlantic Cable podcast, Dave and I chat about a topic presented at the conference.

We begin with Mark Lechtik, Igor Kuznetsov, and Yury Parshin’s research on MosaicRegressor. This new malware uses a UEFI foothold to plant a second, more traditional piece of spyware on a target computer’s hard drive.

From there, we jump to the state of New Jersey, where a hospital hit with a ransomware attack paid a partial ransom.

For our third story, we head over to the world of dating apps and discuss a vulnerability in Grindr. It’s been patched, but it...

Read more...
Life of the Kaspersky Lab
0
Malware delivery through UEFI bootkit with MosaicRegressor

Malware delivery through UEFI bootkit with MosaicRegressor

Recently, our researchers uncovered a sophisticated targeted attack aimed at diplomatic institutions and NGOs in Asia, Europe, and Africa. As far as we can determine, all of the victims were connected to North Korea in one way or another, whether through nonprofit activity or diplomatic ties.

The attackers used a sophisticated modular cyberspy framework that our researchers call MosaicRegressor. Our investigation revealed that in some cases the malware entered victims’ computers through modified UEFIs, an extremely rare occurrence in the wild. However, in most cases, the attackers used spear-phishing, a more traditional...

Read more...
Life of the Kaspersky Lab
0
The Pied Piper of Hamelin and cyberweapons

The Pied Piper of Hamelin and cyberweapons

Contrary to popular opinion, fairy tales and folk legends were not invented as entertainment, but to teach children (and adults) important lessons in an easy-to-understand form. Since time immemorial, storytellers have woven cybersecurity tips into their tales, hoping to make the Internet (which they foresaw) a safer place. For example, the story of Little Red Riding Hood is a warning about MitM-type attacks, and Snow White foreshadows government-sponsored APT campaigns. The list goes on.

Unfortunately, humankind continues to repeat the same mistakes with manic persistence, ignoring the obvious lessons of fairy tales. Another striking example of...

Read more...
Life of the Kaspersky Lab
0
How to create a Google child account

How to create a Google child account

Kids’ mobile phones are no longer just expensive toys. Phones help parents keep in touch, and kids to learn and develop in step with the times.

You’ve already read up on the pros and cons of kids having smartphones (as well as how to choose the right device). However, buying a phone for your child (or repurposing your old one) is only half the battle. The gadget needs to be configured properly, and that’s something you should do for yourself.

First, you will need to create an account for your child. On an Android device, it has to be a Google account, without which your kid cannot make full use of the phone. Here’s how.

Create a Google account on your...
Read more...
Life of the Kaspersky Lab
0
Safe cryptotrading 101

Safe cryptotrading 101

Ten years after the emergence of the first Bitcoin exchange, cryptocurrency landscape still resembles the Wild West. For some, one good decision can reap profits of several hundred percent while others can lose everything in a single day. How can you protect your initial capital against exchange rate fluctuations, and your profit against fraudsters?

How to choose a cryptocurrency and minimize the risks

The first step is deciding which cryptocurrency you want to invest in. There are no hard-and-fast rules here; almost any token can soar one day and collapse the next. A novice cryptoinvestor needs a lot of luck to anticipate these movements. That said, you can take a...

Read more...
Life of the Kaspersky Lab
0
Transatlantic Cable podcast, episode 164

Transatlantic Cable podcast, episode 164

For this week’s episode of the Transatlantic Cable podcast, Jeff and I look at a growing concern in the States: the US general election.

The story, from the BBC, covers big-tech companies’ attempts to avoid a confrontation between the two major parties in the upcoming election. Big tech has real concerns that fake news — along with a growing divide among voters — could cause real-world problems.

From there, it’s yet another ransomware attack on a hospital chain in America, this time affecting 400 hospitals. Many staff members turned to using pen and paper, having lost access to online hospital records.

We then chat with Denis Legezo from the...

Read more...
Life of the Kaspersky Lab
0
Cybersecurity economics

Cybersecurity economics

This is hardly the first year full of cybersecurity impact and focus, but 2020 has been a big one. Companies have had to develop and implement new practices, new technologies, and new approaches — and fast. One focus of this year’s Kaspersky Global Corporate IT Security Risks Survey is how cybersecurity has influenced budgets and risk assessments.

For the survey, they interviewed 5,266 respondents across 31 countries about the state of IT security in their companies, the threats they face, and the post-attack costs they incurred.

Regrettably, large enterprise-level companies had cut cybersecurity spending from an average of $18.9 million last year to $14 million...

Read more...
Life of the Kaspersky Lab
0
Trusted industrial data is the future of industry

Trusted industrial data is the future of industry

For a change, we’re not going to talk about information security today. Instead, this is about industrial data analysis at the Chelyabinsk Pipe Rolling Plant (ChelPipe). Out of the blue? Not really. It’s actually another area of application for our innovations, and it goes by the name “trusted industrial data.”

Raw industrial data

Large enterprises operate thousands of lathes, turbines, furnaces, and other machinery, each with sensors that monitor processes second by second. Did you ever wonder how much data all that industrial equipment generates?

Our experts did, and they found 1,500 signal sources per automated process control system...

Read more...
Life of the Kaspersky Lab
0
Facebook grant scams

Facebook grant scams

Facebook is offering $100 million in cash grants to businesses affected by the coronavirus pandemic. Eligible applicants can receive a grant worth about $3,300, announced the company’s official blog, and, picked up by major media outlets, the news quickly spread. Unsurprisingly, cybercriminals wasted no time hatching schemes to exploit this largesse.

Knowing many had heard about the grants but banking on few having absorbed the details, cybercriminals presented the news as if Facebook was handing out money to all users of the social network affected by COVID-19.

The bait

Potential victims see an article seemingly from CNBC, a world leader in business news with a...

Read more...
Life of the Kaspersky Lab
0
How cybercriminals launder money stolen from banks

How cybercriminals launder money stolen from banks

For some cybercriminal groups, attacks on banks and other financial institutions are like an assembly line. Many people know tracing stolen funds is usually impossible, but not everyone knows why. A joint report by BAE Systems and researchers from the payment system SWIFT details how cybercriminals launder stolen money.

Money source and destination

There are two bank attack scenarios — against infrastructure and accounts, or against ATMs and related systems. The various schemes for extracting and then laundering money all differ slightly, but the essence and goal are the same: to put criminally derived funds back into the legitimate...

Read more...
Life of the Kaspersky Lab
0
Transatlantic Cable podcast, episode 163

Transatlantic Cable podcast, episode 163

Dave and I kick off this episode of the Transatlantic Cable podcast with one of our favorite topics: Facebook.

In this tale, the Silicon Valley titan is locked in a battle with Ireland’s Data Protection Commission about sharing European data with US servers. Facebook has threatened to pull out of the region entirely. Let’s hope we have enough popcorn to watch this one play out.

From there, it’s a sad story out of Germany. Over the past week, we followed the story of a patient who died after having to be redirected from a hospital because it was hit with ransomware.

From there, we take a few minutes to review the new documentary The Social Dilemma....

Read more...
Life of the Kaspersky Lab
0