Life of the Kaspersky Lab
Interesting news and useful information about KL life and products
Members
3346
Category
Entertainment
Transatlantic Cable podcast, episode 162

Transatlantic Cable podcast, episode 162

For the 162nd edition of the Transatlantic Cable podcast, Dave and Jeff take a break from the mike to welcome a special feature from our friends over at Tomorrow Unlocked. In this episode, Kaspersky security expert David Jacoby looks at the digitization of schooling for parents and educators during the COVID-19 global pandemic.

Digitization is transforming all facets of society, not just work environments. The pandemic is driving digitization at an astonishing speed, showing that there is still a lot more to be done. The field of education is mainly reactive; other industries develop new disruptive technologies that existing educational cultures...

Read more...
Life of the Kaspersky Lab
0
Home network monitoring with Kaspersky Security Cloud

Home network monitoring with Kaspersky Security Cloud

Getting connected has never been so easy. In the not-so-distant past, you might’ve needed technical certification to get a home Wi-Fi network up and running, but that hasn’t been the case for quite a few years. These days, home networking is practically plug-and-play.

Note that we haven’t mentioned security anywhere yet. Of course, any reader of this blog knows that’s a trap. The challenge of home and external networking is to get connected reliably and safely.

When it comes to home networking, we really don’t recommend skipping the few steps needed to get and stay connected in a safe, secure way. That means changing the default...

Read more...
Life of the Kaspersky Lab
0
Schrödinger’s kittens: How TikTok can help educate your kids

Schrödinger’s kittens: How TikTok can help educate your kids

At first glance, TikTok, the fun and fresh social media platform doesn’t seem to offer much beyond addictive dance videos and risky challenges, but TikTok does host educational content as well, with more added every day. You just need to know how to find it.

The search for knowledge — on TikTok?

Social media feeds don’t come together randomly; they’re based on users’ interests. If you keep liking funny cat videos, more of them will appear in your recommendations. It’s that simple.

You can find more practical kinds of content on TikTok, however. For example, teachers from early childhood to higher education, scientists of all...

Read more...
Life of the Kaspersky Lab
0
Transatlantic Cable podcast, episode 161

Transatlantic Cable podcast, episode 161

Episode 161 of the Kaspersky podcast kicks off with something that should have been left in the past: Zoom-bombing. Turns out it’s still very much a nuisance and is now being used to attack schools and lessons.

From there, Dave and Jeff look at how “three middle-aged Dutch hackers” managed to break into Donald Trump’s Twitter account back in 2016 (credential stuffing and poor password management). They’ve since handed details over to the relevant US authorities. Moving on, the pair looks at how Portland, Oregon, is trying to take on facial recognition by banning its use in both private and public institutions. To wrap up, they look at an...

Read more...
Life of the Kaspersky Lab
0
Survey on industrial cybersecurity in 2020

Survey on industrial cybersecurity in 2020

Every security officer views remote connections to corporate systems as a potential threat. For infosec experts at industrial enterprises, and especially at critical infrastructure facilities, the threat feels very real.
Every security officer views remote connections to corporate systems as a potential threat. For infosec experts at industrial enterprises, and especially at critical infrastructure facilities, the threat feels very real.

You can’t blame them for being cautious. Industrial enterprises, for which downtime can mean damage in the millions of dollars, are tempting targets for cybercriminals of all stripes. Ransomware operators are...

Read more...
Life of the Kaspersky Lab
0
Zerologon vulnerability threatens domain controllers

Zerologon vulnerability threatens domain controllers

On August’s Patch Tuesday, Microsoft closed several vulnerabilities, among them CVE-2020-1472. The Netlogon protocol vulnerability was assigned a “critical” severity level (its CVSS score was the maximum, 10.0). That it might pose a threat was never in doubt, but the other day, Secura researcher Tom Tervoort (who discovered it) published a detailed report explaining why the vulnerability, known as Zerologon, is so dangerous and how it can be used to hijack a domain controller.

What is Zerologon all about?

Essentially, CVE-2020-1472 is a result of a flaw in the Netlogon Remote Protocol cryptographic authentication scheme. The protocol...

Read more...
Life of the Kaspersky Lab
0
A modern take on the movie Hackers

A modern take on the movie Hackers

Several common misconceptions hinder the widespread adoption of cybersecurity culture. One myth — hackers are really smart, so it’s pointless to fight them —was popularized in particular by the movie Hackers, released exactly a quarter of a century ago. The movie gave rise to a set of clichés still employed by the film industry.

Indeed, the movie’s misfit heroes and their adversary, Plague, an infosec expert at Ellingson Mineral, are portrayed as highly intelligent geeks able to find and exploit vulnerabilities in any information system.

For example, the main character is equally at ease breaking into a school database and a cable operator’s network....

Read more...
Life of the Kaspersky Lab
0
Transatlantic Cable podcast, episode 160

Transatlantic Cable podcast, episode 160

We interrupt our regular Kaspersky Transatlantic Cable podcast programming for a look at a new documentary about the Kuril Islands.

The documentary, From Kurils with Love, is a new project from Kaspersky’s Tomorrow Unlocked that takes a look at the Kuril Islands. Check out the trailer here:

For this podcast, I sat down with my coworkers Alejandro Arango and Povel Torudd, who were on the expedition and were involved in the production of the documentary. During our 35-plus-minute conversation, we touched on everything from where the Kuril Islands are, and why they are important, to life on a boat with strangers, and what’s next for Kaspersky. For...

Read more...
Life of the Kaspersky Lab
0
What end-to-end encryption is, and why you need it

What end-to-end encryption is, and why you need it

In recent years, communications services ranging from WhatsApp to Zoom have announced their implementation of end-to-end encryption. What does that mean? Well, the idea of encryption is pretty straightforward: It turns data into something that cannot be read. But what does end-to-end mean? What are its pros and cons? Without getting into the underlying math and technical terms, we’ll explain it as simply as we can.

What end-to-end encryption is — and its alternatives

End-to-end encryption is the act of applying encryption to messages on one device such that only the device to which it is sent can decrypt it. The message travels all the...

Read more...
Life of the Kaspersky Lab
0
Transatlantic Cable podcast, episode 159

Transatlantic Cable podcast, episode 159

It is 2020, and an election year in the US, so Dave and I kick off this week’s Kaspersky Transatlantic Cable podcast by looking at Russian troll farms.

In this story, the FBI tipped off Facebook, which in turn took down a number of accounts tied to the Internet Research Agency. That may have stopped the accounts before the disinformation spice could flow. Staying in the land of fakeness, we jump from news to Amazon reviews. This deep dive from the media exposed some interesting things about product reviews on the e-commerce giant — in the UK, at least.

Our third story stays on the topic of things that aren’t real. Unlike politics and reviews, this...

Read more...
Life of the Kaspersky Lab
0
How invulnerable is Linux?

How invulnerable is Linux?

Linux is malware-free — or so many believed for many years. The delusion arose from three bases. First, Linux was a niche system, used far less commonly than Windows. Second, it was used mainly by IT pros, who are savvier than the average user. And third, given the specifics of the system architecture, malware would have to obtain root permissions somehow to cause damage, greatly complicating attacks.

However, times change, and nowadays, Linux-based systems are catching up with Windows in some areas, having long overtaken it in others. What’s more, many developers are trying to make their systems more end-user friendly by providing graphical shells and tools...

Read more...
Life of the Kaspersky Lab
0
Bomb threat spam

Bomb threat spam

In late August, our mail traps started picking up some unusual blackmail messages. In them, cybercriminals claim to have planted a tetryl-charged bomb somewhere in the recipient’s office and say it will be detonated unless a ransom is paid or if police activity is observed near the building.

In reality, of course, there is no bomb — it’s an empty threat mailed indiscriminately to companies of all sizes. Cybercriminals count on scaring the victim into a knee-jerk response, because with time to think, they will realize that paying ransom solves nothing — if there is a bomb in the building, it’s not going anywhere.

T9jS0trM-K4FvdwaF-YZ89NyIuu4_evX.png?s=d35e053b7b42ddb4a7ed316c0e6420cc

In terms of structure and delivery method, this type of...

Read more...
Life of the Kaspersky Lab
0
The tracking pixel in service of cybercrime

The tracking pixel in service of cybercrime

Attackers tend to do painstaking groundwork to engineer business e-mail compromise attacks (BECs). When they pose as someone authorized to transfer funds or send confidential information, their messages need to look as close to legitimate as possible. Details matter.

We recently got our hands on an interesting example of an e-mail sent to a company employee in an attempt to start a conversation.

Nu5XJ8kA4tnpp3mXd0lUaUyWmYc6rEEI.jpg?s=530d3d3cb70c02cba4fece1cfd103b3a

The text is fairly cut and dried for the type of e-mail in question. The attacker makes it clear that the sender is in a meeting, so not available by other means of communication. They do that to discourage the recipient from checking if they are...

Read more...
Life of the Kaspersky Lab
0
Cybersecurity – the new dimension of automotive quality

Cybersecurity – the new dimension of automotive quality

Quite a lot of folks seem to think that the automobile of the 21st century is a mechanical device. Sure, it has added electronics for this and that, some more than others, but still, at the end of the day – it’s a work of mechanical engineering: chassis, engine, wheels, steering wheel, pedals… The electronics – ‘computers’ even – merely help all the mechanical stuff out. They must do – after all, dashboards these days are a sea of digital displays, with hardly any analog dials to be seen.

Well, let me tell you straight: it ain’t so!

A car today is basically a specialized computer – a ‘cyber-brain’, controlling the...

Read more...
Life of the Kaspersky Lab
0
Transatlantic Cable podcast, episode 158

Transatlantic Cable podcast, episode 158

Dave and I kick off the 158th edition of the Kaspersky Transatlantic Cable podcast by looking at some malware that is now on — gasp — Macs.

In a new post, Patrick Wardle talks about how Shlayer malware was actually approved by Apple. So much for Macs not getting viruses. From there, we move to a story that was practically made for a TV or Netflix movie. The tale looks at espionage and how the FBI and Tesla halted a cyberattack.

Our third story heads to the gaming sector and the illicit marketplace for Fortnite accounts. After that, we discuss a vulnerability in Slack. To close out the podcast, we look at an advisory from the FBI about older daters...

Read more...
Life of the Kaspersky Lab
0
Thin clients from a security perspective

Thin clients from a security perspective

The year 2020, with its pandemic and forced self-isolation, has raised a number of fundamentally new questions for businesses. One — has any company ever had to calculate depreciation for employees’ use of home chairs, monitors, and desks before? — has become quite relevant. The greatest burden has fallen on the IT and security departments. The former had little warning they’d have to provide staff with a remote workplace environment, and the latter needed urgently to develop new information security strategies for a world in which the security perimeter is everywhere.

Pessimists predicted the collapse of IT, but that did not happen; for the most...

Read more...
Life of the Kaspersky Lab
0
The Catcher in the YARA — predicting black swans

The Catcher in the YARA — predicting black swans

It’s been a long, long time since humanity has had a year like this one. I don’t think I’ve ever known a year with such a high concentration of black swans of various types and forms. And I don’t mean the kind with feathers. I’m talking about unexpected events with far-reaching consequences, as per the theory of Nassim Nicholas Taleb, published in 2007 in his book The Black Swan: The Impact of the Highly Improbable. One of the main tenets of the theory is that, with hindsight, surprising events that have already occurred seem obvious and predictable; however, before they occur, no one predicts them.

Example: this ghastly virus that’s had...

Read more...
Life of the Kaspersky Lab
0
Education online: Advice for teachers

Education online: Advice for teachers

Nobody planned for the current situation, but because of COVID-19, all types of education, all around the world, whether K–12, university, or continuing professional education, have at least partially moved learning to the Internet. With summer breaks coming to an end, the issue of how online learning can be conducted as conveniently, effectively, and safely as possible for both students and teachers is once again top of mind.

In this post, we present 10 pieces of advice that will help teachers make the most of online learning. However, we think students will find these tips useful as well —at least they’ll be on the same page as their teachers.

1....
Read more...
Life of the Kaspersky Lab
0
Security lesson for an Instagram star (and everyone else)

Security lesson for an Instagram star (and everyone else)

“Why would someone hack me, when there is nothing to gain from it?” Does that thought sound familiar? Now, picture this: You have become an Instagram star with thousands of followers and a degree of social capital, not to mention sponsors and advertisers bombarding you with direct messages. But old habits die hard, and your account security is still on the why-would-someone-hack-me level.

That’s where presenter, DJ, and influencer Ashley James found herself, and she admits that she has one password for all of her accounts. In a recent live broadcast, Ashley together with security guru David Jacoby of our GReAT team looked into...

Read more...
Life of the Kaspersky Lab
0
How to launch malicious macros unnoticed on macOS

How to launch malicious macros unnoticed on macOS

Many macOS computer users are still confident that their machines do not need protection. Worse, system administrators at companies where employees work on Apple hardware often hold the same opinion.

At the Black Hat USA 2020 conference, researcher Patrick Wardle tried to disabuse the audience of this misconception by presenting his analysis of malware for macOS and building an exploit chain to take control of an Apple computer.

Microsoft, macros, and Macs

One of the most common ways of attacking computers running macOS is through documents with malicious macros — that is, through Microsoft Office applications. Indeed, despite the...

Read more...
Life of the Kaspersky Lab
0
Transatlantic Cable podcast, episode 157

Transatlantic Cable podcast, episode 157

For the 157th episode of the Kaspersky Transatlantic Cable podcast, Dave and I jump back and forth over the Atlantic for some fun and interesting stories.

We start off looking at some charges the former CSO of Uber is facing. According to the allegations, hush money was paid. There may also have been some lying to investigators and suppression of evidence.

We stay in the States for the next story, about the University of Utah paying cybercriminals nearly half a million dollars because of a ransomware attack.

Across the pond, the UK’s Home Office had a bit of a Passw0rd1 problem. You see, the agency displayed a flip chart in one of its office...

Read more...
Life of the Kaspersky Lab
0
How to find a free game while avoiding scams

How to find a free game while avoiding scams

Generally speaking, you shouldn’t download just any free stuff you find or open links that promise freebies. Something that seems to be free can still cost you, even if your good mood is the only price. Here, we share some tips about how to choose a game so that you will not be disappointed later.

Download games from trusted sources

More and more gaming platforms appear every year: Steam’s dominant market position has spurred Origin, uPlay, Epic Games Store, and others to try to develop their own offerings. And many indie developers want to sell games directly on their own sites to avoid paying sales commissions to stores. Therefore, some...

Read more...
Life of the Kaspersky Lab
0
SpiKey: Eavesdropping on keys

SpiKey: Eavesdropping on keys

A lock is reliable only insofar as it cannot be defeated by an intruder. Computer technology makes things easier, alas, including for those who hate doors they cannot open (and no, we are not talking about cats). Thanks to 3D printers, copying keys has become much easier. Of course, to print them, you need at least one decent image of the original.

Researchers in Singapore recently published a paper demonstrating SpiKey, a door lock attack that doesn’t require a picture. You simply use your smartphone to record the clicks of the key being inserted into the keyhole.

How the clicks reveal the key

The attack works on pin tumbler locks, the most common type in...

Read more...
Life of the Kaspersky Lab
0
The DeathStalker cyberspy group and its tool set

The DeathStalker cyberspy group and its tool set

Our experts have identified a cybercriminal group that specializes in stealing trade secrets. Judging by its targets so far, the group is interested mainly in attacking fintech companies, law firms, and financial advisors, although in at least one case, it also attacked a diplomatic entity.

Such a choice of targets may indicate that this group, code-named DeathStalker, is either looking for particular information to sell or offering an “attack on demand” service. In other words, the group is mercenary.

The DeathStalker group has been active since 2018 or earlier, and possibly since 2012. Its use of the Powersing implant is what first...

Read more...
Life of the Kaspersky Lab
0
How to trade in online games safely

How to trade in online games safely

Many gamers have turned in-game item trading into a robust source of income. Some sell items that they cannot use for their character class. Others are just looking to unload the wealth that they have acquired before quitting the game altogether.

Unfortunately, there are also scammers in the gaming community who use cunning schemes to leave honest gamers high and dry. You should keep in mind that some publishers, including Valve, have refused to return items to players that they voluntarily gave up to scammers.

Gamers must be prepared to look after their property themselves. In this article, we tell you how to preserve the fruits of your hard grind,...

Read more...
Life of the Kaspersky Lab
0