(China)
(Japan)
(Korea)Secure List feed for B2B
Blog: Winnti FAQ. More than just a game
Today Kaspersky Lab's team of experts published a detailed research report that analyzes a sustained cyberespionage campaign conducted by the cybercriminal organization known as Winnti.
Analysis: Winnti. More than just a game
The study shed light on the activities of a group that has persistently targeted online gaming companies for several years.
Analysis: Winnti 1.0 technical analysis
The favorite tool of the attackers has been malicious program we called "Winnti". It has evolved since the first use, but we divide all variants into two generations: 1.x and 2.x. Our publication describes 1.0 variant of this tool.
Blog: Microsoft Updates April 2013 - 3 Critical Vulnerabilities
Microsoft released two Bulletins this month patching 3 critical vulnerabilities. Along with these immediate issues, they released five other rated "Important". It appears that the two Bulletins address use-after-free vulnerabilities that can all be attacked through Internet Explorer.
Blog: Skypemageddon by bitcoining
Cybercriminals mine Bitcoins via abusing CPU of the victims by infecting users via Skype
Blog: An avalanche in Skype
New very active malicious campaign in Skype with almost 3 clicks (potential infections) per second
Blog: Virus calendar wallpapers for 2013
Virus calendar wallpapers for 2013
Blog: The Biggest DDoS Ever that "Almost Broke the Internet"?
"If the Internet felt a bit more sluggish for you over the last few days in Europe, this may be part of the reason why."
Blog: Military Hardware and Mens Health
Over the last few months we have seen a series of very similar targeted attacks being blocked in our Linux Mail Security Product.
Blog: Android Trojan Found in Targeted Attack
In the past, we've seen targeted attacks against Tibetan and Uyghur activists on Windows and Mac OS X platforms. We've documented several interesting attacks which used ZIP files as well as DOC, XLS and PDF documents rigged with exploits.
Several days ago, the e-mail account of a high-profile Tibetan activist was hacked and used to send targeted attacks to other activists and human rights advocates. Perhaps the most interesting part is that the attack e-mails had an APK attachment - a malicious program for Android.
Analysis: Spam in February 2013
The percentage of spam in email traffic was up 12.8 percentage points compared with January and averaged 71.1%.
Blog: The TeamSpy Crew Attacks - Abusing TeamViewer for Cyberespionage
Earlier today, the Laboratory of Cryptography and System Security (CrySyS Lab), together with the Hungarian National Security Authority (NBF), published details on a high profile targeted attack against Hungary. The details about the exact targets are not known and the incident remains classified.
Considering the high level classification of the attack, Kaspersky Labs Global Research & Analysis Team performed a detailed technical analysis of the campaign and related malware samples.
You can read our short FAQ below and you can download our technical analysis paper linked at the end of the blogpost.
Blog: South Korean 'Whois Team' attacks
Earlier today, reports of a number of cyberattacks against various South Korean targets hit the news. (see http://www.nknews.org/2013/03/south-korean-banks-broadcasters-paralyzed-by-cyber-attack/)
The attackers, going by the handle Whois Team left a number of messages during the defacements
Blog: The end of MSN Messenger, the beginning of attacks
Attacks already started using the end of MSN Messenger to infect users
Blog: Highlights from BlackHat Europe 2013 in Amsterdam
Every year as Europe wakes up from the cold winter to the warm days of spring, BlackHat traditionally descends to Amsterdam. This years conference is taking place on March 14-15 at the NH Grand Hotel Krasnapolsky, right Dam Square, the heart of Amsterdam. As spring doesnt necessarily equal warm days here in Europe right now, the 500 or so BlackHat participants hit the conference rooms to attend quite a few interesting talks. Heres a summary of the best talks at BlackHat Europe 2013.
Blog: Reminder: be careful opening invoices on the 21st March
On March 4th we spotted a large number of unusual emails being blocked by our Linux Mail Security product.
Blog: New Uyghur and Tibetan Themed Attacks Using PDF Exploits
On Feb 12th 2013, FireEye announced the discovery of an Adobe Reader 0-day exploit which is used to drop a previously unknown, advanced piece of malware. We called this new malware "ItaDuke" because it reminded us of Duqu and because of the ancient Italian comments in the shellcode copied from Dante Alighieri's "Divine Comedy".
Previously, we posted about another campaign hitting Governments and other institutions, named Miniduke, which was also using the same 'Divine Comedy' PDF exploits.
In the meantime, we've come by other attacks which piggyback on the same high level exploit code, only this time the targets are different: Uyghur activists.
Together with our partner at AlienVault Labs, we analyzed these new exploits.
Blog: March 2013 Microsoft Security Bulletins - Low Impact from Pwn2Own, Watch USB Drives for Another Stuxnet
Microsoft releases nine March Security Bulletins. Four of the Bulletins are rated critical, but of the 20 vulnerabilities being patched, 12 are rated critical and enable remote code execution and elevation of privilege. Microsoft software being patched with critical priority include Internet Explorer, Silverlight, Visio Viewer, and SharePoint. So, pretty much every consumer running Windows, and lots of Microsoft shops, should be diligently patching systems today.
