Did you like this?
friends and colleagues.
The usa.kaspersky.com domain was attacked on Friday, February 6, 2009. The attack occurred when a SQL injection attack was launched on a subsection of the site, the support site. A vulnerability was in the code of the support site when a new version of the site was rolled out at the end of January. The attack was successful in penetrating the support site, but it was unable to take data from the site and as a result no data was compromised.
Upon notification of the vulnerability, company personnel took immediate action to address the issue, and the vulnerability was remediated within 30 minutes of notification. The attack was not able to access to any other portions of any other Kaspersky Lab sites – including ecommerce sites.
The company’s experts are currently investigating the incident and to go a step further have hired Next Generation Security Software’s David Litchfield to further investigate. Upon completion, the results of Litchfield’s report will be made public.
Kaspersky Lab recognizes the fact that this attack could have had much more serious ramifications and is doing an extra-thorough security audit of all official Kaspersky Lab sites and developing additional internal review processes to ensure the company’s corporate resources are protected from similar attacks in the future.
It should also be noted that Kaspersky Lab’s core competency as a company is developing anti-malware solutions and our research and development is a different group from our web developers, therefore the quality of the solutions we deliver has not been compromised in any way.
Related Press Releases Articles
Turning Security Intelligence into Protection: Kaspersky Lab Launches Anti Targeted Attack Platform and New Security Services
Turning Security Intelligence into Protection: Kaspersky Lab Launches Anti Targeted Attack Platform and New Security ServicesLearn more >
Kaspersky Lab Announces its Advanced Solution to Detect Targeted Attacks and a New Range of Security Intelligence Services
Kaspersky Lab Announces its Advanced Solution to Detect Targeted Attacks and a New Range of Security Intelligence ServicesLearn more >
Most consumers don't like to be tracked, but few are doing something about it - Beta NewsLearn more >