You down with P2P? 10 tips to secure your mobile payment app

If you look at the figures, you cannot deny that the eCommerce industry is steadily growing. More and more people are doing their shopping online, not only for products and services geared toward the use of technologies and the Internet, but also for items previously only found in brick and mortar stores—groceries, clothing, and, of … [Read more…]

TLS 1.3 is nearly here

antispyware

TLS stands for “Transport Layer Security” and it’s rather important. Why’s that? Oh, I’m glad you asked. Here’s me, yelling my password across the office to you: “PASSWORD!!!” You heard me loud and clear, right? But so did basically anyone else nearby. Now let’s work in a little TLS love and attention, and yell again: … [Read more…]

The data breach epidemic: no info is safe

By now it’s obvious that data security technology and protocols haven’t kept pace with the needs of consumers. Even as more people trust their most sensitive personal information to online apps and services, databases are routinely exposed. In 2017 alone, we learned about massive data breaches from major organizations like Equifax, Uber, and Verizon. In … [Read more…]

Exploit kits: Winter 2018 review

In the past, we used to have a blog series on exploit kits where we would periodically check in on the main players in the market. In March 2017, we wrote the Winter 2017 review, before exploit kit activity dropped down to a whisper. We’ve since discontinued our blog series, for lack of developments. A … [Read more…]

Your new friend, KLara

While doing threat research, teams need a lot of tools and systems to aid their hunting efforts – from systems storing Passive DNS data and automated malware classification to systems allowing researchers to pattern-match a large volume of data in a relatively short period of time. These tools are extremely useful when working on APT … [Read more…]

An in-depth malware analysis of QuantLoader

This guest post is written by Vishal Thakur, CSIRT/Salesforce. For more on Vishal, read his bio at the end of the blog. QuantLoader is a Trojan downloader that has been available for sale on underground forums for quite some time now. It has been used in campaigns serving a range of malware, including ransomware, Banking … [Read more…]

10 ways to protect your Android phone

antispyware

Android has been around for nearly a decade and has come a long way from its early wannabe iPhone days. New features, upgraded camera phones, a wide variety of apps and platforms, and polished interface design have led to a huge install base—a whopping 2 billion+ monthly active devices—making it the biggest mobile OS in the … [Read more…]

Encryption 101: Decryptor’s thought process

In the previous parts 1, 2 and 3 of this series, we covered the basics of encryption, walked through a live example of a ransomware in detail, and talked about encryption weaknesses. In this part of the encryption 101 series, we will begin wrapping it up by going into detail on a ransomware with weak … [Read more…]

Threat Landscape for Industrial Automation Systems in H2 2017

For many years, Kaspersky Lab experts have been uncovering and researching cyberthreats that target a variety of information systems – those of commercial and government organizations, banks, telecoms operators, industrial enterprises, and individual users. In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its … [Read more…]

A week in security (March 19 – March 25)

antispyware

Last week, we looked at the growing problem of smartphone addiction, how link rot is continually slicing down portions of the web, and the theft of our intellectual property. We also explored the landscape of DDoS problems, and tackled a Stephen Hawking 419 scam. Other news What can only really be described as “Scamception” (source: … [Read more…]