Tag Archives: Kaspersky Labs

Security Never Sleeps- Chicago Voters, Maersk Attack

Personal data of 1.8 million Chicago voters accidentally exposed by vendor

“Roughly 1.8 million affected”

Almost 2 million Chicago voters had their phone numbers, addresses, and partial social security numbers have been left exposed on a cloud-storage website. The site was maintained by the Omaha election-services company, and the sensitive information was left vulnerable until a cybersecurity researcher discovered it earlier this week.

Ukraine central bank warns of new cyber-attack risk

“Bank warns lenders of new malware”

Today the Ukrainian central bank has issued warnings to both private and state-owned lenders of the apparent spark of a new malware program making its way through the internet. Ukrainian security forces say this program resembles the NotPetya attacks, which ended up knocking out many global systems on June 27th as it spread rapidly through corporate networks of multinational firms and suppliers in Eastern Europe.

New Android malware that spreads via text can steal victims’ credit card details from other apps

“Even apps you trust might be unsafe”

Most of us have the good sense to not enter credit card details or other financial information into sketchy looking apps or websites out of fear of theft, but hardly anyone would do a doubletake on apps like Amazon. Alas, even our favorite applications may not be a sanctuary for our sensitive information, detailed by security firm Kaspersky Labs recent blog post. The blog claims that a new malware is able to quietly steal victims data when they are put into applications, as well as spy remotely on texts and phone calls

Cyberattack cost Maersk as much as $300 million and disrupted operations for 2 weeks

“Huge costs in goods transport”

A June attack that left shipping operations crippled worldwide, even briefly shutting down the Port of Los Angeles largest cargo terminal, has cost Danish shipping firm A.P. Moller Maersk between $200-$300 million as reported by the firm earlier this week. The unprecedented severity of the attack prompted workers to coordinate improvised communications via social media networks like Twitter, WhatsApp, and even post-it notes to get goods moving from ships to the shore again.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 199

Solar Panel Flaws Put Power Grids Security at Risk: Researcher

“Could allow widescale, lasting outages if hacked”

Researcher Willem Westerhof has identified several serious vulnerabilities in widely used solar power processes that he believes could trigger intense outages for thousands of people. Calling the potential scenario “Horus,” after the ancient Egyptian divine, Westerhof outlines how an attack on solar panel systems could cause billions in damages.

UK organisations could face huge fines for cyber security failures

“Fines of up to £17m in talks”

British organizations could be hit with fines amounting to 4% of global turnover if measure to ensure cybersecurity are not undertaken. Financial penalties, according to the proposals, are intended to be used only as a last resort and not applicable if the institutions can claim that they assess and protect against risk adequately.

Three Hungarian banks targeted by phishing attempts: central bank

“No funds reported as lost”

Three major Hungarian banks have been the targets of phishing attempts in the last several months, with earliest reports of attacks in the month of June. The National Bank of Hungary, the nations central bank who oversees regulations for lending institutions and financial markets, has indicated that no funds have been lost but advises caution in future processes.

Top 5 tools to protect internet privacy

“Learn how to protect and monetize data here”

Years ago the big web search engines like Google, Bing, Yahoo, etc., began to harvest and monetize user web data. This resulted in a public outcry for security and protection services, birthing a new industry. Governments allowing ISP’s to engage in the same practices has created an even bigger demand for these products. Check out the full article for the top 5 internet privacy tools.

Hackers hiding malware threats inside images, report says

“Steganography used to hide malicious code”

Kaspersky Labs is reporting that Cybercriminals are using what has been called the equivalent of cyber steganography, the hiding of hidden messages inside images to conceal activities on a targets computer. Researchers are seeing at least three large-scale operations employing this shifty technique as regular methodology, prompting developing security concerns.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 189

Creepy ‘FruitFly’ Surveillance Malware Hits American Apple Macs

“Rare malware spread on mac draws attention”

What appears to be a slice of malicious code that has been affecting mac systems is being investigated by law enforcement agents as a targeted surveillance program. Ex-NSA analyst Patrick Wardle, now a researcher for Synack, has claimed that about 400 observable infections have occurred from the ‘FruitFly’ malware. Wardle further stated “I likely only saw a limited percentage of the total number of victims.”

Over 600 Malware Samples Linked to Chinese Cyberspy Group

“China linked firms has used more than 600 malware samples”

Chinese linked espionage group has been tracked by cyber security firms such as Lotus Blossom, Elise, and others have sampled hundreds of different malware programs in the last few years. Kaspersky Labs has released a report suggesting that some evidence indicates that this program could have been active since 2007. The state-sponsored threat group has mainly targeted military and government organizations in Southeast Asia.

Threat Hunters Analyze Trends in Destructive Cyber-Attacks

“Three primary trends noted”

Increasing incidences of cyber-attacks have several common traits; they are generally state sponsored, they are increasing,and are usually using nothing more than basic tools. Cybereason, a Boston MA-based threat hunting firm, has analyzed destructive cyber-attacks from the 1982 software-instigated explosion in a Siberian pipeline to the recent NotPetya and Industroyer attacks. Cybereason’s conclusions are not reassuring for industry.


“Increase of cybercrime increases the intensity”

Companies such as Pervade Software are exploring digital weapons that are intended to protect and recover their data. However, many experts are concerned that ‘vigilante’ tools like these may lead to hyper-active cyber attacks and damaging results for the internet.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 178

Windows 10 Is Getting A Clever New Way To Fight Off Ransomware

“New ability added to Windows Defender”

The built-in Windows anti-malware application has been outfitted with a new protective mechanism. ‘Controlled Folder Access’ allows only recognized trustworthy devices and users to access the files that you activate the feature for.

Medicare data breach: Alan Tudge admits department unaware darknet vendor selling card details

“HS Minister concedes after investigation”

Alan Tudge, Australian Human Services Minister, now confirms that his department was blind to the fact that a secretive Darknet vendor had obtained and began to sell Australian medicare information on the web. The Guardian published an investigation Tuesday that revealed the operation, which had sold about 75 individuals records on an illegal product auctioning site. Mr. Tudge has addressed the breach in a recent statement:

Decrypting the Motivations Behind NotPetya/ExPetr/GoldenEye

“Who and Why still largely unknown”

The most recent malware attack to rock the Ukraine and others has seemed to leave more questions than answers. Reaching at least 60 countries, the malware is now even taking on different names. Some researchers have dubbed it Petya, due to its similarities with the Petya malware seen previously. However, others refute the relationship, leaving it categorized as NotPetya, GoldenEye, and more. Kaspersky Labs has found similarities with a modified version of Petya, and have settled on ExPetr.

Zero-Day Found in Humax WiFi Router

“Vulnerable routers easily compromised”

Security systems in the new HG-100R Humax WiFi router are apparently fragile enough to allow hackers remote access to sensitive information and administrative command control. TrustWave SpiderLabs researchers discovered the flaw in May, but repeated warnings to the manufacturer were allegedly met with silence.

Personal Details of 117,000 AA Shoppers Exposed

“15 million member organization criticized for security faults”

The Automobile Association is the target of massive critique this week after news of a major data malfunction may have compromised the sensitive information of much of its membership base. A server misconfiguration brought the vulnerability of at least 100,000 customers data, however the organization had downplayed the severity of the incident. The company posted the following message to customers on Monday;

Enjoy your read? Check out our other blogs and content here.

10Fold- Security Never Sleeps- 177

More than half of major malware attack’s victims are industrial targets

“Petya intended effects examined”

Kaspersky Labs has released a new report with some grand insights in the Petya malware attack. First appearing as a widespread ransomware attack, it became clear later into the ordeal that the spread was more intended for destruction rather than financial gain. Kaspersky reported specifically that financial sectors were the most affected, as well as manufacturing or oil mechanisms.

Hacking Factory Robot Arms for Sabotage, Fun & Profit

“Could open a new world of ‘Subtle Blackmail'”

Black Hat talk will discuss how cybercriminals could manipulate robotic arms and create defects in vital products. Security researchers have been accumulating cache’s of big discoveries about IIoT vulnerabilities, and Black Hat is planning on continuing their release to raise awareness of critical flaws in infrastructure, power grids, and gas pipeline controls.

General Data Protection Regulation (GDPR) requirements, deadlines and facts

“EU legislation lowdown” 

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states, and non-compliance could cost companies dearly. This article details what every company that does business in Europe needs to know about GDPR.

Online fraud costs public billions but is still not a police priority, says watchdog

“Policing institutions not enforcing rules effectively”

The National Audit Office has claimed that various policing and regulatory agencies were insufficiently addressing the issue of online fraud. The NAO says that for most police forces the incidents are: “not yet a priority” and the problem had been overlooked by government, law enforcement and industry.

10Fold- Security Never Sleeps- 176

Criminal Petya ‘ransomware’ starts to look like wiper malware

“Seemingly intended to wipe systems”

Suspected at first to be a ransomware attack, it seems that Petya, the latest cyberscare in the Ukraine, seems as though it was more of a targeted attack. Large firms such as FedEx, Cadbury, Maersk, and more were affected by the malware, however more indicators point to the fact that the attack was not financially motivated but intended to solely destroy device memory.

Cyber security in industrial control systems poor, says Crest

“Lack of efficient standards to deter attacks”

Industrial control environments are at risk of serious infrastructure risk based on a lack of technical security testing. Crest has publicly pressed for for an upgrade to the cyber security systems ICS environments in response.

Bill Would Bar Pentagon From Business With Russian Cyber Firm Kaspersky

“Russian Cyber Security Firm would be blocked”

A segment of a new bill making its way through the United States Senate would halt any contracting Kaspersky Labs has with the U.S. Department of Defense. The Russian-based security firm had FBI agents visit the homes of many employees in the last week by FBI agents, indicating that congressional pressure may force the company out of one of its markets.

10Fold- Security Never Sleeps- 172

Average Global Cost of a Data Breach Now $3.6M, IBM Reports

“Cost of breaches surprisingly low”

The Ponemon Cost of Data Breach report has historically shown consistently increasing costs of attacks, but the IBM sponsored 2017 edition has shown a deviation from the usual trend. Wendi Whitmore, global lead of IBM X-Force IRIS told eWEEK; “Overall when you look at the report, the good news is that the overall cost of a data breach is down.”

IOT Malware Activity Already More Than Doubled 2016 Numbers

“Doubling of last years malware attacks already”

Honeypots formulated by Kaspersky Labs that mimicked IoT devices attracted over 7,200 malware samples over the course of May. These attacks were attempting to infect IoT connected devices primarily over telnet and SSH. This was a concerning rise, as only 3,200 samples were detected last year.

New report reveals how malware uses evasion to hide in plain sight

“Secrets hidden right in front of you”

The digital world seems to have been hiding malware in plain sight. In McAfee Labs Quarterly Threat Report, researchers have found that simple evasion techniques are used to disguise and distribute malware.

TrickBot Targets Payment Processors, CRM Providers

“CRMsystems also being targeted”

The TrickBot banking Trojan is no longer limiting its targets to financial institutions. Payment processing systems, such as CRM programs, are seeing there systems attacked F5 has warned. Earlier this year TrickBot was spotted hitting firms across the world in largely financial markets, now researchers fear that theprogram has evolved its preferences again and will further expand its reach.

Cisco Releases Open Source Malware Signature Generator

“Talos intelligence group announces open source framework to track malware”

Cisco’s Talos research group has announced Monday that its new tool, BASS, is capable of generating antivirus signatures from malware, essentially an automatic signature synthesizer. The framework creates unique signatures from malicious software that stems from the previously generated clusters. Cisco hopesthat this tool will make malware analysis simpler and improve resource allocation.

10Fold- Security Never Sleeps- 152

Malware Allows Remote Administration of ATMs

“Software allows for ejection of cash”

Kaspersky Labs has recently revealed malware code that is capable of remotely gaining administration functions of ATM’s. This was discovered after a Russian bank was targeted by cybercriminals, who used the malware to access several ATM’s. The code was not deleted after the theft, however, leaving pieces for researchers to analyze and ascertain how the code was developed.

New RAT Uses Sites for Command and Control

“Well trafficked sites largely affected”

Talos researchers are now saying that popular and legitimate websites are now being used by ‘ROKRAT’ for data exfiltration. Distributed via email, ROKRAT uses a HWP document to target victims in Korea. The phishing attacks feign legitimacy by faking a reputable senders email, such as the contact email of the Korea Global Forum in several instances.

How an IoT DDoS warning system helps predict cyberattacks

“Current defensive measures limited”

DDoS attacks are devestating for victims by preventing any traffic for their website, however require comparatively little resources for malicious actors. Preventive measures are currently in use by many sites, but are not always sufficient in protecting small or medium level firms and other organizations.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 144

Locked and Loaded: Huge Botnet Updated for DDoS

“Botnets equipped with new, far-reaching features”

BitSight Technologies, a division of Anubis Networks, has announced that one of the largest botnet systems has been armed with several new weapons that would allegedly dwarf any DDoS attack the public has witnessed so far.

Russian cybersecurity expert charged with treason

“Allegedly shared ‘secrets’ with U.S. firms”

Apparently Ruslan Stoyanov, a cybercrime investigator with Kaspersky Labs who was charged for treason by the Russian government, was arrested for passing secrets of state to several United States firms, including Verisign.

Remember when Ruslan Stoyanov, a top cybercrime investigator for Kaspersky Lab, was arrested and charged with treason? It is now being reported that the treason charges were for allegedly passing state secrets to Verisign and other US companies.

A Super-Common Crypto Tool Turns Out to Be Super-Insecure

“SHA-1 concerns no longer theoretical”

SHA-1 vulnerabilities that until recently seemed unlikely to be exploited are now demonstrably exposed to cybercriminals. A team of researchers from CWI Amsterdam and Google have both been successful in developing programs that are able to easily pull assets and other data from SHA-1 files.

More on Bluetooth Ingenico Overlay Skimmers

“Card and PIN skimmer stories increasing in frequency”

Ingenico-brand card readers at check-out lanes and other self serve pay stations are receiving massive amounts of ‘overlay’ incidences. This article shares several photos detailing the devices from compromised terminals and provide more insight into how the system is so successful.

Enjoy your read? Check out our other content here.