cyber-security How an ill-designed data access policy can interfere with cybersecurity A data access policy becomes an issue for any company as soon as it accumulates a considerable amount of valuable and sensitive data. That doesn’t mean the policy is always in place when it should be, or that it’s implemented properly.
Cybersecurity A hole in the fence: is there a “partial preparedness” to cyberthreats? Can a business be “partially” prepared to ward off cyberthreats? That’s up for debate, but it seems there is little difference between “partial protection” and no protection at all.
cybersercurity Pikes in the lake: new bugs to keep us awake Vulnerabilities vary. Some are considered critical, some – less problematic; their severity is determined by a few well-known factors such as ease of exploitability and popularity of software. But, no matter their differences they all require serious attention at a constant level, so that when the next Shellshock-like incident occurs, it won’t take cybersecurity world by surprise.
Heartbleed How a Linux bug may affect Windows-based infrastructure The recent developments with “big bugs” such as Heartbleed and Shellshock created a global security strain, with many questions emerging. Both bugs were open-source software-related, but indirectly they would constitute a threat to Windows-based infrastructure. In this post we review a few scenarios of an attack on mostly Windows-based network with Linux servers at certain points.
Advanced Persistent Threats A layman’s dictionary: What is APT and why is it called that? APT is a term often mentioned in cybersecurity bulletins. Here’s what you need to know to understand it.
it Allowlists and smooth workflow: do they contradict each other? IT workers routinely set up limited privileges for all users for security sake. However, the users are extremely suspicious about these sorts of limitations, assuming (sometimes reasonably) that it will affect the workflow. Is there a way to mitigate these contradictions?
atm Lock it up! ATMs are attacked with “software skimmers” Interpol just released an alert regarding cyber-attacks targeting multiple ATMs around the world. During the course of a forensic investigation performed by Kaspersky Lab, researchers discovered a piece of malware infecting ATMs that allowed attackers to empty the cash machines via direct manipulation, stealing millions of dollars.
Cybersecurity Why the discovery of “big” bugs is a good thing 2014 is making its way into Cybersecurity history books with two global-scale software bugs discovered over 6 months. They are obviously not the last ones, and it is actually a good thing.
Europe Fighting fire with fire: about the European launch of Kaspersky DDoS Protection Kaspersky Lab launches its solution Kaspersky DDoS Protection in Europe. A distributed network of data cleaning centers vs. distributed attacks.
cybercrime Bringing in the private expertise: INTERPOL and Kaspersky Lab extend cooperation Kaspersky Lab has signed a cooperation agreement with INTERPOL and a memorandum of understanding with Europol to extend the scope of collaboration between the company and the law enforcement agencies in their joint fight against cybercrime.
Linux Shellshock: how to check and update potentially vulnerable systems We’ve gathered information for patching the most common Linux distros against the notorious Shellshock Bash Bug. If you see we’ve missed something, please drop us a tip!
bashbug Bashbug/Shellshock: the day after It’s been a day since the BashBug aka Shellshock bug was disclosed. What real damage has been inflicted and who is most in danger?
Bash Bug When the Bug Bashes you A new nasty bug discovered in Bourne again shell set the infosec on fire, Heartbleed-style. Is it as dangerous as the notorious OpenSSL flaw? It depends…
attack So malware attacks against critical infrastructure are inevitable. What’s next? Critical infrastructure operators are often reluctant to deploy full-scale anti-malware protection. They are worried about compatibility, performance, compliance, and the most important thing: possible downtime. But our research shows that malware is the true enemy.
critical infrastructure Podcast: Adam Firestone on Critical Infrastructure, Government Security Brian Donohue interviews Adam Firestone, President and General Manager of Kaspersky Government Security Solutions, about why critical infrastructure systems are insecure, and why added on security does not work.
Apple New features in iOS 8 in light of BYOD and corporate security iOS-based devices have a large share in the enterprise, which assures a strong demand for BYOD-oriented security features. A number of them arrive in iOS 8.
mobile malware Things to know before you run malware on your smartphone This post is comprised of two topics: a Trojan Opfake.a, which made a lot of buzz earlier this months and analyzing mobile malware at home. The latter is quite possible, but requires protective measures.
Billington Cybersecurity Summit Businesses Should Strive to be Cyber-Resilient Cyber-resilience is the ability to sustain damage, but ultimately succeed. In order to be resilient, businesses need to have a plan. One organization is dealing with attacks today that another will deal with tomorrow. There are ways businesses can help each other become cyber-resilient.
financial services Virtualization security technologies: No need to fear The healthcare and financial services industries are among those especially reluctant to implement newer technologies, security included, and believe they have a good reason for that.
malware Where have all those malware epidemics gone? It’s been years since we’ve last heard of any large worm epidemics. Does it really mean that malware epidemics have gone away for good?
retail The biggest sources of stolen banking information: online retailers? Kaspersky Lab’s recent survey surprisingly found that e-commerce, online retailers and financial service providers are not just the biggest sources of stolen financial data, but also feel just a bit too lax about security. However, this has some severe implications.