Exploit This

Security News, Exploits, and Vulnerabilities.

Kaspersky Lab – Beyond Black Friday Threat Report, November 2017

This time of year is an ideal hunting ground for hackers, phishers and malware spreaders; disguising their attacks as offers too good to refuse, a concerned security message from your bank requiring urgent attention, a special rate discount from your credit card service, and more.

Investigation Report for the September 2014 Equation malware detection incident in the US

In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee’s home computer system. To assist any independent investigators and all the people who have been asking us questions whether those allegations were true, we decided to conduct an internal investigation to attempt to answer a few questions we had related to the article and some others

R.I.P. root9B, We Hardly Knew Ya!

root9B, a company that many in the security industry considered little more than a big-name startup aimed at cashing in on the stock market’s insatiable appetite for cybersecurity firms, surprised no one this week when it announced it was ceasing operations at the end of the year.

Founded in 2011, Colorado Springs, Colo. based root9B Technologies touted itself as an IT security training firm staffed by an impressive list of ex-military leaders with many years of cybersecurity experience at the Department of Defense and National Security Agency (NSA). As it began to attract more attention from investors, root9B’s focus shifted to helping organizations hunt for cyber intruders within their networks.

Threat Predictions for Cryptocurrencies in 2018

In 2017, the main global threat to users was ransomware: and in order to recover files and data encrypted by attackers, victims were required to pay a ransom in cryptocurrency. In the first eight months of 2017, Kaspersky Lab products protected 1.65 million users from malicious cryptocurrency miners, and by the end of the year we expect this number to exceed two million.

Threat Predictions for Financial Services and Fraud in 2018

2018 will be a year of innovation in financial services as the pace of change in this space continues to accelerate. As more channels and new financial service offerings emerge, threats will diversify. Financial services will need to focus on omni-channel fraud prevention to successfully identify more fraud crossing from online accounts to newer channels.

Threat Predictions for Connected Health in 2018

In 2017, Kaspersky Lab research revealed the extent to which medical information and patient data stored within the connected healthcare infrastructure is left unprotected and accessible online for any motivated cybercriminal to discover. This risk is heightened because cyber-villains increasingly understand the value of health information, its ready availability, and the willingness of medical facilities to pay to get it back.

Threat Predictions for Automotive in 2018

Remote fault diagnostics, telematics and connected infotainment significantly enhance driver safety and enjoyment, but they also present new challenges for the automotive sector as they turn vehicles into prime targets for cyberattack. The growing risk of a vehicle’s systems being infiltrated or having its safety, privacy and financial elements violated, requires manufacturers to understand and apply IT security.

Kaspersky Security Bulletin: Threat Predictions for 2018

Looking back at a year like 2017 brings the internal conflict of being a security researcher into full view: on the one hand, each new event is an exciting new research avenue for us, as what were once theoretical problems find palpable expression in reality. On the other hand, as people with a heightened concern for the security posture of users at large, each event is a bigger catastrophe.

Threat Predictions for Industrial Security in 2018

2017 was one of the most intense in terms of incidents affecting the information security of industrial systems. Security researchers discovered and reported hundreds of new vulnerabilities, warned of new threat vectors in ICS and technological processes, provided data on accidental infections of industrial systems and detected targeted attacks.

Adobe, Microsoft Patch Critical Cracks

It’s Nov. 14 — the second Tuesday of the month (a.k.a. “Patch Tuesday) — and Adobe and Microsoft have issued gobs of security updates for their software. Microsoft’s 11 patch bundles fix more than four-dozen security holes in various Windows versions and Office products — including at least four serious flaws that were publicly disclosed prior to today. Meanwhile, Adobe’s got security updates available for a slew of titles, including Flash Player, Photoshop, Reader and Shockwave.

%d bloggers like this: