Exploit This

Security News, Exploits, and Vulnerabilities.

Remotely controlled EV home chargers – the threats and vulnerabilities

There are lots of home charger vendors. Some of them, such as ABB or GE, are well-known brands, but some smaller companies have to add ‘bells and whistles’ to their products to attract customers. One of the most obvious and popular options in this respect is remote control of the charging process. But from our point of view this sort of improvement can make chargers an easy target for a variety of attacks.

Zero-day in Windows Kernel Transaction Manager (CVE-2018-8611)

In October 2018, our AEP systems detected an attempt to exploit a vulnerability in the Microsoft Windows. Further analysis led us to uncover a zero-day vulnerability in ntoskrnl.exe.

DarkVishnya: Banks attacked through direct connection to local network

In 2017-2018, Kaspersky Lab specialists were invited to research a series of cybertheft incidents. Each attack had a common springboard: an unknown device directly connected to the company’s local network.

APT review of the year

What were the most interesting developments in terms of APT activity throughout the year and what can we learn from them? Not an easy question to answer. Still, with the benefit of hindsight, let’s try to approach the problem from different angles to get a better understanding of what went on.

KoffeyMaker: notebook vs. ATM

Kaspersky Lab’ experts investigated one such toolkit, dubbed KoffeyMaker, in 2017-2018, when a number of Eastern European banks turned to us for assistance after their ATMs were quickly and almost freely raided. It soon became clear that we were dealing with a black box attack.

Kaspersky Security Bulletin 2018. Statistics

During the year, Kaspersky Lab solutions repelled 1 876 998 691 attacks launched from online resources located all over the world, 554 159 621 21 643 946 unique malicious objects were detected and unique URLs were recognized as malicious by web antivirus components.

AA18-337A: SamSam Ransomware

Original release date: December 03, 2018
Summary
The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity a…

Kaspersky Security Bulletin 2018. Top security stories

All too often, both rely on manipulating human psychology as a way of compromising entire systems or individual computers. Increasingly, the devices targeted also include those that we don’t consider to be computers – from children’s toys to security cameras. Here is our annual round-up of major incidents and key trends from 2018

First Annual Cyberwarcon

Cyberwarcon is a brand new event organized yesterday in Arlington, Virginia, and delivered eight hours of fantastic content. “CyberwarCon is a one-day conference in the Washington D.C. area focused on the specter of destruction, disruption, and malicious influence on our… Read Full Article

Kaspersky Security Bulletin 2018. Story of the year: miners

Year 2018 began with a rise in the number of miner-related attacks. However, after a drop in the value of the main cryptocurrencies, which lasted from January to February, infection activity noticeably declined. General interest in cryptocurrencies also waned. Yet the threat is still current.

%d bloggers like this: