Tag: kaspersky lab
-
VB2017 preview: Mariachis and jackpotting: ATM malware from Latin America
A few years ago, I saw an ATM being opened for the first time. “Hold on,” I thought, “this is really just a Windows XP PC!” Suddenly, I realised that, to attack an ATM, cybercriminals wouldn’t need to write anything like Stuxnet-level malware. Indeed, ATM malware has been on the rise, particularly in Latin America,…
-
VB2017 preview: Mariachis and jackpotting: ATM malware from Latin America
A few years ago, I saw an ATM being opened for the first time. “Hold on,” I thought, “this is really just a Windows XP PC!” Suddenly, I realised that, to attack an ATM, cybercriminals wouldn’t need to write anything like Stuxnet-level malware. Indeed, ATM malware has been on the rise, particularly in Latin America,…
-
VB2016 video: On the StrongPity waterhole attacks targeting Italian and Belgian encryption users
Last week, Microsoft published a paper on two attack groups, dubbed PROMETHIUM and NEODYMIUM, that targeted individuals in Europe and that both used the then unknown and unpatched vulnerability CVE-2016-4117 in Abobe Flash Player . However, Microsoft wasn’t the first company to write about the PROMETHIUM group and the Truvasys malware it used. At VB2016 in Denver, Kaspersky…
-
VB2016 video: On the StrongPity waterhole attacks targeting Italian and Belgian encryption users
Last week, Microsoft published a paper on two attack groups, dubbed PROMETHIUM and NEODYMIUM, that targeted individuals in Europe and that both used the then unknown and unpatched vulnerability CVE-2016-4117 in Abobe Flash Player . However, Microsoft wasn’t the first company to write about the PROMETHIUM group and the Truvasys malware it used. At VB2016 in Denver, Kaspersky…
-
VB2016 paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks
Security researchers have a complicated relationship with attribution. On the one hand, for technical analyses, it doesn’t matter whether an attack was performed by a Bear, a Panda or an Eagle, and whether it was Cozy or Fancy. But security research doesn’t exist in a void, and in an era where the overlap with geopolitics…
-
VB2016 paper: Wave your false flags! Deception tactics muddying attribution in targeted attacks
Security researchers have a complicated relationship with attribution. On the one hand, for technical analyses, it doesn’t matter whether an attack was performed by a Bear, a Panda or an Eagle, and whether it was Cozy or Fancy. But security research doesn’t exist in a void, and in an era where the overlap with geopolitics…
-
NSA, GCHQ found to target anti-virus products
Agencies looked for vulnerabilities to exploit and for submitted malware samples. New documents from NSA whistle-blower Edward Snowden have revealed the agency and its British counterpart GCHQ have actively been targeting anti-virus companies, The Intercept reports . The agencies have been found to be looking for weaknesses in anti-virus products and to have obtained intelligence…