Kaspersky Antivirus Patch Archives

Survey on industrial cybersecurity in 2020

Survey on industrial cybersecurity in 2020

Every security officer views remote connections to corporate systems as a potential threat. For infosec experts at industrial enterprises, and especially at critical infrastructure facilities, the threat feels very real.
Every security officer views remote connections to corporate systems as a potential threat. For infosec experts at industrial enterprises, and especially at critical infrastructure facilities, the threat feels very real.

You can’t blame them for being cautious. Industrial enterprises, for which downtime can mean damage in the millions of dollars, are tempting targets for cybercriminals of all stripes. Ransomware operators are...

Altai-2020: Chulyshman -> Katu-Yarik -> Bashkaus.

Altai-2020: Chulyshman -> Katu-Yarik -> Bashkaus.

In this post there’ll be a lot more photos than there are words. First up – photos of the route to Chulyshman ->

We got there in a small convoy of sturdy vehicles, supplied by the Altai-Guide tourist agency (which we helped with an expedition to Chukotka a while back; the stickers on the vehicles are those left over from then).

We turn into the Chulyshman valley…

The river was at low tide, but it was anything but calm ->

The views everywhere you look – oh my gracious!

The famed Chulyshman rapids:

Not that we’d be white-water rapid-riding here. This stretch is pro-level. Mere amateurs like us – who have a bit of a paddle once every...

Zerologon vulnerability threatens domain controllers

Zerologon vulnerability threatens domain controllers

On August’s Patch Tuesday, Microsoft closed several vulnerabilities, among them CVE-2020-1472. The Netlogon protocol vulnerability was assigned a “critical” severity level (its CVSS score was the maximum, 10.0). That it might pose a threat was never in doubt, but the other day, Secura researcher Tom Tervoort (who discovered it) published a detailed report explaining why the vulnerability, known as Zerologon, is so dangerous and how it can be used to hijack a domain controller.

Essentially, CVE-2020-1472 is a result of a flaw in the Netlogon Remote Protocol cryptographic authentication scheme. The protocol...

Ode to joy – on Lake Teletskoye.

Ode to joy – on Lake Teletskoye.

Lake Teletskoye fills you with rapturous joy. Its vastness, its fiord-like vistas, and of course Altai’s mysterious… vibes. Bit more info re these mysterious vibes, btw: They’re not only magically calming-soothing and encourage you to go full-on meditative “we’re-all-one, there’s-only-now”; for some reason they also… keep you from sleeping! I reckon it must be that the part of the brain that’s responsible for all the deep and philosophically pensive activity simply doesn’t permit the rest of brain any room to maneuver: it kinda just hogs all the resources, much like a very old computer antivirus ).

The lake was calm and even-surfaced when we were there,...

A modern take on the movie Hackers

A modern take on the movie Hackers

Several common misconceptions hinder the widespread adoption of cybersecurity culture. One myth — hackers are really smart, so it’s pointless to fight them —was popularized in particular by the movie Hackers, released exactly a quarter of a century ago. The movie gave rise to a set of clichés still employed by the film industry.

Indeed, the movie’s misfit heroes and their adversary, Plague, an infosec expert at Ellingson Mineral, are portrayed as highly intelligent geeks able to find and exploit vulnerabilities in any information system.

For example, the main character is equally at ease breaking into a school database and a cable operator’s network....

Oh my, oh my: 24 days in Altai!

Oh my, oh my: 24 days in Altai!

I think I’ve mentioned in passing recently – perhaps more than once – that I took my annual summer vacation this year in Altai. But it’s mid-September already – and still no Altai series of pics and tales? Eh? But don’t worry, it’s on its way – coming up soon. The thing is, there are soooo many photos this year, and so much video too that needs professional digital editing. Still, I am today able to at least give you my traditional taster, aka, starter course, aka aperitif, as a warm-up…

First, I can tell you – no, repeat to you, since I’ve been to Altai before, and even wrote a travelogue-book about the experience – that Altai is one of the most magically...

Transatlantic Cable podcast, episode 160

Transatlantic Cable podcast, episode 160

We interrupt our regular Kaspersky Transatlantic Cable podcast programming for a look at a new documentary about the Kuril Islands.

The documentary, From Kurils with Love, is a new project from Kaspersky’s Tomorrow Unlocked that takes a look at the Kuril Islands. Check out the trailer here:

For this podcast, I sat down with my coworkers Alejandro Arango and Povel Torudd, who were on the expedition and were involved in the production of the documentary. During our 35-plus-minute conversation, we touched on everything from where the Kuril Islands are, and why they are important, to life on a boat with strangers, and what’s next for Kaspersky. For...

What end-to-end encryption is, and why you need it

What end-to-end encryption is, and why you need it

In recent years, communications services ranging from WhatsApp to Zoom have announced their implementation of end-to-end encryption. What does that mean? Well, the idea of encryption is pretty straightforward: It turns data into something that cannot be read. But what does end-to-end mean? What are its pros and cons? Without getting into the underlying math and technical terms, we’ll explain it as simply as we can.

End-to-end encryption is the act of applying encryption to messages on one device such that only the device to which it is sent can decrypt it. The message travels all the...

Transatlantic Cable podcast, episode 159

Transatlantic Cable podcast, episode 159

It is 2020, and an election year in the US, so Dave and I kick off this week’s Kaspersky Transatlantic Cable podcast by looking at Russian troll farms.

In this story, the FBI tipped off Facebook, which in turn took down a number of accounts tied to the Internet Research Agency. That may have stopped the accounts before the disinformation spice could flow. Staying in the land of fakeness, we jump from news to Amazon reviews. This deep dive from the media exposed some interesting things about product reviews on the e-commerce giant — in the UK, at least.

Our third story stays on the topic of things that aren’t real. Unlike politics and reviews, this...

How invulnerable is Linux?

How invulnerable is Linux?

Linux is malware-free — or so many believed for many years. The delusion arose from three bases. First, Linux was a niche system, used far less commonly than Windows. Second, it was used mainly by IT pros, who are savvier than the average user. And third, given the specifics of the system architecture, malware would have to obtain root permissions somehow to cause damage, greatly complicating attacks.

However, times change, and nowadays, Linux-based systems are catching up with Windows in some areas, having long overtaken it in others. What’s more, many developers are trying to make their systems more end-user friendly by providing graphical shells and tools...

Bomb threat spam

Bomb threat spam

In late August, our mail traps started picking up some unusual blackmail messages. In them, cybercriminals claim to have planted a tetryl-charged bomb somewhere in the recipient’s office and say it will be detonated unless a ransom is paid or if police activity is observed near the building.

In reality, of course, there is no bomb — it’s an empty threat mailed indiscriminately to companies of all sizes. Cybercriminals count on scaring the victim into a knee-jerk response, because with time to think, they will realize that paying ransom solves nothing — if there is a bomb in the building, it’s not going anywhere.

In terms of structure and delivery method, this type of...

Murmansk: the sunny, windless resort!

Murmansk: the sunny, windless resort!

The other day – finally! – I was back on the road after a six-month hiatus. It wasn’t my usual globetrotting routine, but it was a trip away – on a plane. Up to Murmansk!

It was just a short trip (over a long weekend), whose main purpose was a spot of fishing in the Barents Sea. Actually (and just as I like it), there was another reason for the trip – a spot of business (discussing certain industrial cybersecurity projects). But enough about work already (more on the work topic in an upcoming post from Sochi); today – it’s all about the fishing!…

We flew (yes – it did all feel a bit alien after half a year!) into Murmansk in the dead of night, but...

The tracking pixel in service of cybercrime

The tracking pixel in service of cybercrime

Attackers tend to do painstaking groundwork to engineer business e-mail compromise attacks (BECs). When they pose as someone authorized to transfer funds or send confidential information, their messages need to look as close to legitimate as possible. Details matter.

We recently got our hands on an interesting example of an e-mail sent to a company employee in an attempt to start a conversation.

The text is fairly cut and dried for the type of e-mail in question. The attacker makes it clear that the sender is in a meeting, so not available by other means of communication. They do that to discourage the recipient from checking if they are...

Cybersecurity – the new dimension of automotive quality

Cybersecurity – the new dimension of automotive quality

Quite a lot of folks seem to think that the automobile of the 21st century is a mechanical device. Sure, it has added electronics for this and that, some more than others, but still, at the end of the day – it’s a work of mechanical engineering: chassis, engine, wheels, steering wheel, pedals… The electronics – ‘computers’ even – merely help all the mechanical stuff out. They must do – after all, dashboards these days are a sea of digital displays, with hardly any analog dials to be seen.

Well, let me tell you straight: it ain’t so!

A car today is basically a specialized computer – a ‘cyber-brain’, controlling the...

Transatlantic Cable podcast, episode 158

Transatlantic Cable podcast, episode 158

Dave and I kick off the 158th edition of the Kaspersky Transatlantic Cable podcast by looking at some malware that is now on — gasp — Macs.

In a new post, Patrick Wardle talks about how Shlayer malware was actually approved by Apple. So much for Macs not getting viruses. From there, we move to a story that was practically made for a TV or Netflix movie. The tale looks at espionage and how the FBI and Tesla halted a cyberattack.

Our third story heads to the gaming sector and the illicit marketplace for Fortnite accounts. After that, we discuss a vulnerability in Slack. To close out the podcast, we look at an advisory from the FBI about older daters...

The film ‘From Kurils with Love’ – much of it shot from above.

The film ‘From Kurils with Love’ – much of it shot from above.

Precisely a year ago, a group of like-minded adventurers and I took few weeks to leisurely tour Russia’s far-eastern Kuril Islands on a ship. Click on the link for plenty of pics and words about the expedition, but today I’m not writing about that, I’m writing about something else.

See, the group of like-minded adventurers I was with included a group of curious American documentary makers. Among them: the famous landscape photographer Chris Burkard, the legendary traveler-photographer-climber Renan Ozturk, the documentary filmmaker and conservationist Taylor Rees, their super-professional photography-and-film crew, plus...

Thin clients from a security perspective

Thin clients from a security perspective

The year 2020, with its pandemic and forced self-isolation, has raised a number of fundamentally new questions for businesses. One — has any company ever had to calculate depreciation for employees’ use of home chairs, monitors, and desks before? — has become quite relevant. The greatest burden has fallen on the IT and security departments. The former had little warning they’d have to provide staff with a remote workplace environment, and the latter needed urgently to develop new information security strategies for a world in which the security perimeter is everywhere.

Pessimists predicted the collapse of IT, but that did not happen; for the most...