Kaspersky | Breaking Cybersecurity News | The Hacker News

Kaspersky Lab — We have nothing to hide! Russia-based Antivirus firm hits back with what it calls a " comprehensive transparency initiative ," to allow independent third-party review of its source code and internal processes to win back the trust of customers and infosec community. Kaspersky launches this initiative days after it was accused of helping, knowingly or unknowingly, Russian government hackers to steal classified material from a computer belonging to an NSA contractor. Earlier this month another story published by the New York Times claimed that Israeli government hackers hacked into Kaspersky ’s network in 2015 and caught Russian hackers red-handed hacking US government with the help of Kaspersky. US officials have long been suspicious that Kaspersky antivirus firm may have ties to Russian intelligence agencies. Back in July, the company offered to turn over the source code for the U.S. government to audit. However, the offer did not stop U.S. Dep...

The cold cyber war has just turned hot. According to a story published  today by the New York Times, Israeli government hackers hacked into Kaspersky’s network in 2015 and caught Russian government hackers red-handed hacking US government hackers with the help of Kaspersky. In other words — Russia spying on America, Israel spying on Russia and America spying on everyone. What the F^#% is going around? It is like one is blaming another for doing exactly the same thing it is doing against someone else. Wow! Well, the fact that everyone is spying on everyone is neither new nor any secret. However, somehow now Kaspersky Labs is at the centre of this international espionage tale for its alleged devil role. Just last week, the Wall Street Journal, an American media agency, published a story against the Kaspersky, a Russian antivirus provider, claiming that the Russian government hackers stole highly classified NSA documents and hacking tools in 2015 from a staffer's home ...

Do you know—United States Government has banned federal agencies from using Kaspersky antivirus software over spying fear? Though there's no solid evidence yet available, an article published by WSJ claims  that the Russian state-sponsored hackers stole highly classified NSA documents from a contractor in 2015 with the help of a security program made by Russia-based security firm Kaspersky Lab. Currently, there is no way to independently confirm if the claims on the popular security vendor published by the Wall Street Journal is accurate—and the story does not even prove the involvement of Kaspersky. "As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight," Kaspersky said in a statement. The NSA contractor working with the American intelligence agency, whose identity has not yet been disclosed, reportedly do...

Hit by Jaff Ransomware? Don't pay the Ransom. You can unlock your files for Free! Kaspersky Labs has released an updated version 1.21.2.1 of its free ransomware decryption tool, RakhniDecryptor, which can now also decrypt files locked by the Jaff ransomware . Security researchers at Kaspersky Labs have discovered a weakness in the Jaff ransomware code that makes it possible for victims to unlock their Jaff-infected files for free. First identified last month, Jaff is relatively new ransomware that's being distributed with the help of ' Necurs botnet ' that currently controls over 6 million infected computers worldwide. Necurs botnet is the same botnet – army of compromised internet connected devices – that was used to distribute Dridex Banking Trojan and Locky ransomware , which also infects users’ machines, encrypt files and then demand a ransom before unlocking them. Jaff ransomware (Trojan-Ransom.Win32.Jaff) attack is primarily carried out by sending ...

Russian antivirus vendor Kaspersky Lab is so upset with US software giant Microsoft that the security firm has filed more antitrust complaints against the company. The antivirus firm initially filed a lawsuit late last year against Microsoft with Russian Federal Anti-monopoly Service (FAS) over alleged abuse of Microsoft's dominant position in the desktop market to push its own antivirus software with Windows 10 and unfair competition in the market. Microsoft ships Windows 10 with its own security software Windows Defender, which comes enabled it by default with the operating system. While Microsoft has made some changes in Windows Defender since the initial complaint, Kaspersky Lab is not satisfied with the changes, filing more antitrust complaints against the software giant, this time with the European Commission and the German Federal Cartel Office. Kaspersky Accuses Microsoft of Unfair Competitive Practices The antivirus firm told European antitrust regulators that Mi...

Hackers targeted at least 8 ATMs in Russia and stole $800,000 in a single night, but the method used by the intruders remained a complete mystery with CCTV footage just showing a lone culprit walking up to the ATM and collecting cash without even touching the machine. Even the affected banks could not find any trace of malware on its ATMs or backend network or any sign of an intrusion. The only clue the unnamed bank's specialists found from the ATM's hard drive was — two files containing malware logs. The log files included the two process strings containing the phrases: "Take the Money Bitch!" and "Dispense Success." This small clue was enough for the researchers from the Russian security firm Kaspersky, who have been investigating the ATM heists, to find malware samples related to the ATM attack. In February, Kaspersky Labs reported that attackers managed to hit over 140 enterprises, including banks, telecoms, and government organizations, in th...

Researchers have warned users of Android devices to avoid app downloads from particularly unauthorized sources, since a new and sophisticated piece of malware is targeting Android users through phishing emails . The malware, dubbed SandroRAT , is currently being used by cybercriminals to target Android users in Poland via a widely spread email spam campaign that delivers a new variant of an Android remote access tool (RAT). The emails masquerade itself as a bank alert that warns users of the malware infection in their mobile device and offers a fake mobile security solution in order to get rid of the malware infection. The mobile security solution poses as a Kaspersky Mobile Security , but in real, it is a version of SandroRAT, a remote access tool devised for Android devices, whose source code has been put on sale on underground Hack Forums since December last year. A mobile malware researcher at McAfee, Carlos Castillo, detailed the new variant of Android remot...

A sophisticated cyber spying operation, The Mask , that has been under the radar for about 7 years and targeted approximately 31 countries, has now been unmasked by researchers at Kaspersky Labs . Researchers believe the campaign has been active since 2007 and is a highly sophisticated nation-state spying tool targeting government agencies, diplomatic offices, embassies, private companies, and activists. In the report published by Kaspersky, over 380 unique victims were identified. The name " Mask " comes from the Spanish slang word "Careto," meaning " Ugly Face " or " Mask ," which was found in several malware modules. Developers of The Mask (aka Careto ) used a complex toolset, including advanced malware, bootkits, and rootkits capable of: Sniffing encryption keys Intercepting VPN configurations, SSH keys, and RDP files Monitoring network traffic, keystrokes, Skype conversations, Wi-Fi traffic Capturing screens and tracking file op...

We have a lot of information on Stuxnet virus, a powerful malware that for the first time has shown to governments the capabilities and efficiency of a cyber weapon. Eugene Kaspersky, CEO of Kasperky security firm revealed that Stuxnet had badly infected the internal network of a Russian nuclear plant, according to the information he obtained from an unnamed staffer at the Nuclear Plant. " So unfortunately these people who were responsible for offensive technologies, they recognize cyber weapons as an opportunity ." Kaspersky said. During a presentation given at the Canberra Press Club, Kaspersky provided an excellent overview on the security of cyberspace, in particular highlighting the effect of the activities of state-sponsored espionage and cyber crime. " All the data is stolen, " Kaspersky said. " At least twice ." The malware Stuxnet is widely considered to have been developed by the US Government in a joint work with Israel c...

The cyber Security Analyst  ' Ebrahim Hegazy ' (@Zigoo0) Consultant at Q-CERT has found an " Unvalidated Redirection Vulnerability " in the website of the giant security solutions vendor "Kaspersky". Ebrahim, who found a SQL Injection in " Avira " website last month, this time he found a Unvalidated Redirection Vulnerability that could be exploited for various purposes such as: Cloned websites ( Phishing pages) It could also be used by Black Hats for Malware spreading In the specific case what is very striking is that the link usable for the attacks is originated by a security firm like Kaspersky with serious consequences. Would you trust a link from your security vendor? Absolutely Yes! But imagine your security vendor is asking you to download a malware! To explain how dangerous the situation is when your security vendor is vulnerable, Ebrahim Hegazy sent me a video explaining the malware spreading scenario to simulate...

Tibetan and Uyghur activists are once again targeted with a new malware, specially designed for Android devices. This is the first documented attack that targets Android smartphones . Security researchers at Kaspersky say they've  found a targeted malware attack on Android phones that seems to come from China. The attack relied heavily on social engineering, a kind of verbal manipulation, to hack into their targets’ devices. Malware seeks to steal information like contacts, call logs, and SMS of people who work in the field of human rights. Kaspersky has identified the Trojan as " Chuli ," after a command function that shows up prior to posting stolen data to the command-and-control server at the URL: hxxp://64.78.161.133/*victims's_cell_phone_number*/process.php. On March 24, the attackers infiltrated the email account of a high-profile Tibetan activist, and used that account to send a spear-phishing email to their contacts list. ...

Kaspersky Lab's team of experts recently published a new research report that analyzed that Cyber criminals have targeted government officials in more than 20 countries, including Ireland and Romania with a new piece of malware called ' MiniDuke '. In a recent attack, malware has infected government computers this week in an attempt to steal geopolitical intelligence. The computers were infected via a modified Adobe PDF email attachment, and the perpetrators were operating from servers based in Panama and Turkey. According to Kaspersky Lab CEO Eugene Kaspersky," I remember this style of malicious programming from the end of the 1990s and the beginning of the 2000s. I wonder if these types of malware writers, who have been in hibernation for more than a decade, have suddenly awoken and joined the sophisticated group of threat actors active in the cyber world. " Last week Adobe released an update that patches the Adobe PDF bug (CVE-2013-6040) used in the atta...

FireEye researchers recently came across a zero-day security flaw in Adobe Reader that's being actively exploited in the wild. The zero-day vulnerability is in Adobe PDF Reader 9.5.3, 10.1.5, 11.0.1 and earlier versions. According to researchers, once malware takes advantage of the flaw, its payload drops two dynamic-link libraries, or DLLs, which are application extensions used by executable files to perform a task. In this case, they allow the infected computer to communicate with a hacker-owned server. No additional details about the zero-day vulnerabilities have been publicly released, and but researchers with antivirus provider Kaspersky Lab have confirmed the exploit can successfully escape the Adobe sandbox. " We have already submitted the sample to the Adobe security team. Before we get confirmation from Adobe and a mitigation plan is available, we suggest that you not open any unknown PDF files ," said FireEye team. But until the vulnerability gets patched,...

A new sensational discovered has been announced by Kaspersky Lab’s Global Research & Analysis Team result of an investigation after several attacks hit computer networks of various international diplomatic service agencies. A new large scale cyber-espionage operation has been discovered, named Red October , name inspired by famous novel The Hunt For The Red October (ROCRA) and chosen because the investigation started last October. The campaign hit hundreds of machines belonging to following categories: Government Diplomatic / embassies Research institutions Trade and commerce Nuclear / energy research Oil and gas companies Aerospace Military The attackers have targeted various devices such as enterprise network equipment and mobile devices (Windows Mobile, iPhone, Nokia), hijacking files from removable disk drives, stealing e-mail databases from local Outlook storage or remote POP/IMAP server and siphoning files from local network FTP servers. Accordin...

The news is sensational, according the French magazine L'Express the offices of France's former president Sarkozy were victim of a cyber attack, but what is even more remarkable is that for the offensive was used the famous malware Flame. On the origin of the malware still persist a mystery, many security experts attribute it to joint work of Israel and US development team. Let's remind that according the analysis on Flame source code conducted by Kaspersky the malware is linked to Stuxnet, a version of the famous virus shared a module with the spy toolkit. Frame is considered one of the most complex spy tool produced by a state sponsored project and its use in the attacks against French government suggests the existence of a cyber espionage campaign to collect sensible information. An official declaration coming from spokesmen of the Elysee Palace and reported by the magazine states: "Hackers have not only managed to get to the heart of French political power,...

When it comes to security, small and midsize businesses are largely unaware of the risks they face. Cybercrime is a serious problem which affects businesses of all sizes and can have devastating consequences. U.S. small businesses should understand they cannot completely remain safe from cyber-threats if they do not take the necessary precautions. Although such threats existed long before malware emerged, data theft, fraud and industrial spying are all now typically conducted through cyber-attacks. The picture painted is of an environment under siege, with an alarming 41% of businesses acknowledging themselves less than ready to face cyber-threats. Kaspersky Lab and B2B International recently conducted a survey among IT professionals working for large and medium-sized businesses to find out what IT specialists thought of corporate security solutions, to determine their level of knowledge about current threats, the sort of problems they most often face, and thei...

Eugene Kaspersky is working with his engineers at Russian security firm Kaspersky Lab to create a secure-by-design OS for ICS. In an interview Kaspersky said ” It’s true no one else ever tried to make a secure operating system. This may sound weird because of the many efforts Microsoft, Apple and the open source community have made to make their platforms as secure as possible. With all respect, we should admit they were developing a universal solution for a wide range of application and various kinds of users. And security and usability is always a matter of compromise! With a universal OS a developer inevitably sacrifices security for usability ." Companies that maintain ICS are forced to try to patch them on the fly in the event of a malware attack, a process usually easier said than done. Instead, Kaspersky suggests that the solution lies in a secure operating system, one in which ICS can be installed. Such an OS could help ensure that industrial systems stay healthy ...