Security News
Q3 beat every record in terms of daily number of DDoS attacks, according to a new report from Kaspersky. The total number of DDoS attacks was up 24% compared to Q3 2020 while the number of advanced, "Smart" attacks was up 31% over the same time period.
Kaspersky said today that a legitimate Amazon Simple Email Service token issued to a third-party contractor was recently used by threat actors behind a spear-phishing campaign targeting Office 365 users. Amazon SES is a scalable email service designed to allow developers to send emails from any app for various use cases, including marketing and mass email communications.
Security outfit Kaspersky has presented research on what appears to be the second new tool of the Nobelium advanced persistent threat group outed so far this week - a piece of malware dubbed Tomiris. The new malware is linked to an earlier tool known as Sunshuttle, itself a second-stage successor to the Sunburst malware used in the high-profile supply-chain attack carried out on SolarWinds' Orion IT monitoring system last year.
Kaspersky has presented the findings of an eight-month probe into the FinFisher spyware toolset - including the discovery of a UEFI "Bootkit" infection method and "Advanced anti-analysis methods" such as "Four-layer obfuscation." The toolkit receives frequent updates to evade detection and add new functionality, with Kaspersky having previously investigated a 2019 update which boosted its spying capabilities to include chat, physical movement, microphone, and camera access, alongside locally stored data capture and exfiltration.
A flaw in the MSHTML engine that lets an attacker use a malicious Office document to install malware is currently being used against the energy, industrial, banking, medical tech, and other sectors. A recently reported security vulnerability in Microsoft's MSHTML browser engine is being found all over the world, and Kaspersky said it "Expects to see an increase in attacks using this vulnerability."
Using data gathered by its Privacy Checker website, Kaspersky has been able to pinpoint areas of concern for visitors seeking to improve their privacy posture. Using data gathered over nearly two years, Kaspersky said that its Privacy Checker website indicates that most visitors are concerned over mobile operating system privacy and the privacy of their data captured by Google.
With Kanye West's latest album, "Donda," due out imminently, cybersecurity company Kaspersky has taken the time to investigate whether cybercriminals were taking advantage of the hype to spread malicious files, a la "Black Widow." It found that, while the number of scams wasn't huge, they do exist and take several different forms. In the case of Kanye's latest release, Kaspersky found fake downloads just like those found in the days immediately preceding the release of "Black Widow." Two particular adware files were named by Kaspersky, Download-File-KanyeWestDONDA320.
Security researchers at Kaspersky have identified a widespread cyberespionage campaign that targets government offices in Asia; the cybersecurity attack starts with a spearphishing email. Kaspersky analysts explained the LuminousMoth attack on the SecureList blog and suggested that the lopsided numbers between the two countries could be due to an additional and unknown infection vector used only in the Philippines.
On the eve of its actual release, the scams have begun anew. Superhero film "Black Widow" is finally getting its official release on July 9, and Kaspersky is warning that scammers are using the highly anticipated movie as a way to make off with watcher's credit card information and commit other cybercrimes.
A vulnerability in the Kaspersky Password Manager resulted in the created passwords being weak enough to allow an attacker to brute-force them in seconds, a security researcher claims. Developed by Russian security firm Kaspersky, the Kaspersky Password Manager allows users not only to securely store passwords and documents, but also to generate passwords when needed.