Home » Tag Archives: kaspersky lab

Tag Archives: kaspersky lab

An Overview of Threats Against Companies in This Year 2014

The number of companies who become victims of cyber attacks are rising on this year. Kaspersky Lab Research and B2B International shows 91% of companies surveyed have been victims of cyber attacks at least once within past 12 months, while 9% Others were targeted attacks, ie planned attacks that aims to infect network infrastructure company or organization.

Breadth of digital devices used in many companies has created ideal conditions for cyber spying and launch a malware to steal corporate data. Its have a great potential so that a malicious program could be replace an informant (insider) to obtain the information.

Main Findings the Corporate Threat in This Year:

  • The unfolding of spyware attacks are associated with various governments
  • Most incidents involving cyber criminals aim to steal information
  • Revealed an attack to the contractor, and not to the big company
  • Emerging new actor in APT attack: cyber-army who undertake cyber spying based-on request

In 2013 revealed some spyware attacks are associated with numerous government agencies, either directly or indirectly. Other actors in terms of cyber threat against corporates is the company that using cyber criminals because their competitors wishing to enter the networks.

Cyber-army perform the operation that usually aimed to stealing information. Another attack aimed to sabotaging – using the malicious programs to delete data or block operations infrastructure.

Some programs specifically Trojan was able to steal money through online banking system. The cyber criminals can hack into the company’s websites and redirect visitors to malicious sites, and this action could damage the company’s reputation. Financial loss is generally caused by DDoS attacks, which can shut down the site public utility companies for a few days. As a result, the client switched to another company and this leads to long-term financial losses.

CyberSecurity for the Next Generation in 2014 Held Again

Bring together young researchers, a leading IT security experts and professors from universities around the world in a collaborative environment, fun and creative to discuss the hottest issues on the cyber security held back. Kaspersky Lab has just announced the resumption of the annual competition for students, “CyberSecurity for the Next Generation” for the new academic year.

In 2014, the conference “CyberSecurity” consists of four rounds and one regional global finals. Participants can submit their paper or project starting today via the new online through the following link.

Competition “CyberSecurity for the Next Generation” is open to students around the world, both Bachelor and Magister. The following topics can be submitted by students:

  1. Emerging threats for emerging platforms.
  2. Embedded systems; Mobile security: Android, IOS, Windows Phone; Windows 8, Mac OS & and other OS, etc.
  3. Securing cloud, virtual & ‘big-data’ infrastructure.
  4. Mail services; Storage services; Social Networking, and others.
  5. Future protection technologies.
  6. Proactive detection technologies; Filtering technologies; Web application security, and others.
  7. Securing corporate infrastructure.
  8. Facing advanced persistent threats (APTs) / targeted attacks; vulnerabilities, exploits; rootkits / bootkits; botnets; DDoS attacks; network security, and others.
  9. Security education.
  10. Tools and resources to improve and promote awareness of IT security (Advertising, Marketing)

The whole creation will be judged by a committee of experts at Kaspersky Lab, a leading scholar in the field of IT security, IT decision makers in companies, as well as media representatives. The author of the most interesting projects or papers and most innovative will be invited to attend the regional round of the competition will be done by region, following:

  1. European Cup for the European region: December 2013 – Politecnico di Milano, Italy
  2. Russia & CIS Cup to Russia and the surrounding region: February 2014 – Kiev Polytechnic Institute, Ukraine
  3. Asia-Pacific & MEA Cup for the Asia-Pacific region and the Middle East: March 2014 – Korea University, South Korea
  4. Americas Cup for America: March-April 2014 – Georgetown University, United States

Through the workshop, teamwork activities, as well as attending seminars and panel discussions held by leading experts, this conference provides a unique opportunity for students to demonstrate their knowledge of research and in front of the leading academics and industry experts, and opening the door to new job opportunities and interest in IT security fields.

For the regional round winner, will receive a cash prize and the opportunity to participate in the international finals to be held in June 2014 in Stockholm, Sweden by presenting the best works of the regional round.

Last year, FirmanAzhari from Bandung Institute of Technology, won the final round of world events “CyberSecurity for the Next Generation” held at Royal Holloway, University of London on 24 to 27 June 2013. His work entitled “Security Vulnerability Detection of Near Field Communication applications in Indonesia” that addresses the protection for electronic payment (e-payment) and the data of electronic identity (e-identity) managed to steal the attention of jury. He beat other participants from around the world.

For more information on “CyberSecurity for the Next Generation – 2014” and a variety of other initiatives in the field of education held by Kaspersky Lab, please go to the following link:

facebook.com / KasperskyStudentConference

How to Secure Online Transactions? Tips to Securing and Vulnerabilities

Can not be denied, the number of users online transactions each year continues to increase. Harris Interactive survey conducted in February-March 2012 said there were 57 percent of Internet users who manage bank accounts online and make online shopping. Of these, about 31 percent admitted they store data banking on the hard drive.

Therefore not surprising that banking information is very tempting targets for cyber criminals. The target was none other data such as login passwords, code validation and confirmation of transactions that they could use to fake himself as the owner of an electronic account. In addition, e-mail is also often used as one of the simplest ways to get financial information.

E-mail like this usually contains a message that entices the recipient to provide personal information or visit the official website of a particular bank. Another way is to include a link that directs consumers to third party sites that contain malicious programs. The cyber criminals can steal information from infected systems, by means similar with theft information through websites ‘official’ that they make, or make the interception of information typed through a browser. Interception can also be done directly using a keylogger.

One of the trojan that took part in a theft trick this is Trojan-Banker.MSIL.MultiPhishing.gen. This Trojan detected by Kaspersky Lab experts in January 2012 ago. This Trojan is designed to steal credentials major banks in Europe.

So, although this trojan has entered into a victim’s computer, but this trojan will not be activated immediately, but waits until the user is logged into one bank online services. How it works, the trojan will display a window that mimics the bank authorization form that is accessible, while the original windows from bank will be closed by this trojan. This Trojan can be detected by antivirus registered in England.

To protect customers from threats that exist when doing online banking, some banks apply to their own protection. For example, multiple authentication which requires customers to use two passwords. The first and second login to confirm payment or other transaction.

This can be combined with one-time password system that sent the bank to make cell phone customers every single transaction. Another way is to give a token to its customers to generate passwords on request. In addition, for the outside teller transactions, such as online banking, mobile banking, SMS banking and others, banking uses SSL secure connection that reduces risk of Data theft during transmission.

To ensure the security of your banking information – and the system you use – it takes a reliable antivirus solution with a reliable Internet security. This solution should be able to protect your computer from malicious software, network attacks and malware in e-mail traffic using traditional technology and proactive. You also need an antivirus program that can protect you while exploring the virtual world. To overcome the keylogger can intercept data to typed on your keyboard, you can use a virtual keyboard.

Safe Money Kaspersky provides technology designed to protect banks and other financial information during transactions. Some of the protection offered by this solution are:

  • Database address of bank and trusted e-payment system that can be modified by the consumer;
  • Tools to verify the identity of a server;
  • Tools to scan your computer and look for vulnerabilities that affect the security of online banking;
  • Protection of the browser creates an isolated environment for bank sites, payment systems and online stores;
  • Features that protect the Secure Keyboard Data entry with the help of a special drive and mouse-driven virtual keyboard.

Duqu Trojan Use an Unknown Programming Language

Some time later, Duqu Trojan increasingly popular as a dangerous malware targeting intelligence. Duqu was first discovered in September 2011. However, according to Kaspersky Lab, the Duqu trace have been tracked since August 2007. Kaspersky Lab found that Duqu Trojan written in a programming language that is not known. Duqu a sophisticated Trojan that was created by the same people who make Stuxnet. This malware has goal as a system backdoor and facilitate the stealing confidential data.

Kaspersky recorded the biggest victims in Iran. Duqu generally looking for information about production management systems in various industrial sectors, as well as information about trade relations between the several companies in Iran.

The unsolved biggest mystery of Trojan Duqu is how the program communicates with the server Command and Control (C&C) when successfully infect a victim. Duqu module whose role is to interact with the C&C is part of the payload DLL Duqu. After a comprehensive analysis of payload DLL, Kaspersky Lab researchers found there was a special section in payload DLL, specifically communicating with C&C, written in a programming language that is not known. Kaspersky Lab researchers call this unknown part as “Duqu Framework”.

Unlike other Duqu, Duqu Framework is written in C++ and compiled with Visual C++ 2008 Microsoft. Author Possible uses in-house framework to generate intermediary C code, or use a programming language that is completely different. However, the researcher Kaspersky Lab has stated that the language is object-oriented and conducted a number of activities in accordance with the application network.

Duqu Framework Language very special and Payload DLL allows to operate independently with other Duqu module and connect it to the C&C through several channels such as Windows HTTP, network sockets and proxy server. It also allows Payload DLL process the request HTTP server directly from the C&C, secretly move the duplicate information that was stolen from the infected to the C&C, can even distribute the payload other hazardous into other devices in the network, and creates a form of control and the latent spread infection to other computers.

“Given the scale of Duqu project, possibly who created Duqu framework is its own team that different than group that created the driver and writing system infection that exploited,” said Alexander Gostev, Chief Security Expert Kaspersky Lab. “Given the high level of customization and exclusivity on the programming language was created, it is possible this program was created not only to prevent outsiders know the spying cyber operations and its interaction with the C&C, but also to distinguish it from others internal groups Duqu are responsible for writing other part of this program.”

According to Alexander Gostev, making its own programming language shows how high the ability of developers program working on this project, and demonstrate the ability of financial and human resources are mobilized to ensure the project runs.

Kaspersky Lab invites community of programmers or anyone who recognizes the framework, toolkit or unknown programming language Duqu Trojan to contact stopduqu@kaspersky.com.

Independent research choosing Kaspersky Mobile Security As One Of The Best Program

Many selection programs for Android can outwit the protection of consumers. However, recent testing shows that the solution from Kaspersky Lab is the ultimate. Recent independent studies of AV-Test.org choose Kaspersky Mobile Security as one of the two products (from 41 samples), which successfully handles all the malicious programs. Other products fail to provide protection, even the most basic protection, against malicious programs that target mobile devices. Overall, testing by AV-Test.org conducted earlier in 2012, gives ‘green light’ only to the seven products, while 18 only solution capable of detecting less than 40% of hazardous samples and six of them had failed to identify malicious code.

Victor Dronov, Senior Product Manager, Kaspersky Lab, said, “The amount of the sample malware for mobile devices in our database has reached more than 10 thousand. We therefore believe to have Android smartphone protection solution for you is very important. We are very pleased with the results of independent testing conducted by AV-Test.org. They prove the efficiency of our products, and provide support to the combined technologies of traditional protection and a new cloud-based protection we launch. It also shows that our product is the market leader of products, either for free or paid products”.

Recently AV-Test.org evaluated the free antivirus against Kaspersky Lab, and others vendor, and found that tightening costs in terms of protection proved futile than when investing in online security. Further evaluation of this show as much as possible the experts analyze the products. To provide the most accurate results, more than 600 rogue applications selected from 20 ‘families’ various malicious malware, malware it is a common and are found everywhere. Environmental testing including Android-based Android emulator 2.3 and two based smartphone Android 2.2 and 4.0. The ability to detect malicious applications are evaluated during the scan, but in some cases (when scanning can not be done by appropriate) experts should perform the analysis manually.

The test results show that even including a paid product, the results are not much different from the previous test results, many free and paid products from vendors who are less well-known and well-known powerless to provide protection in the real world, unable to identify a variety of malware samples. Surprisingly, the six programs do not detect malicious applications at all. For 12 other programs, their detection capabilities are under 40%. Kaspersky Mobile Security is one of the two products successfully detect all malicious programs on Android.

The full results of the evaluation Android protection solutions available in the AV-Test.org website: http://www.av-test.org/fileadmin/pdf/avtest_2012-02_android_anti-malware_report_english.pdf.

Banker Trojan targeting Online Banking Customer Data

Be careful and always be vigilant when using Online Banking service. Because according to the Kaspersky Security Network in last 3 months, banker Trojans detected in about 2,000 computers per day targeting customer data.

Kaspersky Security Network Data says that there are 780 marks a new malicious programs, which targeting sensitive financial information, get into Kaspersky Lab database. This is equal to 1.1% of total malware detected by Kaspersky software.

In January, Kaspersky Lab experts have found Trojan.Banker.MSIL.MultiPhishing.gen designed to steal data such as bank details of customers a variety of bank like Santander, HSBC Bank UK, Metro Bank, Bank of Scotland, Lloyds TSB and Barclays.

Once inside computer, the Trojan will wait for online banking services to start working. This malware will then bring a copy of display format of the bank authorization. To ensure data, Trojan would do checking data entered. In this way the actors managed to obtain confidential information that gives them full access to customer bank accounts.

This Trojan is mainly targeting customers in the UK, with more than 90% antivirus detection. Not only England, banker Trojans is also targeting online banking users around the world. The most frequent targets of this malware are in Brazil (16.9%), followed by Russia (15.8%) and China (10.8%).

Kaspersky Lab warned computer users to be more careful to keep the information secret, and more careful attention to an online format that asks unusual data.