What is Log4Shell and why is it still dangerous a year later?
A year ago, in December 2021, the Log4Shell vulnerability (CVE-2021-44228) in the Apache Log4j library caused a sensation. Although by the spring it was no longer on the front pages of IT media outlets, in November 2022 it reemerged when it was reported that cybercriminals had exploited the vulnerability to attack a US federal agency…
Safely upgrading OT Infrastructure | Kaspersky official blog
Such a statement might at first seem strange – especially from someone who’s been a mover and shaker since the very earliest days of all things viruses and anti-virus in the late eighties and early nineties. However, if you dig a little deeper into the AV (RIP) topic and consult some authoritative sources in the…
Local government cybersecurity: 5 best practices
It seems like not a day goes by where we don’t hear about a local government cyberattack. Indeed, from 911 call centers to public schools, cyberattacks on local governments are as common as they are devastating. Just how often do threat actors attack local governments? A survey of 14 mainly larger US local governments found…
Maui and DTrack malware in the service of Andariel | Kaspersky official blog
Our experts investigated the activity of Andariel, believed to be a subgroup of the Lazarus APT group. Cybercriminals use DTrack malware and Maui ransomware to attack businesses worldwide. As it’s typical for Lazarus, the group attacks for financial gain — this time through ransom demands. Targets of Andariel attacks Our experts concluded that, instead of…
DogWalk and several vulnerabilities in Exchange
With this August patch Tuesday Microsoft fixed more than a hundred vulnerabilities. Some of the vulnerabilities require special attention from corporate cybersecurity personal. Among them there are 17 critical ones, two of which are zero-days. At least one vulnerability has already been actively exploited in the wild, so it would be wise not to delay…
Ransomware protection with Malwarebytes EDR: Your FAQs, answered!
We get a few questions about ransomware protection and how our Endpoint Detection and Response software can protect you from ransomware. In this post, our security experts answer some of your most frequently asked questions about ransomware and how our EDR can help—let’s get started. Q: When considering an EDR solution, what anti-ransomware features should…
Cybersecurity in the TV miniseries Obi-Wan Kenobi | Kaspersky official blog
Obi-Wan Kenobi is set ten years after the proclamation of the Galactic Empire, and nine years before said Galactic Empire left the critical infrastructure facility DS-1 Orbital Battle Station (more commonly known as the Death Star) so scandalously vulnerable that it was attacked and largely destroyed by the Rebel Alliance. I watched the series in…
Demo: Your data has been encrypted! Stopping ransomware attacks with Malwarebytes EDR
It’s no secret that ransomware is one of the most pressing cyber threats of our day. What worse, ransomware gangs have increased their attacks on a range of vulnerable industries, with disruptions to business operations, million-dollar ransom demands, data exfiltration, and extortion. With Malwarebytes Endpoint Detection and Response, however, you can fight—and defeat—advanced ransomware that…
How to choose an XDR vendor | Kaspersky official blog
XDR (Extended Detection and Response) technology has already become one of the most conspicuous in the cybersecurity market. Its main advantage is its comprehensive approach to countering sophisticated cyberattacks. This is achieved by maximizing control over potential entry points and through the use of top-of-the-line tools for incident detection, threat hunting, investigation and response within…
HermeticRansom used as a smokescreen for wiper attacks | Kaspersky official blog
Our researchers analyzed the HermeticRansom malware also known as Elections GoRansom. By and large, this is a fairly simple cryptor. What is interesting in this case is the purpose for which attackers are using it. HermeticRansom goals HermeticRansom attacked computers at the same time as another malware known as HermeticWiper, and based on publicly available…