Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

Search the Community

Showing results for tags 'kaspersky'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Found 115 results

  1. Kaspersky [Medicine-Discussion-Knowledge Base Info] ================================================================= Official Download Links: ---------------------------------------- Kaspersky KAV,KIS,KTS 2017 Inc. Patch D Without Secure Connection [English] http://textuploader.com/d5e91 Download Links: Kaspersky 2017 MR0 Patch d Offline Download Links Digital Signatures from 22 March 2017 [English] Kaspersky 2017 MR0 en-us l KIS or KIS l KAV l KTS5 l KSOS l release notes l ================================================================= Kaspersky 2016 MR1 en-us l KIS l KAV l KTS5 l release notes l Kaspersky 2015 MR2 en-us l KIS l KAV l KTS5 l release notes l Kaspersky 2017 MR0 Other Available Languages Official Download Links Kaspersky 2016 MR1 Other Available Languages Official Download Links If you already had previous version of Kaspersky I strongly suggest to use Removal tool to Uninstall Kaspersky Lab products >>> [More Info & Download Link] KIS/KAV 2014-2015-2016-2017 90 Days OEM Trial Keys: ---------------------------------------------- ================================================================= Kaspersky 2016 Activation Medicine: ----------------------------------- Kaspersky Reset Trial [Multi]: ----------------------------------------- OS: Windows XP, Windows Vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows Server 2003Bit OS: 32 (x86), 64 (x64) Development Team: leo1961 >> , Streamdat, Maksim1876. : ) Interface Screenshots: Supported anti-virus products / Version History Instruction: ------------ Download Link: ------------- Kaspersky Reset Trial ================================================================= Kaspersky Promotions / Giveaways: ============================ Kaspersky Total Security - Multi-Device 90 Days Activation Code Kaspersky Internet Security – Multi-Device 2016 60 days Promotional Key(s) Kaspersky All Product Latest Promotional Giveaways ================================================================= Kaspersky 2015 MR2 >>> ================================================================= Kaspersky Tools/Important Post Replies/Knowledge Base Information's: ------------------------------------------------------------ Kaspersky Small Office Security (5) Final Kaspersky 2015 MR2 (Android) Kaspersky Antivirus & Security Kaspersky 2018 Technical Preview (Beta) ------------------------------------------------------------ Kaspersky Virus Removal Tool [Free] Some Useful Kaspersky Product Tools Kaspersky 2017 Dark Skin How to Stop and Disable Kaspersky 2017/2018 Secure Connection How to disable daily trial notification in Kaspersky 2018 v18.0.0.x products [KTS/KIS/KAV] How to disable daily trial notification in Kaspersky 2017 v17.0.0.x products [KTS/KIS/KAV] Kaspersky prevents the opening of some sites and Google Search How to restore default settings -Import-Export Setting in Kaspersky Kaspersky Extract Code by leo1961 How to manually install Kaspersky Beta Patch Disable registration requirement in Kaspersky 2016 v16.0.1.x products [KTS-KIS-KAV] How to create exclusion rules in Kaspersky Kaspersky Trial is expired and disable and Self-Defense function not available Kaspersky 2016 Official Useful Info's - Tips - Instructions How to block Internet access using Firewall How to configure Kaspersky Internet Security 2016 for better performance of your computer How to configure Automatic Exploit Prevention in Kaspersky Internet Security 2016 How to change the network status How to disable news/promotional notification How To Disable Last License Notification Time Kaspersky 2016 Private Browsing [New Feature] & Pop Up Blocking Option Version designations of Kaspersky How to enable or disable downloading new versions of Kaspersky Migration Upgrading Between Kaspersky 2016 Product KIS-KAV-KTS Compatibility of Kaspersky Anti-Virus and Comodo Firewall How To Gather Offline Databases From Previous Installed Kaspersky Products How To activate Kaspersky & Bypass Region Mismatch Error Kaspersky Small Office Security Final How to use .lic file to activate Kaspersky Product & activation backup / restore Kaspersky application automatically downloads new version and installs it on top of the current one Kaspersky Rescue Disk 10.x.xx.xx [updated every Sunday] Kaspersky Anti-Virus 2016 for free for three months [French Promotion] Kaspersky Free Anti-Virus (KFA) / 365 2016 MR1 [EN Localization] ================================================================= november_ra1n 17 July 2015 =================================================================
  2. Kaspersky Endpoint Security 10 Service Pack 2 for Windows Kaspersky Endpoint Security 10 Support >>> hOMEPAGE: http://aes.kaspersky-labs.com/english/endpoints/kes10windows/ Kaspersky Endpoint Security 10 SP2 English Download Link: AES256 encryption (English) http://aes.kaspersky-labs.com/english/endpoints/kes10windows/kes10winsp2_en_aes256.exe ES56 encryption (English) http://aes.kaspersky-labs.com/english/endpoints/kes10windows/kes10winsp2_en_aes56.exe Other Languages Download Links: Other Languages Download Links: http://aes.kaspersky-labs.com/ Release Notes: Kaspersky Endpoint Security 10 Service Pack 2 for Windows Version 03/28/2017 How to activate using key files: 1. Click License Tab on the left corner 2. Click red cross delete the existing trial or block keys. 3. Hit Activate the application under a new license 4. Click activate with a key file and browse the key file Next to activate How to renew activation code for Kaspersky Endpoint Security 10 for Windows Activate Via Key File: https://support.kaspersky.com/us/13085#block1 MEDICINE: Key file download Links see the topic reply there --> How to Activate Via Key File
  3. Kaspersky Lab is announcing the beta testing of Kaspersky Anti-Ransomware tool. Testing is scheduled for 09/08/2016 - 31/12/2016 Kaspersky Anti-Ransomware Tool for Business is a program designed to protect the users’ computers from known malware of ransomware type. KEY FEATURES • Freeware and lightweight solution • Ransomware detection close to premium business product (KES for Windows) • Protection technologies: File AV (KSN based) + System watcher • Compatible with 3rd party Endpoint security solutions • Most popular client OS support: Win 7-10 (Including Anniversary Update) • Email reports on detection to Administrator LIMITATIONS • No central management (remote silent install, configuration) • No technical support (forum support for public beta will be available) • Localizations: English only DOWNLOADTo download product you need to perform initial registration.Please kindly visit the following site and perform all registration steps:https://go.kaspersky.com/Anti-ransomware-tool.html More info: https://forum.kaspersky.com/index.php?showtopic=355273 & http://www.kaspersky.com/about/news/product/2016/kaspersky-anti-ransomware-tool-available-free-of-charge-for-businesses
  4. Microsoft has already made some changes to address complaints, Kaspersky says Security vendor Kaspersky Lab won’t file a complaint against Microsoft for its antivirus practices in Windows 10, as the software company has made changes to address a number of reported problems, founder and Chief Executive Eugene Kaspersky was quoted as saying by Reuters. In a blog post published last November, Kaspersky accused Microsoft of abusing its dominant position in the software market to push Windows Defender as the preferred antivirus solution in Windows 10, while also explaining that users end up being exposed to security risks due to some third-party security products being removed when updating to newer OS releases. Kaspersky called Microsoft’s approach abusive, describing how Windows Defender is automatically enabled on a Windows system when licenses for their third-party antivirus are close to coming to an end. “It’s a big deal because this is the crucial period during which a significant number of users seek extensions of their security software licenses. And if a user forgets to renew a license, then Microsoft deactivates the existing AV, and turns on Defender,” he said. Microsoft makes changes to address complaints It turns out, however, that Microsoft has contacted Kaspersky and the two companies worked together on a number of improvements that are already implemented, though no specifics on this have been provided. “They are listening to us and they made a few changes. It's an ongoing process. Of course if Microsoft agrees to all our requests we will not file it,” Kaspersky said. Although Kaspersky now says that no antitrust complaint would be submitted to the European Commission, his initial announcement in late 2016 revealed some antitrust bodies had already been notified. “We’ve taken the decision to address official bodies in various countries (including the EU and Russia) with a request to oblige Microsoft to cease its violation of anti-competition legislation and to remove the consequences of that violation,” he said at that point. Microsoft hasn’t yet issued a statement on the possible collaboration with Kaspersky, and the European Commission also refused to confirm whether a complaint was received or not. Source
  5. https://translate.yandex.com/translate?url=http%3A%2F%2Fe-kaspersky.livejournal.com%2F371109.html&lang=ru-en
  6. Kaspersky Small Office Security (5) Final Kaspersky Small Office Security 5 Build: Date: 7/4/2016 More Screenshots: Release Notes WHAT'S NEW IN KASPERSKY SMALL OFFICE SECURITY Download Links: ============== Kaspersky KAV,KIS,KTS,KSOS 2017 Inc. Patch D Without Secure Connection ENG http://textuploader.com/d5e91 Thanks to @vkarthik posting files.. : ) Offline Download Links [All Available Languages]: https://www.kaspersky.com/small-business-security/downloads/small-office-security ============================================================================ Medicine: Kaspersky Reset Trial [Multi] see the link in dedicated Kasperksy Topic posted there --> ============================================================================ KSOS 5 --> 90 days Trial Keys 5 Device: ============================================================================
  7. Details regarding the investigation are murky, but according to the Russian newspaper who quotes anonymous sources, Stoyanov was involved in facilitating the transfer of funds from foreign companies to Mikhailov's accounts. According to Stoyanov's LinkedIn account, before serving as Head of the Computer Incidents Investigation Team at Kaspersky, he worked as Deputy Director for a company called Indrik, but also as a Major in the Ministry of Interior's Cyber Crime Unit. In the past few years, Kaspersky Lab has worked very closely with Russian authorities to track down and help authorities arrest criminals spread across Russia. The most recent high-profile arrests where Kaspersky collaborated with Russian law enforcement includes the apprehension of over 50 individuals in May 2016, tied to the creation of the Lurk banking trojan and the Angler exploit kit. Article source
  8. Kaspersky is moving to fix a bug that disabled certificate validation for 400 million users. Discovered by Google's dogged bug-sleuth Tavis Ormandy, the flaw stems from how the company's antivirus inspects encrypted traffic. Since it has to decrypt traffic before inspection, Kaspersky presents its certificates as a trusted authority. If a user opens Google in their browser, for example, the certificate will appear to come from Kaspersky Anti-Virus Personal Root. The problem Ormandy identified is that those internal certificates are laughably weak. "As new leaf certificates and keys are generated, they're inserted using the first 32 bits of MD5(serialNumber||issuer) as the key ... You don't have to be a cryptographer to understand a 32bit key is not enough to prevent brute-forcing a collision in seconds. In fact, producing a collision with any other certificate is trivial," he writes here. Ormandy's bug report gave, by way of demonstration, a collision between Hacker News and manchesterct.gov: "If you use Kaspersky Antivirus in Manchester, Connecticut and were wondering why Hacker News didn't work sometimes, it's because of a critical vulnerability that has effectively disabled SSL certificate validation for all 400 million Kaspersky users." Kaspersky fixed the issue on December 28. Source
  9. At last – we’ve done it! I’ve anticipated this day for ages – the day when the first commercially available mass market hardware device based our own secure operating system landed on my desk. And here she is, the beaut. This unassuming black box is a protected layer 3 switch powered by Kaspersky OS and designed for networks with extreme requirements for data security. And there’s plenty more in the pipeline where this came from too, meaning the tech will be applied in other Internet-connected bits of kit, aka the Internet of Things (IoT). Why? Because this OS just so happens to be ideal for applications where a small, optimized and secure platform is required. The operating system boasts several distinctive features. Let me run through the main ones briefly… First, it’s based on microkernel architecture, which allows to assemble ‘from blocks’ different modifications of the operating system depending on a customer’s specific requirements. Second, there’s its built-in security system, which controls the behavior of applications and the OS’s modules. In order to hack this platform a cyber-baddie would need to break the digital signature, which – any time before the introduction of quantum computers – would be exorbitantly expensive. Third, everything has been built from scratch. Anticipating your questions: not even the slightest smell of Linux. All the popular operating systems aren’t designed with security in mind, so it’s simpler and safer to start from the ground up and do everything correctly. Which is just what we did. And just the other day we celebrated the birth of this new OS! The very first meeting held regarding this project took place 14 (fourteen!) years ago almost to the day – on November 11! Not that we’ve been diligently coding and testing since then; in that amount of time with sufficient resources you could see several projects through to the end and update and improve them all several times over! No, in the first several years not a single line of code was written. We met from time to time, discussed technical details, architecture, and drew pretty pictures on large sheets of paper. Then we built up a team – very slowly, since OS specialists are few and far between. And onwards we move, slowly but surely. Fast forward several years, and today we aren’t simply celebrating the latest team discussion, but our first commercial hardware device actually ready! November 11 is of course easy to remember as it’s 11-11. Which is birthday of our big, ambitious project. Indeed, within the company the project is known simply as ’11-11′. 14 years is a serious age for any project. Looking back it seems so quaint now how at the start we argued about the architecture and the basic parameters of the future OS and felt a little bit like… alchemists with compasses trying to make squares out of circles. The question to which we were searching for an answer was this: how can we build an operating system that will be impossible to hack in principle? Is it possible in practice? Meanwhile, all around this alchemy folks were fairly astonished: just what were we thinking? We’d decided to make an unhackable platform and ruin our other security business model?! Indeed, we were often asked why such an OS is really necessary. Here’s why: Once, cyberthreats targeting critical infrastructure, telecoms and other modern-life-essential systems looked mostly like science fiction. No one – besides us paranoids (actually, and also the most advanced hackers, cyber-spies and cyber-militaries) really had any idea that data security could directly affect physical security. Nor were they aware that literally all digital systems in existence around the world can be hacked. After all, we started our project long before Stuxnet, and even before Die Hard 4, where the cyber-baddies hacked and wrecked critical infrastructure. But as time has passed the general level of understanding of the threats has gradually – and increasingly conspicuously – risen… The serious problem of security of critical infrastructure started to be discussed at high-profile international conferences. Then, gradually, the topic started to spread into the imaginations of Hollywood (Die Hard 4, Skyfall…). Next, literally in the last year to 18 months, attention has risen still further – exponentially – to finally make the topic of cybersecurity one of the main topics at various top-level international summits and meetings of world leaders. Meanwhile, quietly in the background all this time, alchemists KL experts were toiling away in their workshops edging ever nearer to the unveiling of our very own OS! We realized that the operating system needed to have lots of different applications. First, it should provide a basis for the development of protected industrial control systems. Second, it should provide a basis for the development of protected embedded devices, including the IoT. Btw, the recent DDoS attack on Dyn’s DNS servers, which brought down sites like Amazon and Twitter, was carried out by a botnet that had infected ‘smart’ (actually, rather stupid:) devices like IP-cameras. The attack generated an astounding 1.2 terabytes a second – the biggest DDoS in history. So, I’m hoping it’s obvious by now how protecting the IoT and, of course, critical infrastructure (industry, transport, telecoms, etc.) from IT threats is simply mandatory. I also hope it’s clear that it’s better – no matter how difficult – to build IoT/infrastructure devices from the very beginning in such a way that hacking them is practically impossible. Indeed, that is a fundamental goal with Kaspersky OS. That was all mostly a teaser really. Coming up soon – more details about our secure operating system. Article source
  10. Antivirus Firm Kaspersky launches Its Own Secure Operating System The popular cyber security and antivirus company Kaspersky has unveiled its new hack-proof operating system: Kaspersky OS. The new operating system has been in development for last 14 years and has chosen to design from scratch rather than relying on Linux. Kaspersky OS makes its debut on a Kraftway Layer 3 Switch, CEO Eugene Kaspersky says in his blog post, without revealing many details about its new operating system. The Layer of 3-switch is the very first tool for running the Kaspersky OS, which is designed for networks with extreme requirements for data security and aimed at critical infrastructure and Internet of Things (IoT) devices. What's new in Kaspersky OS than others? Kaspersky OS is based on Microkernel Architecture: The new secure OS is based on microkernel architecture that enables users to customize their own operating system accordingly. So, depending on a user's specific requirements, Kaspersky OS can be designed by using different modifications blocks of the operating system. Kaspersky OS is non-Linux: Yes, one of the three major distinctive features of the new OS mentioned by Kaspersky is that the GUI-less operating system has been constructed from scratch and does not contain "even the slightest smell of Linux." But what makes Kaspersky OS Hack-Proof? It is the operating system's inbuilt security system. Yes, Kaspersky OS inbuilt security system has the ability to control the behavior of applications and the OS modules. Kaspersky OS claims itself as practically unhackable OS, because for gaining unauthorized access, any hacker would need to break the digital signature of an account holder, which is possible only with a quantum computer. Kaspersky talked about the recent DDoS attacks that affected numerous websites in past few months. He guaranteed that Kaspersky OS would protect devices, such as industrial control systems, SCADA or ICS, and IoTs, from cyber attacks. The most severe one was the recent massive DDoS attack on Dyn's DNS servers, which knock down popular sites like Amazon and Twitter. The attack was carried out by Mirai botnets that had infected smart devices like security cameras. So, Kaspersky says it is mandatory to protect the IoT and other critical infrastructure (like industry, transport, and telecoms) from IT threats. More details about Kaspersky's secure operating system is coming soon. Stay Tuned! Source
  11. Case “opened” against Microsoft, FAS Russia announces Microsoft’s problems in Russia continues, as the Federal Antimonopoly Service has decided to start an investigation against the Redmond-based software giant amid claims of unfair practices regarding antivirus software in Windows 10. Russian-based security company Kaspersky complained that Microsoft is abusing of its dominant position by forcing users to stick with Windows Defender in Windows 10, while also implementing changes that impact the adoption of third-party software. Founder Eugene Kaspersky explained that Microsoft has reduced the period of time the company offered to software developers for testing purposes from 2 months to 7 days, and this led to many security apps being flagged as incompatible and replaced with Windows Defender. The Federal Antimonopoly Service (FAS) is now investigating these claims, explaining that Microsoft might violate Part 1, Article 10 of the Federal Law regulating protection of competition. The law “prohibits actions (omissions) of an economic dominant with the dominant position that lead or can lead to preventing, restricting, eliminating competition and (or) infringing the interests of other persons (economic entities) in business activities or consumers at large.” Equality for all companies in Russia Russia says that it’ll look into accusations as it wants “equal conditions” for all companies doing business in the country. “Since Microsoft itself develops antivirus software - Windows Defender that switches on automatically if third-party software fails to adapt to Windows 10 in due time, such actions lead to unreasonable advantages for Microsoft on the software market. Our task is to ensure equal conditions for all participants on this market,” Deputy Head of FAS Anatoly Golomolzin explained in a statement. This isn’t Microsoft’s only problem in Russia, as the government has recently announced that it would ban LinkedIn, the service that Redmond purchased earlier this year, after it failed to move user data on local servers and comply with Russian laws. Furthermore, Microsoft is at the center of Russia’s push off foreign software, with President Vladimir Putin himself seeing the software giant as a main threat to national security, as he believes that products such as Windows and Office could be used by other governments to spy on the country. Microsoft hasn’t yet issued a statement on Kaspersky’s claim or on this investigation started by Russia, but we’ve already contacted the company and we’ll update the article when an answer is received. Article source Kaspersky vs Windows Defender
  12. Russian antivirus vendor Kaspersky Lab has asked antitrust regulators in various countries (including the European Union and Russia) to make Microsoft stop giving an unfair advantage to Windows Defender. Microsoft is making it hard for independent virus vendors to compete with Windows Defender, Microsoft’s own antivirus application built-in to Windows 8 and Windows 10, according to founder of Kaspersky Lab, Eugene Kaspersky. For example, when users upgraded to Windows 10, their own antivirus product was disabled and Windows Defender was enabled by default. Another showcase of Microsoft’s way of making it harder to compete is that antivirus companies only received a week to make their antivirus software compatible with Windows 10. And even when the antivirus software was compatible, Windows Defender would be enabled nevertheless. If Windows Defender was disabled (and other antivirus software was running) it would show a warning, asking the user to uninstall their antivirus software and to turn on Windows Defender. Kaspersky argues that many users would think, “well, it’s from Microsoft – the people who make the OS; must be good; no harm in turning it on for sure”. Another complaint Kaspersky has is that Microsoft has limited the possibilities antivirus companies have to warn users that their license is about to expire. Microsoft only allows a warning in the Windows Security Center, which normally users hardly ever read. If the user doesn’t timely extend his license, the antivirus software is disabled and Windows Defender is activated. Kaspersky also criticizes the fact that Microsoft has limited the number of virus scanners users can have on a single system. One antivirus application is normally allowed, except for Microsoft’s own Windows Defender. Even when another antivirus application is installed, Windows Defender will occasionally become active and again ask the user to turn on Windows Defender and uninstall other antivirus applications. And all of it is not even beneficial to the user. “Defender gives by far not the best experience, but a below average one in the market,” Kaspersky writes in a blog titled, ‘That’s It. I’ve Had Enough!’ He also has an idea what Microsoft is up to, “The trend is clear: Microsoft is gradually squeezing independent developers out of the Windows ecosystem if it has its own application for this or that purpose.” Kaspersky goes on stating, “The company’s [Microsoft’s] intentions are easy to work out: (i) to try and get everyone to head over to the Windows Store; (ii) to levy an additional tax on independent developers; (iii) to strictly control who can do what; (iv) to suppress the competition with standardization and regulation; and (v) to further gradually take over the whole ecosystem – all to provide stable growth of profits. Put another way – to have a totalitarian/police-state platform in which there’s no place for independent developers or freedom of choice for users.” Kaspersky Lab has therefore decided to take action, “We’ve taken the decision to address official bodies in various countries (including the EU and Russia) with a request to oblige Microsoft to cease its violation of anti-competition legislation and to remove the consequences of that violation.” The company wants Microsoft to provide new versions and updates of Windows to independent developers in good time so they can maintain compatibility of their software to Windows. It also wants to force Microsoft to explicitly inform the user of the presence of incompatible software before upgrading Windows and to recommend the user to install a compatible version of the software after the upgrade and to always explicitly ask the user for his/her approval to enable Windows Defender. Also other antivirus vendors are unhappy according to Kaspersky, “Despite Microsoft slowly killing off the independent security industry, so far, we’re the only ones who have bitten the bullet and decided to say something about this publicly.” Kaspersky also warns that not only security companies should be worried about Microsoft’s business tactics, also other software developers on the Windows platform are in danger. Therefore Kaspersky calls for all independent software developers to “form an united front and all fight together”. Article source
  13. If you refuse to pay up, the malware vanishes from your PC -- but leaves everything fully encrypted. Kaspersky has released a decryption tool for the Polyglot ransomware to assist victims in recovering their files without giving in and paying a fee. On Monday, the cybersecurity firm launched the free tool (.ZIP), which is suitable for the Polyglot Trojan which is also known as MarsJoke, a strain which has been linked to attacks on government targets. Ransomware is a particularly nasty kind of malware which has hit the headlines over the past year after targeting victims including businesses, hospitals and universities. What makes the malware strain particularly devastating -- for organizations and the general public alike -- is its ability to take away access to files and content stored on a compromised machine. Once ransomware such as MarsJoke, Cerber or CTB-Locker is downloaded and executed -- often finding its way onto a PC through phishing emails or malicious links -- the ransomware encrypts files and in some cases, full hard drives. Once the victim can no longer access their machine, a holding page informs them that they must pay a "fee" in return for a decryption key which will release their content back to them. Polyglot infects PCs through spam emails which have malicious RAR archives attached. When infecting a machine, this family of ransomware blocks access to files and then replaces the victim's desktop wallpaper with the ransom demand, which is made in virtual currency Bitcoin. Many types of ransomware will simply sit on the machine for the payment to be made. However, Polyglot insists on a payment deadline and if the blackmail fails and no money is sent to the operators, the malware will delete itself -- leaving behind a machine with encrypted files and no way to retrieve them. Until now, at least. Kaspersky's tool will decrypt these machines and unlock user data. According to the security firm, although Polyglot looks similar to the severe CTB-Locker ransomware, the malware uses a weak encryption key generator. On a standard home PC, it takes less than a minute to brute-force the full set of possible Polyglot decryption keys -- which gives you an idea of actually how weak the malware is. This weakness also provided a path for Kaspersky to exploit to create the decryption tool. Anton Ivanov, senior malware analyst at Kaspersky Lab commented: If you are suffering from a different type of ransomware, it is worth checking out the No More Ransom project to see which decryption tools are available to you. The project is a joint initiative between Kaspersky Lab, the National High Tech Crime Unit of the Netherlands' police, Europol's European Cybercrime Centre and Intel Security, designed to help users recover their data without giving into the cybercriminals and paying up. Article source
  14. UK Banking Chief Raises Concerns Over Security Of Biometric Authentication Kaspersky Lab research finds 12 skimmers for sale that steal fingerprints, could pose threats to ATM banking Biometric data is increasingly playing a strategic role in end-user authentication, and banking regulators in the UK are concerned just how secure it might be in light of a recent report by Kaspersky Lab. In an investigation into underground cybercrime, Kaspersky found at least 12 sellers offering ATM skimmers capable of stealing fingerprints. Furthermore, Kaspersky identified three underground sellers researching devices that could obtain data from palm vein and iris recognition systems. The report drew the attention of the UK's Treasury Select Committee, which oversees treasury, revenue and customs, and the Bank of England. The committee's chief, Andrew Tryie, is asking banking regulators to look into consequences surrounding stolen biometric data. In a letter to industry and government, he said, "Banks and regulators will need to plan for what they will do if biometric details are lost and/or illegally obtained by third parties." He asked regulators if they shared his concerns, and he went on to say plans would need to be developed to deal with customers who may be victims of biometric hacks. The main concern with biometric identifiers is that they cannot be revoked and replaced by a new identifier like in the case of a stolen password. The concern is real in the US where 5.6 million fingerprint records were stolen during the breach of the United States Office of Personnel Management in the summer of 2015. US agencies created a working group to see how cyber attackers could use fingerprint data. This group includes the FBI, Department of Homeland Security, Department of Defense, and other members of the intelligence community. "The problem with biometrics is that unlike passwords or pin codes, which can be easily modified in the event of compromise, it is impossible to change your fingerprint or iris image," Olga Kochetova, security expert at Kaspersky Lab, said in a release surrounding the Kaspersky investigation. "Thus, if your data is compromised once, it won't be safe to use that authentication method again. That is why it is extremely important to keep such data secure and transmit it in a secure way." Kaspersky Lab also reported discussions in underground communities regarding development of mobile applications that rely on placing masks over a human face. With such an app, attackers can take a person's photo posted on social media and use it to fool a facial recognition system, the report said. Source
  15. Hack a rival? We're not cool with that, says Russian AV titan Kaspersky Lab is the first big vendor to publicly rip up its contract with disgraced security reseller Quadsys in the wake of the hacking scandal that the company’s bosses recently admitted to. On 22 July, Quadsys owner Paul Streeter, MD Paul Cox, director Alistair Barnard, account manager Steve Davis and security consultant Jon Townsend pleaded guilty to securing unauthorised access to computer material, contrary to section 1 of the Computer Misuse Act 1990. The five were charged in summer 2015 with hacking into a rival’s database to plunder customer information and pricing details. Sentencing is set for 9 September but ahead of that, Kaspersky Lab has distanced itself from Quadsys, which was accredited as a Kaspersky Gold partner, the vendor’s top tier certification. “One of the company’s key assets is its credibility in the eyes of its clients,” a spokeswoman at the Russian-headquartered antivirus business told us after we’d sent a bunch of questions to CEO Eugene Kaspersky. “We are committed to business ethics and adhere to the highest standards of transparency in all areas of our business and as such, we have terminated our business relationship with Quadsys,” she added. El Reg asked Kaspersky when it ripped up the contract but the company was unable to immediately confirm this. Sophos, another company that awarded Quadsys a high-level certification, was less than forthcoming about its relationship with the reseller when we asked if it wanted to continue recommending customers buy from an organisation run by directors who hacked a rival. The company told us “Sophos isn’t able to comment on this at this time”. Sophos had actually promoted Quadsys to its platinum certification on 1 August, just nine days after the Quadsys Five pleaded guilty at Oxford Crown Court, according to Quadsys' own Twitter feed. Similarly, we put questions to Intel Security but have yet to hear back from head of PR for EMEA, Michelle Spencer. We were unable to find Quadsys on Intel Security’s official ‘find a partner’ web tool which lists suppliers to buy from. We are awaiting comment from Quadsys. Article source
  16. Good day nsaners, I'm looking for a dark theme for Kaspersky Total Security (Latest version) v17.0.0.611 if anyone knows of one it would be much appreciated , Thanks
  17. Kaspersky fixes three DoS flaws, one information leak bug Russian security vendor Kaspersky Lab has recently patched four vulnerabilities in its flagship product, the Kaspersky Internet Security Suite, which allowed attackers to crash the antivirus and disclose information from the computer's memory. The Cisco Talos team has identified these four issues (CVE-2016-4304, CVE-2016-4305, CVE-2016-4306, and CVE-2016-4307) affecting the product's KLIF, KLDISK and KL1 drivers, used to interact with underlying Windows APIs. One bug is an information disclosure vulnerability, and the other three are DoS (Denial of Service) issues that crash the application. DoS bugs are considered annoying at best and are low-priority security issues in most software applications, but this doesn't apply to antivirus engines (or "security systems," since nobody calls them antiviruses anymore). "Although these vulnerabilities are not particularly severe, administrators should be aware that security systems can be used by threat actors as part of an attack, and keep such systems fully patched," the Cisco Talos team notes in their advisory. DoS bugs can have serious consequences in AV products An attacker who can run code on a machine with the Kaspersky antivirus installed could feed the antivirus malicious code that could crash the security product, which would allow them to run further malicious code without the antivirus blocking their actions. The information leak bug could also be used to leak data from the memory and gain details about where certain processes are executing, data needed to plan further attacks and craft targeted exploits. Kaspersky has addressed all issues with updates to its Internet Security Suite. Earlier this month, at the Black Hat USA 2016 security conference in Las Vegas, Kaspersky announced it was starting a bug bounty program that would reward security researchers for finding and privately disclosing security bugs in its software. Kaspersky's decision was overshadowed by Apple's similar announcement, the Cupertino tech giant announcing a bug bounty program of its own. Article source
  18. There are many different ways to get a strong password – there are online password generators (like the Norton password generator), there are offline password generators tools (like our PassGen tool), some of the web browsers like Google Chrome come with an automatic password suggestion feature and then there are smartphone apps that can generate passwords for you. On top of all these, you can also manually make your own password by following a set of rules (for example, use a password of at least 8-12 characters long, use mixed case letters, numerals and special characters, do not repeat characters and do not use the dictionary words). But how would you know if the password that you have created is really strong enough to withstand the brute-force attacks by the powerful modern processors. While you are patting your back at successfully making up a password that you think is very strong, the password could be easily brute-forced even by the cheapest notebook computers. An easy way to get an idea of the strength of your password is by using the Kaspersky Secure Password Check web app. On this web app, all you have to do is enter your password and it will tell you of the password security and if it suffers from some known problems (like dictionary words or repeated letters). However, Kaspersky Secure Password Check web page warns you not to enter your actual password as the service exists only for educational purpose (to learn how to get the securest and strongest passwords). On the top it displays how much time an average home computer will take to crack down your password. At the bottom, it displays a colorful bar chart about how much time it will take for various systems to brute-force your password. It shows the time duration that would be taken by now-discontinued 1980’s computer, by Macbook Pro, by Conficker botnet and by Tianhe 2 -the most powerful supercomputer in the world. You can use Secure Password Check tool to understand the basics of password security like how many characters you should use, the character set you should use, whether repeated or common known passwords reduce password security, whether dictionary words make the password weaker and so on. Visit the Kaspersky Secure Password Check. Article source
  19. Beginning more than a decade ago, one of the largest security companies in the world, Moscow-based Kaspersky Lab, tried to damage rivals in the marketplace by tricking their antivirus software programs into classifying benign files as malicious, according to two former employees. They said the secret campaign targeted Microsoft Corp (MSFT.O), AVG Technologies NV (AVG.N), Avast Software and other rivals, fooling some of them into deleting or disabling important files on their customers' PCs. Some of the attacks were ordered by Kaspersky Lab's co-founder, Eugene Kaspersky, in part to retaliate against smaller rivals that he felt were aping his software instead of developing their own technology, they said. "Eugene considered this stealing," said one of the former employees. Both sources requested anonymity and said they were among a small group of people who knew about the operation. Kaspersky Lab strongly denied that it had tricked competitors into categorizing clean files as malicious, so-called false positives. "Our company has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing," Kaspersky said in a statement to Reuters. "Such actions are unethical, dishonest and their legality is at least questionable." Executives at Microsoft, AVG and Avast previously told Reuters that unknown parties had tried to induce false positives in recent years. When contacted this week, they had no comment on the allegation that Kaspersky Lab had targeted them. The Russian company is one of the most popular antivirus software makers, boasting 400 million users and 270,000 corporate clients. Kaspersky has won wide respect in the industry for its research on sophisticated Western spying programs and the Stuxnet computer worm that sabotaged Iran's nuclear program in 2009 and 2010. The two former Kaspersky Lab employees said the desire to build market share also factored into Kaspersky's selection of competitors to sabotage. "It was decided to provide some problems" for rivals, said one ex-employee. "It is not only damaging for a competing company but also damaging for users' computers." The former Kaspersky employees said company researchers were assigned to work for weeks or months at a time on the sabotage projects. Their chief task was to reverse-engineer competitors' virus detection software to figure out how to fool them into flagging good files as malicious, the former employees said. The opportunity for such trickery has increased over the past decade and a half as the soaring number of harmful computer programs have prompted security companies to share more information with each other, industry experts said. They licensed each other's virus-detection engines, swapped samples of malware, and sent suspicious files to third-party aggregators such as Google Inc's (GOOGL.O) VirusTotal. By sharing all this data, security companies could more quickly identify new viruses and other malicious content. But the collaboration also allowed companies to borrow heavily from each other's work instead of finding bad files on their own. Kaspersky Lab in 2010 complained openly about copycats, calling for greater respect for intellectual property as data-sharing became more prevalent. In an effort to prove that other companies were ripping off its work, Kaspersky said it ran an experiment: It created 10 harmless files and told VirusTotal that it regarded them as malicious. VirusTotal aggregates information on suspicious files and shares them with security companies. Within a week and a half, all 10 files were declared dangerous by as many as 14 security companies that had blindly followed Kaspersky's lead, according to a media presentation given by senior Kaspersky analyst Magnus Kalkuhl in Moscow in January 2010. When Kaspersky's complaints did not lead to significant change, the former employees said, it stepped up the sabotage. INJECTING BAD CODE In one technique, Kaspersky's engineers would take an important piece of software commonly found in PCs and inject bad code into it so that the file looked like it was infected, the ex-employees said. They would send the doctored file anonymously to VirusTotal. Then, when competitors ran this doctored file through their virus detection engines, the file would be flagged as potentially malicious. If the doctored file looked close enough to the original, Kaspersky could fool rival companies into thinking the clean file was problematic as well. VirusTotal had no immediate comment. In its response to written questions from Reuters, Kaspersky denied using this technique. It said it too had been a victim of such an attack in November 2012, when an "unknown third party" manipulated Kaspersky into misclassifying files from Tencent (0700.HK), Mail.ru (MAILRq.L) and the Steam gaming platform as malicious. The extent of the damage from such attacks is hard to assess because antivirus software can throw off false positives for a variety of reasons, and many incidents get caught after a small number of customers are affected, security executives said. The former Kaspersky employees said Microsoft was one of the rivals that were targeted because many smaller security companies followed the Redmond, Washington-based company's lead in detecting malicious files. They declined to give a detailed account of any specific attack. Microsoft's antimalware research director, Dennis Batchelder, told Reuters in April that he recalled a time in March 2013 when many customers called to complain that a printer code had been deemed dangerous by its antivirus program and placed in "quarantine." Batchelder said it took him roughly six hours to figure out that the printer code looked a lot like another piece of code that Microsoft had previously ruled malicious. Someone had taken a legitimate file and jammed a wad of bad code into it, he said. Because the normal printer code looked so much like the altered code, the antivirus program quarantined that as well. Over the next few months, Batchelder's team found hundreds, and eventually thousands, of good files that had been altered to look bad. Batchelder told his staff not to try to identify the culprit. "It doesn't really matter who it was," he said. "All of us in the industry had a vulnerability, in that our systems were based on trust. We wanted to get that fixed." In a subsequent interview on Wednesday, Batchelder declined to comment on any role Kaspersky may have played in the 2013 printer code problems or any other attacks. Reuters has no evidence linking Kaspersky to the printer code attack. As word spread in the security industry about the induced false positives found by Microsoft, other companies said they tried to figure out what went wrong in their own systems and what to do differently, but no one identified those responsible. At Avast, a largely free antivirus software maker with the biggest market share in many European and South American countries, employees found a large range of doctored network drivers, duplicated for different language versions. Avast Chief Operating Officer Ondrej Vlcek told Reuters in April that he suspected the offenders were well-equipped malware writers and "wanted to have some fun" at the industry's expense. He did not respond to a request on Thursday for comment on the allegation that Kaspersky had induced false positives. WAVES OF ATTACKS The former employees said Kaspersky Lab manipulated false positives off and on for more than 10 years, with the peak period between 2009 and 2013. It is not clear if the attacks have ended, though security executives say false positives are much less of a problem today. That is in part because security companies have grown less likely to accept a competitor's determinations as gospel and are spending more to weed out false positives. AVG's former chief technology officer, Yuval Ben-Itzhak, said the company suffered from troves of bad samples that stopped after it set up special filters to screen for them and improved its detection engine. "There were several waves of these samples, usually four times per year. This crippled-sample generation lasted for about four years. The last wave was received at the beginning of the year 2013," he told Reuters in April. AVG's chief strategy officer, Todd Simpson, declined to comment on Wednesday. Kaspersky said it had also improved its algorithms to defend against false virus samples. It added that it believed no antivirus company conducted the attacks "as it would have a very bad effect on the whole industry." "Although the security market is very competitive, trusted threat-data exchange is definitely part of the overall security of the entire IT ecosystem, and this exchange must not be compromised or corrupted," Kaspersky said. Article source
  20. Four-year build results in OS that aims to secure industrial control systems, мы думаем Kaspersky Labs has finished building its eponymously-named operating system after four years of quiet development. Little information about the OS has made it onto the English-speaking side of the internet. Kaspersky Labs Russia told Vulture South to wait a few weeks for the English press release for information. What we do know is that in 2012 ebullient Kaspersky Lab chief executive officer Eugene Kaspersky described the OS as a ground-up build to help protect industrial control systems. A more detailed paper published at the time revealed it would be designed to help protect infrastructure like power stations, electricity grids, and telecommunications networks. The paper described the need to protect industrial control systems with a ground-up built operating system and outlined the following design criteria: The operating system cannot be based on existing computer code; therefore, it must be written from scratch. To achieve a guarantee of security it must contain no mistakes or vulnerabilities whatsoever in the kernel, which controls the rest of the modules of the system. As a result, the core must be 100 percent verified as not permitting vulnerabilities or dual-purpose code. For the same reason, the kernel needs to contain a very bare minimum of code, and that means that the maximum possible quantity of code, including drivers, needs to be controlled by the core and be executed with low-level access rights. In such an environment there needs to be a powerful and reliable system of protection that supports different models of security. Cobbled-together translations (Russian speakers may enjoy more detailed reading on Vedomosti.ru) paint a of a hardened operating system that allows users to control the level of process execution in industrial control systems, hospital equipment, and internet-of-things things. It appears the operating system has been deployed in routers manufactured by Russian outfit Kraftway, a company that seems to sell into various industrial control system markets, and verticals including government, healthcare, and education. It has been compared to Cisco's IOS and Huawei's VRP operating systems. Russian coverage of KasperskyOS indicates a batch of 1000 of the new Kraftway routers has been produced costing up to US$3082 (£2342, A$4035) a unit. Article source
  21. Security vendor that detected and analyzed Equation Group malware says The Shadow Brokers leak is authentic The Shadow Brokers are selling legitimate Equation Group malware Kaspersky confirmed today that the malware samples leaked on GitHub over the weekend by The Shadow Brokers are the real deal and presents similarities with the malware samples they analyzed from the Equation Group back in February 2015. The devil is in the details, they say, and for this particular case, Kaspersky Lab's Global Research & Analysis Team (GReAT) says the principal factor that led them to this conclusion was the presence of RC5 and RC6 encryption algorithms inside the malware dumped by The Shadow Brokers. Kaspersky notes that during the past years, only the Equation Group has used these two algorithms inside their malware. Clues: RC5, RC6, and coding patterns During their initial analysis of the Equation Group malware, Kaspersky said it found 20 different malware samples where the crooks used RC5 and RC6 code. They found 347 difference malware samples in The Shadow Brokers data dump. Furthermore, the security vendor's team also discovered coding patterns in the dumped malware unique to the way the Equation Group wrote its hacking tools, and unique to it alone. The technical explanation is as follows: The company's GReAT team says "with a high degree of confidence" that the malware samples dumped online by The Shadow Brokers are related to the malware used by the Equation group. The Shadow Brokers are currently running an open auction for the rest of the Equation Group malware. The group dumped 347 malware samples as a free preview and is also taunting another set of hacking tools which it will release to the person that wins the auction. You can find more details about the auction and the way it's being handled in our original report. Similar coding patterns between the two sets of malware Article source
  22. Kaspersky Labs has released Kaspersky Anti-Virus 2017, Kaspersky Internet Security 2017 and Kaspersky Total Security 2017 in the US and Canada. New features include Secure Connection, a virtual private network which automatically kicks in to protect you when using wifi hotspots, web banking sites and more. An Installation Assistance tool looks out for adware and other pests that get silently installed with some free software, and the Software Cleaner helps you decide what to remove. An extended Anti-Banner system now uses a "powerful subscription catalog held by a third-party", making it significantly better at blocking popups, web ads and more. The suites now include Kaspersky’s Software Updater. This checks for updates to common applications (Adobe Reader, Flash, Java, Chrome, Firefox, more), and can optionally install them without you having to see or do anything at all. Kaspersky has "enriched the design and usability of the main screens for all the new line products", apparently. The product is now fully compatible with Windows 10, but Kaspersky hasn’t forgotten about older systems -- 2017 still works with Windows XP. Trials of Kaspersky Anti-Virus 2017, Kaspersky Internet Security 2017 and Kaspersky Total Security 2017 are available now. Article source New ways to ensure your privacy and security with Kaspersky Lab new product line Here is some good news for you. We’ve just launched new the versions of Kaspersky Internet Security and Kaspersky Total Security for Windows! The new product line has become more powerful and enhanced to ensure your privacy and security. So, what’s new? First of all, we have enriched the design and usability of the main screens for all the new line products. It’s not a major change but we had to mention. Now, that we have that out of the way, let’s switch to more serious matters. You probably know that all of your software should be as “fresh” as the meat and vegetables you serve for dinner. Outdated software contains bugs and vulnerabilities, which hackers often use to infect devices with malware. However, many users don’t pay enough attention to managing their software updates or simply have no time for that. Users who install Kaspersky Internet Security 2017 and Kaspersky Total Security 2017 can now have this managed by our software. The new Software Update module monitors your system for updates that need to be installed. When the module determines that your software requires security patches, it downloads all necessary files from the vendors’ websites and installs them with no interaction with the user needed. The exception to this is if additional confirmations are required. The Software Update module was designed to maximize your convenience: it works in silent mode and provides minimum impact on device performance. If you want, you can disable this feature or use it in manual mode. It’s also possible to create a customized list of software that you don’t want to update — for example, if you prefer an older version for some reason. Let’s talk about another new feature. There’s no need to remind you that public Wi-Fi can be dangerous: sometimes criminals set up fake free Wi-Fi to steal users’ personal data and money. However it’s hardly possible to stop using public networks completely — many people need Internet while travelling. That’s why we’ve developed the Secure Connection feature. It provides secure and encrypted communication channels for users connected to untrusted networks (like public Wi-Fi). In other words, the Secure Connection module guarantees that all data which is sent and received is encrypted and secured from prying eyes. Depending on active settings, this module can be automatically enabled when the user: connects to public Wi-Fi networks; accesses banking, payment systems or shopping sites or other e-commerce websites; uses Internet communication resources like webmail, social networks, etc. What’s improved? We’ve also improved a number of features. Hope, you’ll find these changes useful. The Change Control module has been now upgraded and is now called Application Manager. It is in charge of two main features: Installation Assistance and Software Cleaner. Installation Assistance can be used to detect and manage hidden programs that are installed together with free software from the web, like adware, extensions and toolbars. Software Cleaner helps users decide what software they should remove for safety and usability reasons. The recommendations are based on its behavior (for example, hidden installation without users consent). All together, these two features let you say goodbye to adware, unwanted toolbars, browser extensions and other intrusive programs. Do you remember our Anti-Banner? This feature can be used to block website ads and pop-up banners, so you can focus on the content you’re interested in, and spend less time and traffic opening web pages. The Anti-Banner engine has been significantly revamped and improved with the help of a powerful subscription catalog held by a third-party. By default Anti-Banner is disabled, but you can enable it in the Settings menu > Protection. Besides, our new Kaspersky Internet Security 2017 and Kaspersky Total Security 2017 are compatible with Windows 10. We are always thinking of new ways to protect our users, so stay tuned for future updates. If you are still exploring the web unprotected, give a try to security — install Kaspersky Internet Security and test how these new features work. The first 30 days are free!
  23. The 1970s called and wants its attitudes back Kaspersky has apologized for displaying a sexist pop-up advert in its security software. It's not sorry about showing adverts on people's PCs, however. The Russian giant's desktop software suite flings adverts, er, news items about Kaspersky products at users who have already paid for its applications. On Friday, one of these fine articles appeared on PCs, with a cartoon that many have found offensive. Kasp's dodgy ad ... About as subtle as a house brick "What to be the man," the cyber-poster asks, depicting a line of women lining up next to a bloke working on a computer. "Want to show the ladies your smarts? Bring them to the cybersecurity world and get rewarded." The image was spread across social media on waves of outrage. Don't worry about chipping your nails, girls, get a guy to fix your PC for you, and make sure you make it worth his while, the banner is essentially saying, nudging and winking away like a reanimated Sid James. It's a shame to see this one slip though quality control. After all, the security company began life with Natalia Kaspersky, the former wife of chief scientist Eugene Kaspersky, as CEO, and she built the company up from nothing to become one of the most prominent antivirus outfits on the planet. Ms Kaspersky, who has since left the company, is a multimillionaire and has twice been declared the number-one IT executive in her home country by the Association of Russian Managers. To its credit, the antivirus biz has recognized that it made a mistake and issued an apology. "Earlier today an inappropriate image appeared in in our product. It has been removed and we deeply regret this mistake and sincerely apologize for the offence we caused with this image," a statement reads. Incidentally, if you want to turn off the ads built into the antivirus suite, go to Settings > Additional > Notifications > Turn off the option about Kaspersky news. Article source
  24. Research team says it’s hard to find out who’s behind attack, and kiss privacy good-bye Elliot from USA Network's Mr. Robot, definitely not Cato Networks founder Shlomo Kramer. Malware researchers for Kaspersky Lab took to Reddit’s IAmA chat today and pronounced an affection for the hacker-hero TV show “Mr. Robot” but not NSA hacker Edward Snowden. Responding to a question about how they like it, the team’s global director Costin Raiu says, “Mr Robot is a strong 9.5 for me. Most of the scenes are top class and the usage of tools, operating systems and other tiny details, from social engineering to opsec is very good. I guess having help from some real world security experts (the folks at Avast did a great job!” “Particularly enjoyed seeing their depiction of how quickly a phone can get backdoored with the right preparation,” which in one episode was less than the time it took someone to take a shower, says another team member, Juan Andres Guerrero-Saade. Not so popular, “CSI: Cyber”. Asked if he watches, researcher Brian Bartholomew says, “Yes and it’s terrible. But I do enjoy laughing out loud at it.” Meanwhile the 46-member Global Research & Analysis Team (GReAT) says it has no affiliation with the NSA hacker. “We have no connection whatsoever with Edward Snowden,” says Raiu. A questioner asked whether the team used information from the Snowden leaks to uncover the long-lived advanced-persistent-threat gang Equation Group. “We didn’t use any of the information from the Snowden leaks to discover the Equation Group,” he says. “We discovered the first Equation sample while analyzing a multiple infection on a computer we call “The Magnet of Threats”. This computer has been infected by many other APTs, including Regin, Turla, Careto, Animal Farm, in addition to Equation.” The research team said attributing attacks such as Stuxnet and the theft of Democratic National Committee emails is very difficult. “There is really little that can’t be faked or manipulated and this is why the industry has such heated debates sometimes over attribution,” say Bartholomew and Guerrero-Saade. Top of Form They say languages used in code, times it was compiled, the target, possible motivations and IP addresses are the type of information weighed when trying to assign responsibility. “In the case of the DNC attacks for example, many experts agree that the malware used in the attacks as well as some of the infrastructure used, only belong to two ‘groups’,” they say. When it comes to nation-state actors, often the major economic powers are accused of engaging in cyberattacks, the researchers say. “That does not mean that developing countries don’t participate in such operations, however many times they use external resources as it is cheaper than developing major ‘cyber-capabilities,’” says researcher Vicente Diaz. “That, among other things, makes attribution more difficult (is not the same as developing an advanced and unique weapon rather than using a common one).” When governments got involved in cyberattacks, the world of security research got much more complicated, Raiu says. “Then almost overnight, nation state sponsored attacks appeared,” he says. I guess the first big one was Aurora, which hit Google, Yahoo and others [in 2009]. Ever since, my job has been getting more and more complex, from all points of view.” For example, basic questions like which attacks to investigate are tricky. “In my opinion, we are living in a world where our work has an impact, and ethics should be properly set,” says Diaz. “I like to think of ourselves like doctors or scientists, working based only on technical stuff and not letting other factors to decide for ourselves. And that´s not always easy.” What do these cyberattack experts use to protect their own gear? It’s very personal. “To be honest, each person on the team has their own security quirks,” Diaz says, “ranging from things as simple to tape over the webcam to sniffing everything on your own home network.” And his advice is for individuals to gauge how likely they are to be a target and how much time and effort someone might reasonably be expected to exert attacking them. “What I mean is: what sort of attackers and attacker resources can you reasonably expect to be spent on you?” he says. “Would I advise to my grandmother to have an out-of-band network tap? No. But if you’re handling sensitive IP, scientific research, gov secrets, etc., it may not be the most outlandish thing.” Watch out for mobile malware, says Raiu. “Our analysis of high end APTs such as Equation seems to suggest many threat actors have developed mobile implants, which means that sooner or later, they will be found - just like we found the HackingTeam mobile implants for instance,” he says. “Running a security solution on your Android device will definitively help not just with protection against known threats but hopefully catching some new ones.” And you can kiss privacy good-bye. “It’s important to limit what we post and understand what information we are leaking out … but privacy is a relative term and at a time when every system appears to be designed to divine where you’re going, what you’re doing, what you like, and who with, (and deriving a lot of that information from those you associate with, not just you) it’s unreasonable to consider anything like absolute privacy is possible.” Article source