Kaspersky
Latest
Chinese government drops foreign security software (update: with limits)
China's government isn't just giving the boot to foreign operating systems; it's doing the same for security software, too. A national procurement agency has dropped Kaspersky and Symantec from its antivirus supplier list, leaving only Chinese companies as options. It's not clear that the move is directly linked to the country's concerns about foreign software being used for espionage. Kaspersky tells Reuters that it's in "conversations with authorities" about the move, but there isn't an official statement on the subject just yet. It wouldn't be shocking if there was a connection, however, since security tools are at the very heart of China's fears. The real surprise is the nature of the targets -- while many would expect China to distrust an American outfit like Symantec, it may be treating a Russian developer (Kaspersky) with a similar level of suspicion. Update: Symantec says the list only applies to "certain types of procurement," and that it's not an out-and-out ban. Still, the company is looking into the report -- and any significant contract losses still represent significant problems.
The real-life hacking behind Watch Dogs' virtual world
It starts out simply. One day, you're scrolling through the Naval Criminal Investigative Service database, identifying a perp's body when an alert flashes red on your monitor. "INTRUSION DETECTED," it screams. You're getting hacked and there's only one solution: Call your bumbling partner over and have him join you at the keyboard. The two of you frantically bang out rapid-fire key sequences as random program windows flash onscreen. The hacker's getting further and further into the system. Your partner's never seen code like this before and his usual tricks to combat it aren't working. That's when the display goes dead and your silver fox of a boss saves the day by pulling the power plug of your workstation.
This is Earth's malware threat, visualized
Ah, nothing like good old fashioned scare tactics to get you to install anti-virus software. In a thinly veiled advert for its security suite, Kaspersky Labs has created a real-time cyber threat map -- painting the globe with six shades of malware. The brightly colored map lists Russia as the world's most infected country, followed closely by the United States, India and Vietnam. It's a mesmerizing visualization, but take it with a grain of salt: the data it presents is pulled exclusively from Kaspersky's own security network, which might explain why the Russian security outfit's home turf is the "most infected." More users in the motherland probably translates to more virus' detected. That said, if you're looking for a colorful view the world's malware, you won't be disappointed. Check it out at the source link below.
Vertu's new Constellation is its second Android phone, and you still can't afford it
With the Ti liberating Vertu from the Symbian shackles, it was only a matter of time before the luxury phone maker released its second Android device. The Constellation, as it's called (instead of "Constellation V" as listed by the FCC), takes a small but bold step away from Vertu's usual design language, as it lacks the iconic ceramic pillow on the earpiece. What it gains instead is the largest piece of tough sapphire glass that Vertu -- or any phone maker for that matter -- has ever crafted, as well as a layer of soft but durable calf leather wrapping around the Grade 5 titanium body. It'll also come in five colors: dark brown, orange (our favorite so far), black, light brown and cherry. Vertu's CEO Massimiliano Pogliani told us that this "less is more" approach is to have a more neutral, less showy offer that he believes will appeal to a larger audience. "It tested extremely well [in study groups] in China and Russia," said the exec. "In terms of design and appearance, it is being luxury but not too bling, too wild, too pushy, so I'm very happy and very confident."
Engadget Giveaway: win one of five backpacks containing a Sony VAIO Fit 15, courtesy of Kaspersky Lab!
As we gently tumble from summer to fall we know you'll invariably start to ponder just what exactly you're going to need to kit yourself out for the school year. While we can't help you with your textbooks, Kaspersky Lab has generously offered up five CaseLogic backpacks loaded with stuff to get you started. The highlight is the Sony Vaio Fit 15 but you'll also find a Microsoft Sculpt Touch Mouse, a $25 Amazon gift card and an activation code for Kaspersky's flagship Internet Security 2014 packed along for the ride. Sound good? All you need to do to get involved is drop down to the widget below and get yourself signed up for the contest. Winners: Congratulations to our five winners: Milton C., Peoria, IL; Asif H., PIttsford, NY; Maya M., Hinesville, GA; Sarah B., Buzzards Bay, MA; and Shannon C., Korbel, CA!
Hacking ring infiltrates Trion, Nexon, and Neowiz game servers
A China-based hacking ring has infiltrated servers belonging to "dozens of online video gaming companies and stolen valuable source code over a four-year period," according to The Sydney Morning Herald. The newspaper's website says that Neowiz, Mgame, Nexon, and Trion are among the companies affected. Moscow-based security firm Kaspersky Lab is conducting an ongoing investigation into the hacking ring's activities, but has not been given full access to infected servers. Some game companies reported the presence of malicious software which suggests that the hackers manipulated virtual currencies, according to the Herald. The group, named Winnti by Kaspersky, began its current campaign in 2009 and is still active today. The Herald reports that Neowiz "did not respond to requests for comment, while Trion and Nexon declined to comment. Mgame said it had no immediate comment."
Sony K-12 initiative puts the Xperia Tablet S into schools
The selection of tablets in education has been narrow, especially for teachers that want support after the hardware is on their doorstep. Sony figures that it can widen the field through its K-12 Education Initiative. The effort gives schools a discount on the Xperia Tablet S, but that's just the start: they have access to Education Ambassador, an online resource for incorporating Android tablets into the classroom, as well as 50GB of free Box storage and a year's worth of Kaspersky security services. Sony is already taking orders for schools waiting to hop onboard; if they're willing to try a company that's relatively untested in education, they may get a better deal than they expect.
Russian technology firms agree to avoid poaching each other, keep salaries in check
American companies that reach no-poaching agreements do so behind closed doors, as it's considered illegal and anti-competitive. No such reservations appear to exist in Russia, as several of the country's top technology giants have openly admitted to reaching an unprecedented verbal deal: Acronis, Epam, Kaspersky Labs, Parallels and Yandex have all promised not to actively recruit each other's staff. They contend to CNews that it's a way to prevent salaries from getting out of control as staff are lured away, and that fear isn't entirely without justification -- there's a well-known salary war between Facebook and Google in Silicon Valley, for example, that makes it tough for smaller companies to attract the same talent. Whether or not the pact stands may be another matter. There's no history of Russian court action versus anti-poaching deals, but concern exists that the truce may not be strictly above-board. [Image credit: Jennifer Boyer, Flickr]
Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare
Kaspersky Labs' namesake Eugene Kaspersky is worried that widely distributed and potentially state-sponsored malware like Flame and Stuxnet pose dire threats to often lightly protected infrastructure like communication and power plants -- whatever your nationality, it's clearly bad for the civilian population of a given country to suffer even collateral damage from cyberattacks. To minimize future chaos and literally keep the trains running, Kaspersky and his company are expanding their ambitions beyond mere antivirus software to build their own, extra-secure operating system just for large-scale industry. The platform depends on a custom, minimalist core that refuses to run any software that isn't baked in and has no code outside of its main purposes: there'll be no water supply shutdowns after the night watch plays Solitaire from an infected drive. Any information shared from one of these systems should be completely trustworthy, Kaspersky says. He doesn't have details as to when the OS will reach behind-the-scenes hardware, but he stresses that this is definitely not an open-source project: some parts of the OS will always remain confidential to keep ne'er-do-well terrorists (and governments) from undermining the technology we often take for granted.
Security researchers dissect Flame's handling program, find three new viruses 'at large'
It seems Stuxnet and Flame aren't the only out-of-control cyber-weapons roaming around the Middle East. Security researchers from Symantec and Kaspersky have found that the Flame malware had the electronic equivalent of a "handler," a program called NEWSFORYOU, which is also in charge of three further viruses that are code-named SP, SPE and IP. The trio have yet to be analyzed, because although a cache of data has been discovered on a command-and-control server, decoding it has proved "virtually impossible." While both security companies have declined to point a finger as to the viruses' origin, Reuters' sources suggest they're from the United States, while The Washington Post has been told that the project was a joint-enterprise with Israel -- in keeping with the existing narrative that this is the pair behind Stuxnet.
Spam-happy iOS trojan slips into App Store, gets pulled in rapid fashion
You could call it technological baptism of sorts... just not the kind Apple would want. A Russian scam app known as Find and Call managed to hit the App Store and create havoc for those who dared a download, making it the first non-experimental malware to hit iOS without first needing a jailbreak. As Kaspersky found out, it wasn't just scamware, but a trojan: the title would swipe the contacts after asking permission, send them to a remote server behind the scenes and text spam the daylights out of any phone number in that list. Thankfully, Apple has already yanked the app quickly and explained to The Loop that the app was pulled for violating App Store policies. We'd still like to know just why the app got there in the first place, but we'd also caution against delighting in any schadenfreude if you're of the Android persuasion. The app snuck through to Google Play as well, and Kaspersky is keen to remind us that Android trojans are "nothing new;" the real solution to malware is to watch out for fishy-looking apps, no matter what platform you're using. [Image credit: C Jones Photography (wallpaper)]
Flame malware extinguishes itself, Microsoft protects against future burns
The folks behind that nasty Flame trojan that burned its way through the Middle East aren't the kind to brag -- the malware's manufacturers apparently started dousing their own fire last week. According to Symantec reports, several compromised machines retrieved a file named browse32.ocx from Flame controlled servers, which promptly removed all traces of the malware from the infected systems. Although the attackers seem spooked, Microsoft isn't taking any chances, and has issued a fix to its Windows Server Update Services to block future attacks. The update hopes to protect networked machines from a similar attack by requiring HTTPS inspection servers to funnel Windows update traffic through an exception rule, bypassing its inspection. The attackers? "They're trying to cover their tracks in any way they can," Victor Thakur, principal security response manager at Symantec told the LA Times, "They know they're being watched." Check out the source link below for the Symantec's run down of the trojan's retreat.
Flame malware snoops on PCs across the Middle East, makes Stuxnet look small-time
Much ado was made when security experts found Stuxnet wreaking havoc, but it's looking as though the malware was just a prelude to a much more elaborate attack that's plaguing the Middle East. Flame, a backdoor Windows trojan, doesn't just sniff and steal nearby network traffic info -- it uses your computer's hardware against you. The rogue code nabs phone data over Bluetooth, spreads over USB drives and records conversations from the PC's microphone. If that isn't enough to set even the slightly paranoid on edge, it's also so complex that it has to infect a PC in stages; Flame may have been attacking computers since 2010 without being spotted, and researchers at Kaspersky think it may be a decade before they know just how much damage the code can wreak. No culprit has been pinpointed yet, but a link to the same printer spool vulnerability used by Stuxnet has led researchers to suspect that it may be another instance of a targeted cyberwar attack given that Iran, Syria and a handful of other countries in the region are almost exclusively marked as targets. Even if you live in a 'safe' region, we'd keep an eye out for any suspicious activity knowing that even a fully updated Windows 7 PC can be compromised.
Kapersky "disappointed" he can't sell AV software on iOS
Security wonk Eugene Kaspersky is not happy with Apple, since the company won't let his eponymous antivirus firm develop antivirus software for iOS devices. Speaking to The Register, Kaspersky went so far as to say "That will mean disaster for Apple," since malware targeting the mobile operating system will "inevitably" strike iOS at some point in time. Kaspersky admits that iOS is "by design ... more secure" than other operating systems. His infection vector of choice is to place the malware into the source code of legal software that has to be downloaded from the App Store, as it is "almost impossible to develop malware which does not use vulnerabilities." Kaspersky goes on to say that an infection of this sort will "be the worst-case scenario because there will be no protection. The Apple SDK won't let us do it." That will, in the Russian's opinion, result in a loss of market share for Apple and a huge boost for Android -- an operating system he's happy with since it is less secure and he can develop security software for. He's so sure of the demise of iOS because of malware that he's made bets with friends stating that Android will have an 80% market share by 2015. That's one bet we hope he loses.
Apple doesn't invite Kaspersky Lab to examine Mac security (Updated)
Update: Engadget smelled something funny in this story, and turns out they were right; Kaspersky is now saying that the comment about "working with Apple to analyze OS X" was taken out of context, and that Apple has not invited the security firm to analyze its desktop OS. Full statement is here. The CTO of computer security firm Kaspersky Lab says was quoted as saying that Apple has asked them to take a look at Mac security, and the malware targeting it. Nikolai Grebennikov says that the "Mac OS is really vulnerable," and that the company's "first investigations show Apple doesn't pay enough attention to security." Go figure -- the head of a security firm claiming that people should spend more money and time on security. Who knew? But the recent small outbreaks of malware targeting Macs gives a little more credence to these claims, and if Grebennikov (whose firm has publicly gone after Apple on this before) is to be believed, then Cupertino is finally ready to hear about possible improvements. Grebennikov agrees that there hasn't been any iOS-specific malware spotted yet, but he says we'll probably see it in the next year or so. Hopefully, if Kaspersky is working with Apple, they'll be able to keep the OSes completely secure anyway. [via MacRumors]
Kaspersky exec calls Mac OS 'really vulnerable' (update: clarification from Kaspersky)
The Macintosh is an impenetrable fortress of malware-free computing, right? In recent years, we've certainly seen that image eroded a bit, thanks to a number of nasty outbreaks. And if you listen to Nikolay Grebennikov, the CTO of security software maker Kaspersky, things have the potential to be much worse. The executive told British site Computing that the company was invited to improve Cupertino's security, only to discover that, "Mac OS is really vulnerable." Grebennikov also had some rather unfortunate news for all the iPad and iPhone owners out there, telling the site, "Our experience tells us that in the near future, perhaps in a year or so, we will see the first malware targeting iOS." Update: So, this is turning into a whole "he said, they pubbed" situation. We reached out to Kaspersky earlier and just received a comment from the security company, which claims that the whole thing was simply taken out of context. Here's the statement. It's a doozy. On Monday, April 14, computing.co.uk published an article titled "Apple OS 'really vulnerable' claims Kaspersky Lab CTO" that includes an inaccurate quote regarding Apple and Kaspersky Lab. The article reports that Kaspersky Lab had "begun the process of analyzing the Mac OS platform at Apple's request" to identify vulnerabilities. This statement was taken out of context by the magazine – Apple did not invite or solicit Kaspersky Lab's assistance in analyzing the Mac OS X platform. Kaspersky Lab has contacted computing.co.uk to correct its article. Please refer to the statement below from Nikolay Grebennikov, Chief Technology Officer, Kaspersky Lab, which clarifies this misrepresentation: "As Mac OS X market share continues to increase, we expect cyber-criminals to continue to develop new types of malware and attack methods. In order to meet these new threats, Kaspersky Lab has been conducting an in-depth analysis of Mac OS X vulnerabilities and new forms of malware. This security analysis of Mac OS X was conducted independently of Apple; however, Apple is open to collaborating with us regarding new Mac OS X vulnerabilities and malware that we identify during our analysis. Kaspersky Lab is committed to providing the highest level of security for all of our customers, including Mac OS X, and we will continue to enhance our technologies in order to meet the ever-changing threat landscape. "
Apple publishes support page for Flashback malware, is working on a fix
After the Flashback / Flashfake Mac trojan was exposed by Russian site Dr. Web, Apple has finally responded by publishing a support page about the issue and promising a fix. If you haven't heard by now, the malware exploits a flaw in the Java Virtual Machine, which Oracle pushed a fix for back in February, but Apple didn't patch until a botnet consisting of as many as 650,000 Macs was identified on March 4th. Antivirus maker Kaspersky has confirmed the earlier findings, and released a free tool affected users can run to remove the trojan from their computers. Other than the update already delivered for computers running OS 10.6 and 10.7 Apple recommends users on 10.5 and earlier disable Java in their browser preferences. What isn't mentioned however, is when its fix is incoming or any timetable on its efforts with international ISPs to cut off the IP addresses used by the network. This is not the first time Macs have fallen prey to malware and as their market share grows will likely not be the last, so don't think just opting for OS X is automatically keeping you a step ahead security-wise. Check the links below for more information about what the malware does, and how to get rid of it.
Adobe dominates Kaspersky Lab's top ten PC vulnerabilities list
Being number one is usually an honor, but not when it comes to Kaspersky Lab's top ten PC vulnerabilities list. Unfortunately for the software giant, Adobe took top dishonors for Q1 this year, pulling in five total spots on the list, including the top three. According to the security firm, all of the vulnerabilities appearing on the list allowed cyber-criminals to control computers at the system level. The number one spot was occupied by a vulnerability in Adobe Reader that was reportedly detected on 40 percent of machines running the application, while Flash Player flaws took second and third. Other dishonorees included the Java Virtual Machine, coming in at fourth and fifth place, Apple QuickTime, Winamp, and Microsoft Office. That ain't bad, considering Microsoft ruled the vulnerabilities roost in 2010.
Parallels Desktop 5 doesn't play well with Kaspersky Anti-Virus on some Macs
My Christmas miracle was that after waiting a month and a half, my Godzilla iMac 27" 2.8 GHZ Intel Core i7 iMac showed up on my doorstep on Christmas Eve. This was, ironically, two days after receiving a letter from Macmall telling me that my order was on indefinite backorder and asked me to call if I still wanted it. I did. I bought it with Parallels 5.0 and Windows 7 preinstalled, since I'm lazy and the price was very competitive. After adding memory to bring it to 12GB, and plugging in my 23" Apple Cinema Display, giving me 3.7 feet of horizontal screen space, I ran Parallels -- which promptly crashed. I was unceremoniously told that a file named wuawcIt.exe wasn't feeling well and had to close. The sugarplums faded as I realized that this would take most of Christmas day to sort out. It did, and a bit more.
Second Life content creators warn about scam site
Numerous Second Life content creators are warning their clientele that the Web-site virtualget.net (which has been apparently been operating for a couple of months now) is a credit-card harvesting scam. Whether that's correct or not, the site appears to be using the product images and product descriptions and trademarks of numerous Second Life content creators without their permission. The original images and text appear on Linden Lab's Xstreet SL virtual goods shopping Web-site. Numerous DMCA notices are reportedly being filed by content creators at present. We attempted to contact virtualget.net (anonymously registered in Singapore) for comment, but none of their email addresses appeared to be functional -- One email address was restored to function when the majority of the site was taken down a short time ago, but we received no response. Linden Lab, who has an intellectual property stake in the matter, was not available for comment either. Users of Kaspersky protection software found the Web-site marked as a phishing site several hours ago, presumably based on user reports. Update: The operation seems to have disabled access to much of the site in the wake of numerous DMCA notices filed by content-creators. Are you a part of the most widely-known collaborative virtual environment or keeping a close eye on it? Massively's Second Life coverage keeps you in the loop.
