Copyright © 2015
Tag - Kaspersky
Victims of one strain of "ransomware" may be able to get their data back. A collaboration between the Netherlands Police's National High Tech Crime Unit (NHTCU) and security company Kaspersky, a tool has been created that can be used to decrypt data encrypted by the CoinVault malware, potentially saving many users from paying a random or having to rebuild their data if backups failed.
A secretive hacking collective that has been active for almost two decades has allegedly been uncovered by Kaspersky Lab. Dubbed the "Equation Group," because of their use of encryption algorithms and obfuscation methods, the hackers are apparently unique in that they created highly-professional tools and used "classic spying techniques" to retrieve data and affect systems used by high-value targets, such as governments, major national organizations, and other political targets.
Hackers have stolen more than $300 million from financial institutions around the world, according to a report from Kaspersky Lab provided to the New York Times. More than 100 banks in over 30 countries have allegedly been the victims of a malware-based attack, which began in 2013, though it appears the criminals behind it employed more sophisticated techniques than other malware intrusions, such as that of Target.
Look, it's not that Macs are completely free of risk, but we're not running Windows here. One of the advantages of our platform of choice is that it isn't so riddled with viruses, that there aren't so many malicious applications that you need third-party security software just to be able to sleep at night and work in the day. Macs currently face no known virus threats, and almost no malware (apart from a recent scourge of "adware" that attacks both Mac and Windows web browsers, and the ongoing issues with Flash and Java). So what's the point of a OS X "anti-virus" program like Kaspersky Internet Security?
One of China's state-sponsored media channels is indicating that the government has removed all foreign-made software from its list of approved security software purchases. Newspaper The People's Daily posted on Twitter yesterday, indicating that Kaspersky and Symantec are now excluded from the country's government procurement channels.
Russian security firm Kaspersky has uncovered a massive malware attack, referred to as Flame, that is believed to have gathered sensitive data from a wide array of countries, including Israel and Iran. The malware is said to be modular and expandable in a manner reminiscent of a smartphone app library. The BBC reports that the complexity of the malware has led experts to believe that it could only have been developed with the assistance of a government entity.
Security firm Kaskpersky Lab is denying claims that Apple has asked it to research vulnerabilities in OS X, a statement reveals. "On Monday, April 14, computing.co.uk published an article titled 'Apple OS 'really vulnerable' claims Kaspersky Lab CTO' that includes an inaccurate quote regarding Apple and Kaspersky Lab," the company writes. "The article reports that Kaspersky Lab had 'begun the process of analyzing the Mac OS platform at Apple's request' to identify vulnerabilities. This statement was taken out of context by the magazine -- Apple did not invite or solicit Kaspersky Lab's assistance in analyzing the Mac OS X platform. Kaspersky Lab has contacted computing.co.uk to correct its article."
Security firm Kaspersky Lab has released a free software utility for removing the Flashback Trojan, which has infected a number of Macs worldwide. People who think they're affected can visit the company's Flashback check website first, but the tool will conduct its own scan. Kaspersky normally refers to the Trojan under the less common term Flashfake.
Apple recently asked a web registrar, Reggi.ru, to shut down a domain belonging to the Russian security firm Dr. Web, the latter company's CEO has revealed. Boris Sharov says the registrar informed him about the request on Monday. Apple's reasoning was that the domain was being used as a command-and-control server for computers infected with the Flashback Trojan. Sharov notes, though that the domain is actually hosting a "sinkhole," a spoofed C&C server used to monitor computers linked in the Flashback botnet.
Kaspersky has released a new Mac security app, simply called Virus Scanner. The title is being sold on the Mac App Store, and is explicitly designed as a "lightweight" version of the company's existing Mac software. It detects and removes both Mac- and non-Mac malware, using automatically updated definitions.