English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1
Latest posting
By rating
By popularity

Join our blog

You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.

Events|RootedCON V

Vicente Diaz
Kaspersky Lab Expert
Posted March 10, 14:40  GMT
Tags: Conferences, Cyber weapon
0.1
 

It was five years ago when a group of computer security enthusiasts decided to gather together and organize a security conference mainly for a Spanish-speaking audience.

Last week RootedCon celebrated its fifth birthday, gathering more than 1000 attendees. It is now firmly established as the most important security event in Spain.

Research|Malware in metadata

Vicente Diaz
Kaspersky Lab Expert
Posted December 19, 10:07  GMT
Tags: JavaScript, Security Websites, Campaigns, PHP
0.4
 

One of the systems I have been running collects all our web malware detections for .ES domains. I usually check it out every morning, just in case I see something especially interesting or relevant. And when I find something, I like to create some statistics to have a global overview.

There are some things that I find every time I check my stats, like URLs that have been infected for more than 200 days, even being notified. That speaks of the lack of security awareness on some companies, and how some websites just get abandoned and become a hive of malware.

However one of the things that drew my attention was the detection of many PHP Backdoors with not-so-common extensions, such as JPG or MP3. Maybe a false positive? Worth taking a look!

0.4
 

Around one year ago I posted about what were the most common web attacks in Spain and how the malware was spread. It is time for an update!

We regularly collect data regarding infected web sites based in our detections on KSN. Apart from the general verdicts that I usually find in the top of the rank, there was another one in the top 3 for the last months that caught my eye: Trojan.JS.Iframe.aeq.

Research|Is digital marketing the new spam?

Vicente Diaz
Kaspersky Lab Expert
Posted April 22, 05:54  GMT
0.2
 

What a week for being in Boston! I was heading to Source Conference the very same day the blast happened. Its hard to describe all the intense emotions when I arrived. As president Obama said today to the city of Boston: You will run again. All my best to you guys, stay strong.

In my presentation in Source I talked about fraud in Twitter. These days we find a lot of spam bots in this social network, both blindly sending unsolicited direct messages to other users or doing some previous semantic analysis, depending on your tweets, for a more targeted message.

Incidents|Fraud abusing Google Docs

Vicente Diaz
Kaspersky Lab Expert
Posted October 18, 07:38  GMT
Tags: Spam Letters, Google, Spearphishing
0.4
 

Phishing is not exactly a ground-breaking technique. Quite the opposite, it seems like it has been around forever. This is an indicator of its effectiveness: we might think that it is unlikely that people would give away their banking credentials just because they are asked for them, but still there is a percentage who continue to become victims of one of the simplest fraud methods.

However both user awareness and anti-phishing tools are making harder for fraudsters to succeed in their attempts to get our money. We see this changing in the decrease in the percentage of spam. That is not the only reason: users are switching to new platforms such as social networks for direct communication.

Today I want to show you an example of the creativeness in avoiding spam and phishing filters.

Events|VB2012 day 2

Vicente Diaz
Kaspersky Lab Expert
Posted September 28, 17:28  GMT
0.2
 

One of the things I dont like from conferences is when there are two talks you want to attend scheduled at the same time. And this is what happened to me in VB2012.

Fortunatelly David was on the stage for a whole hour, so I attended his first half and then I switched to Fabios talk.

Events|5 takeaways from Las Vegas

Vicente Diaz
Kaspersky Lab Expert
Posted August 03, 05:35  GMT
Tags: Conferences
0.3
 

Probably the two most important security conferences in the world are held in Las Vegas during the same week, gathering more than 15,000 attendees and offering dozens of talks. Even if you are here, you will find a situation where you want to attend 2 or 3 talks at the same time, or the frustration of attending one talk only to find there is no room left for you in the next one you wanted to attend.


So I thought it would be useful, whether you were in Las Vegas or not, to highlight the most relevant things that happened there during these 2 weeks, in my opinion:

0.4
 

Browsing is a risky activity from a security point of view. The good old times when we could identify a bunch of suspicious sites and avoid them are gone forever. Massive infections of websites are common nowadays, blindly infecting as many sites as possible. Once these sites are compromised, the access is usually sold to cybercriminals. At this point the site hosts malware or redirects victims to some exploit kit.

We have seen this hundreds of times, for example the recent example such as the distribution of Flashfake through compromised Wordpress blogs.

Thanks to KSN we have nice stats of the sites browsed by our customers and detected as malicious. And thanks to KIS/KAV protection, users can happily continue browsing without further inconvenience.

I have been analyzing compromised sites with ES TLD during the last month, wondering what the most dangerous sites for Spanish users are. These are the top 5 verdicts:

Research|Where is my privacy?

Vicente Diaz
Kaspersky Lab Expert
Posted March 02, 13:21  GMT
Tags: Privacy
0.3
 

When we upload something embarrassing about ourselves to, lets say Facebook, thats completely our fault. But there are other subtle ways to get information about us. Lets say a few words about tracking.

Every time you visit a website you request HTML that will be rendered in your local browser. This code may include external references, so you will request them as well. Nothing to be afraid of so far.
0.2
 

This week I attended the Gartner Symposium in Barcelona. The event is for IT leaders and executives, held in a magnificent venue and superbly organized.

Having the chance of giving a talk there, I wondered what kind of message should I give to such attendees. These people lead big companies and get regular reports from the best analyst in the world. During the conference basically they will get tons of information, and I wanted my message to remain in their minds, so I decided to go for a practical approach.