English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1
Latest posting
By rating
By popularity

03 Jun Security policies: portable applications Kirill Kruglov

23 Sep Turbulence in the blogosphere Roel

14 Apr Blogging bad for you? David

26 Oct Welcome to the Weblog Eugene

26 Oct Secure blogging Costin Raiu

Join our blog

You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.

0
 

Everyone has their own preferences in choosing applications: a favorite browser or instant messenger, media player or email client, etc. Many users are so accustomed to them in everyday life that they feel uncomfortable without access to their favorite programs at work or in college. As a result, they come to use the portable applications which we will discuss in this article.

Portable applications, stored on removable media, are very convenient: they need no installation and can be used in almost any environment. For users, this means their favorite tools are always at hand, and ready to do anything from playing movies and music to analyzing and restoring the system.

However, such applications can also pose a threat to information security. Users who do not have local administrator rights cannot install software on the PC, but they can bypass this restriction by taking advantage of portable applications that do not require installation. Since these applications are mobile and are stored on removable media, they often go undetected by auditing applications on the LAN. This makes it more difficult to investigate incidents related to the use of portable applications as the information about removable media and software installed on it is often unavailable to the IT security specialists.

Case study

An analytical company engaged in processing large amounts of personal information offered part-time work to students and non-IT-specialists: a couple of days a week they would transfer data from paper into electronic forms, recheck the available data for errors and contact people for further information.

Incidents|Turbulence in the blogosphere

Roel
Kaspersky Lab Expert
Posted September 23, 14:46  GMT
Tags: DDoS, Website Hacks, Weblogs
0
 

It's been a bit of a bumpy ride in the Dutch blogosphere over the last couple of days.

One blog - www.geencommentaar.nl - decided to set up something I like to call a 'web 2.0 honeypot' in the form of a petition. The idea behind this was to attract the attention of the biggest blog in the Netherlands - www.geenstijl.nl - and get GeenStijl readers to comment.

GeenCommentaar logged the IP addresses of users who made offensive comments on the blog and created a database. (A lot of the offensive comments came from GeenStijl users). Other bloggers could then check the database to see if a particular IP address had been tagged as offensive. Supposedly the idea behind this was to make life easy for other site/ blog owners, by offering an automatic way to filter out (probably) unwanted comments/ content.

When GeenStijl realized what was happening, they responded with a vengeance by adding a piece of Javascript to their page.

Incidents|Blogging bad for you?

David
Kaspersky Lab Expert
Posted April 14, 13:52  GMT
Tags: Weblogs
0
 

Weblogs are springing up all over the place, on every topic under the sun. And not surprisingly, blogs have drawn the attention of virus writers as a new way of infecting computers. A recent report shows that blogs are being used to install viruses, keyloggers and other malicious code.

So should we close our blog? Or tell you to stop reading weblogs altogether?

I don't think so. But weblogs are a potential threat, so here are our guidelines on how to protect your computer.

  • Anti-virus software is a must!
  • You must keep your anti-virus software up-to-date. Choose a vendor that provides frequent updates and make sure that you download the latest update.
  • Don't trust any information from unknown sources: this includes email, instant messaging programs, FTP, and the Internet [e.g. weblogs!].
  • Be very wary of unusual or strange information, even if you seem to have received it from a trusted source.
  • Pay careful attention to information from reputable anti-virus companies. We're able to give prompt warning about new threats.

In short: use the latest anti-virus protection and be very very careful who you trust...

Comment      Link

Project|Welcome to the Weblog

Eugene
Kaspersky Lab Expert
Posted October 26, 13:35  GMT
Tags: Weblogs
0
 

Welcome to the Weblog. The world of malware is technically complex, full of incident and mal-innovations, and keeps growing. The computer underground is looking for new intrusion and infection technologies. On the other hand the anti-virus companies keep developing protection. The e-arms race goes on full speed. We are here to explain the details.

Welcome to the Weblog. Hackers have mastered social engineering, cheating, fraud and phishing. They want to watch you from inside of your computer - we are here to inform you about most "successful" ways they do that. We'll help you to be more protected today, than yesterday.

Welcome to the Weblog. The software giant(s) are under attack. The complexity and flexibility of networks, operating systems and applications are searched and abused by the hackers, virus writers, spammers and advertisers. The vendors do their best to release patched products, to install new and better walls against the flow of malware. We are here to present our expertise about these changes.

Welcome to the Weblog. You're looking for answers? You're afraid of being hacked? Our ideas will help.

Comment      Link

Project|Secure blogging

Costin Raiu
Kaspersky Lab Expert
Posted October 26, 12:39  GMT
Tags: Weblogs
0
 

Finally, we're here! A weblog from the international antivirus lab at Kaspersky, with news, interesting details, top level security information and from time to time, even pictures! :-)

While on the subject of blogging, I have to say that posting to this weblog is probably one of the most complex (and secure!) online processes I've seen. IP-based authentication, public/secret key pairs, passwords plus a few other extra security protocols which I cannot disclose. Just the way a proper security product should be. (grin)

Speaking of security and weblogs, there's a new popular exploit on the internet targetting WordPress, maybe the most powerful weblogging software out there. This vulnerability is fixed by the WordPress 1.2.1 release, so if you are an WordPress user, make sure you run the latest update.

Comment      Link