English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1
Latest posting
By rating
By popularity

Join our blog

You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.

0.1
 

The Ekoparty Security Conference 2013 was held in the beautiful city of Buenos Aires, Argentina, from 25 to 27 September, This event,the most important security conference in Latin America, is now in its ninth year and was attended by 1,500 people. The slogan of this year’s conference was “Somebody is watching”.

Events|Hot Topic in Icy Country

Marco
Kaspersky Lab Expert
Posted December 04, 08:03  GMT
Tags: Conferences, Trainings, Passwords
0.2
 

These days Passwords^12 is taking place in Oslo - a conference only dedicated to passwords and pin codes. With temperatures around -15 degrees (Celsius) outside, in the conference rooms of the University in Oslo, Department of Informatics, talks by well known security experts are given.

Every day you use passwords. While logging on to your computer, smartphone or tablet, accessing your emails or your social network site and also for online banking and online shopping. Recent database breaches of user logins show that there is a high demand for more security in this area. During these days talks and discussions only care about this.

0.1
 

Kaspersky Lab is paying a lot of attention to IT security education & literacy development sharing its knowledge & experience actively through its educational program "Kaspersky Academy" which offers unique opportunities for students & young professionals to improve their knowledge of IT security, gain new experience and communicate with industry experts, realize their scientific potential as well as get exciting career opportunities & open the door to the professional world of IT security. Ram Herkanaidu, educational manager, is telling about academic initiatives of the company.

comments      Link
0.3
 

Since yesterday I've been attending the annual Hack-in-the-Box Quad-Track Security Conference in Amsterdam/NL. There's a very nice and open atmosphere here at the conference, besides the beautiful city of Amsterdam.

First, Joe Sullivan (CSO at facebook), held a very interesting keynote about the development of security innovations at facebook. For him innovation is „these hacking culture, we think about each day at facebook“. After explaining some of the newer security innovations (https-only, login notifications, login approvals [if e.g. geo-location of a user is suspicious], recognized devices, recent activity) he talked about the recent fb-scams with malicious scripts. „No one would do that, copying and pasting a script into the browser! - Yes, they do...“, he said.

Also a remarkable talk I attended was about binary planting, given by Mitja Kolsek (CTO at ACROS Security). In "Binary Planting: First Overlooked, Then Downplayed, Now Ignored" Mitja also showed a new method he called "advanced binary planting", which uses a feature from Windows' special folders (like control panel, printers, etc.) and clickjacking to make it possible to own the users' computer.

In the winter garden of the conference hotel there's a technology showcase area. Hackerspaces from all over Europe and the Netherlands are showcasing their projects here. There also is a capture-the-flag competition happening, a lock-picking and (sponsor) companies-showcase.

For more informations please see the conference website.

Comment      Link
0.2
 

Security researchers from around the world are digesting the weekend's fare at Infiltrate2011, organized by security outfit Immunity. "No policy or high-level presentations, just hardcore thought-provoking technical meat" was promised, and presenters served it up sizzling.

The sessions folded in a variety of topics slicing up current offensive security issues with some defensive interest mixed in. Discussions spread from technical wizardry attacking hardened linux kernels to general network exploration and reconnaisance. Infiltrate2011 itself follows somewhat on the Blackhat/Defcon conference model, but reduces the corporate marketing at those conferences. The peer reviewed set of presentations and research sponsored by one of the best known offensive security/penetration testing groups in the business sets the bar high and undistracted for the level of technical content. The final agenda is listed here.

Events|Techfest Mumbai 2011

Costin Raiu
Kaspersky Lab Expert
Posted January 11, 05:36  GMT
Tags: Conferences, Exhibitions, Numerology, Trainings
0.3
 

Last week I got the chance to drop by the IIT campus in Mumbai, India, for the Techfest 2011 conference.


Follow me on Twitter This was a great opportunity to meet some of the world’s brightest students and to listen to some very interesting lectures from people such as Richard Stallman – who needs no introduction, William Baker – the structural engineer for the famous Burj Khalifa, KS Pua – the inventor of the pen drive, or Jaap Haartsen, the engineer who developed the Bluetooth specification. For a full lineup of the speakers, you can go here: http://www.techfest.org/lectures/

Opinions|Last minute shopping - keep safe!

Dmitry Bestuzhev
Kaspersky Lab Expert
Posted December 18, 11:53  GMT
Tags: Trainings
0
 

The holidays are nearly here! If you're still searching for the final perfect present, and are thinking of buying online, here's a few practical tips to help keep your last-minute purchases secure:


  1. Keep your Internet Security solution updated, not just to the day but to the hour! We release frequent updates to make sure you're protected from the very newest malware. Scan your system before you start shopping.

  2. Don't forget to use our Kaspersky Virtual Keyboard which is integrated in Kaspersky Internet Security products for all your online transactions, especially when you’re asked to input any personal data like your names, numbers (credit card, pin, date of birth, zip code, etc) or address.

    Using the virtual keyboard prevents Trojans from stealing information which you enter via the keyboard or other input device.

  3. Don’t shop from public WiFi networks which aren't secured using WPA2. These networks can be easily hijacked by cybercriminals, and your sensitive financial data could be compromised.

  4. Make sure your system is up-to-date! You should make it a habit to download and install updates not just for your operating system but also for third party applications like:


    • Browsers like IE, Firefox, Opera, Safari, Google Chrome or any other you use
    • Adobe system applications.
    • Media players like Realpayer, Winamp, etc.


    You can use the Kaspersky Vulnerability Scan integrated in Kaspersky Internet Security product to check your system for vulnerabilities.

  5. Check that the sites you shop on are secure! A secure online shopping site will have a valid digital certificate which is used to encryption and secure your online transaction and it will have an icon showing a closed padlock in the bottom or the top of your browser.

    The address bar should have an ‘https’ string before the page address.

    Remember - NEVER shop on a page which doesn’t have ‘https’ in the address bar:

    or if the padlock is open or broken, or if you get a warning regarding the digital certificate of the page you’re on!


Wishing you safe online shopping and happy holidays!

Comment      Link

Events|Malware Defence Workshop details

David
Kaspersky Lab Expert
Posted April 10, 08:41  GMT
Tags: Trainings
0
 

Following on from last Wednesday's post - if you're interested in attending our Malware Defence Workshop (which includes puzzles like the one shown above!), do contact us on malwaredefence [at] kasperskylab.co.uk and we'll send you a schedule.

Comment      Link

Events|Prepare to meet your malware

David
Kaspersky Lab Expert
Posted April 02, 16:41  GMT
Tags: Trainings
0
 

Over here in the UK we're launching our Malware Defence Workshop. If you're responsible for corporate security, developing security strategies, or keeping your company network free of malware, this workshop is for you.

We're offering a mix of theoretical, practical and demonstration sessions to give an insight into how malware works – in a secure, risk-free environment.

Topics range from how malware has developed over the years, through propagation methods, Trojans, botnets, ransomware and mobile malware. There'll be sessions on evaluating security solutions, and what the future may hold.

We'll be running the workshop regularly, so if you're interested in meeting malware face-to-face, do contact us for more details.

Comment      Link

Events|A few IT security training tips

David
Kaspersky Lab Expert
Posted November 02, 13:08  GMT
Tags: Trainings
0
 

Roel recently posted about user education. Last week I co-moderated a discussion workgroup at Net Focus UK on 'Building and managing an effective IT security training and awareness program'. I thought I'd share some of the key points that came out of the discussions on the subject of staff awareness as part of an overall security strategy.


  1. It's education, not training. You're trying to influence attitudes and approaches, not create security experts.
  2. You're educating your employees; they're not 'users'.
  3. If it's done properly, education can make a big difference to company security.
  4. Keep it personal; this will make it more effective. e.g. tie it in with home PC security.
  5. Make it engaging and interesting. You could use

    • Your company intranet
    • Online training
    • Poster campaigns
    • Foyer displays
    • Tip of the month
    • Calendars or screen-savers.

  6. Keep it simple.
  7. Keep guidelines about what to do or not do, what to report, and who to report to as straightforward as you can.
  8. Make sure you have a written policy that includes guidelines and expectations.
  9. Foster an attitude of openness; otherwise security problems will not be reported.
  10. Avoid making employees feel stupid, or you'll just alienate them.

Comment      Link