English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1
Latest posting
By rating
By popularity

Join our blog

You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.

Software|iOS update available - version 7.0.4 is here

Stefan Tanase
Kaspersky Lab Expert
Posted November 15, 11:09  GMT
Tags: Apple iPhone, Apple, Vulnerabilities
0.3
 

This week, Apple has released a small but very important update to their popular mobile operating system - iOS 7.0.4. According to the details provided, by Apple, the update comes with several bug fixes and improvements, including a fix for an issue that causes FaceTime calls to fail in some cases.

But the latest iOS update also comes with an important security fix for CVE-2013-5193, a vulnerability allowing App and In-App purchases to be completed with insufficient authorization - meaning that the password prompt presented to a signed in user before making an App purchase could have been bypassed and the transaction completed without providing a password.

Why are updates so important?

This software update for iOS, just like many other software updates for any platform, shows once again the importance of updating. Updates donít just fix innocent bugs, they donít just improve the userís experience. They do that, yes, but most of the times updates also fix security vulnerabilities which can be exploited in-the-wild.

How to update your iOS device?

The quickest way to update your iPhone, iPad or iPod touch is to do it directly from the device. Just make sure you have everything backed up before you proceed, that you are connected to a WiFi network and the device has enough power, then just go to Settings õ General õ Software Update. If an update is available, tap Download, then Install.

You can also update your device through iTunes, while itís connected through a cable. For more details and tips, Apple has a complete step-by-step guide available here: http://support.apple.com/kb/HT4623

Comment      Link

News|Spam one step ahead of iPhone 5 release

Maria
Expert
Posted September 12, 09:01  GMT
Tags: Apple iPhone, Apple
0.1
 

Apple fans are eagerly awaiting the arrival of iPhone 5 which is due out today. Each unveiling of an iDevice is accompanied by a global buzz of excitement which usually attracts the attention of spammers: every new iPad or iPhone inevitably becomes the bait in numerous fake lotteries and other fraudulent emails.

However, customers are not only interested in Apple’s devices but also their accessories. This year’s first registered mass mailing dedicated to the new iPhone came from a Chinese company that has decided to fill this niche.

The advertiser, having first apologized for any inconvenience that may be caused by the email, offers users the chance to buy a case for the new iPhone 5 which has not even been officially presented.

Considering the sort of promises that usually appear in spam, one can only wonder why the sender didn’t offer an actual iPhone 5 or, better still, an iPhone 6 (or whatever it’ll be called in 2013? iPhone 5v?).

comments      Link
0
 

In this edition of Lab Matters, Ryan Naraine interviews Kaspersky Lab CTO Nikolay Nikolay Grebennikov about malicious threats on mobile devices. Grebennikov talks about the taxonomy of threats and explains Kaspersky Lab's vision for protecting data on smart phones. The discussion touches on privacy issues, data protection, anti-theft recovery, social engineering, URL filtering and parental control.

comments      Link

Webcasts|Lab Matters: The Dark Side of Jailbreaking iPhones

Ryan Naraine
Kaspersky Lab Expert
Posted December 01, 11:58  GMT
Tags: Apple iPhone, Google Android
0.3
 

Costin Raiu, director of Kaspersky Lab's Global Research and Analysis Team, discusses the security risks involved with jailbreaking Apple's iPhone. In this Q&A with Ryan Naraine, Raiu talks about the Jailbreakme.com vulnerability and exploit and the social engineering techniques used to take advantage of the popularity of jailbreaking utilities. The discussion also touches on Android devices and some of the security ramifications of unregulated smartphone apps.

Comment      Link

Humour|My vacation photos

Costin Raiu
Kaspersky Lab Expert
Posted July 30, 13:19  GMT
Tags: Social Networks, Apple iPhone, Data leaks
0.2
 

Yes, it’s that time of the year again! People from all around the world try to escape the heat and pollution of the big cities and find much more enticing options. Once the vacation is over and we are all back to work, what does everybody do first?

Publish photos, of course!

0.2
 

Just few hours ago Twitter officially announced the launch of their new iPhone application called “Twitter for iPhone”. The news quickly became a trendy topic in Twitter and as it used to be the criminals took advantage of this one more time. The difference this time is that the criminals behind this particular attack didn’t want to use Rogue AV malware but a Worm with dropper functions to deliver Trojan banker malware to the users machine.

This is an example of detected malicious twitts by us:

The initial Trojan is downloaded to the victim machine by a malicious Java archive file. It has several malicious features, for example: spreading through USB devices; it disables Windows task manager, the regedit application and also notifications from Windows Security Center. Also it creates a copy of itself in the system with the name of Live Messenger. The criminals even included an anti-virtualization feature. The worm checks if the hard drive of infected system is virtualized or not. If found to be in a virtual system, the malicious code won’t be executed.

As I mentioned the main goal of this Trojan is to steal on-line bank credentials of the victims!

This malware is very harmful since credit cards and on-line banking credentials are in the game. Please, be really careful specially with trend topics (searches) since in many cases they are being used by criminals.

Kaspersky Anti-Virus detects the threat as Worm.Win32.VBNA.b
Comment      Link