English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1
Latest posting
By rating
By popularity

Join our blog

You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.

Opinions|Securing your Email space

GReAT
Kaspersky Lab Expert
Posted August 09, 13:46  GMT
Tags: Website Hacks, Identity Theft, Email, Data leaks, Cyber espionage
0.4
 

Yesterday, Lavabit - a secure e-mail provider - announced that it's closing down their operations. The official text and the Website looks like this:

Lavabit was one of the very few secure e-mail service providers bringing security for its paid customers by encrypting all locally stored e-mail messages with an asymmetric key and AES-256. This means that in order to decrypt the messages, an attacker would need to compromise the server first and then to know your password. There was no way even for Lavabit to decrypt emails without a userís password. A detailed description of how the Lavabit technology worked is available here: pastebin.com/rQ1Gvfy0

Few hours later, Silent Circle, another secure e-mail provider, announced shutting down its Silent Mail service too.

In general in order to make an e-mail server secure there are several criteria to match:

  1. Secure encrypted connections between the user and the e-mail server (it must be encrypted with a strong algorithm and to have a validation process to avoid the risk of a man-in-the-middle attack)

Events|Passwords13 (Hot Topic in Hot City)

Marco
Kaspersky Lab Expert
Posted July 31, 02:30  GMT
Tags: Conferences, Data leaks
0.2
 

Before BlackHat and DefCon taking place this week in Las Vegas, another conference attracts security experts: Passwords13. A free to attend conference about Passwords and Authentication from attackers and defenders perspective.



0.2
 

We speak about attacks on online providers that result in the leak of personal usersí passwords. Just recently we saw the leak of 6.46 million Linkedin user passwordss. Right after this we saw a leak of 400 thousand Yahoo Voices passwords. These are not isolated cases; nowadays we see many successful attacks that lead to personal data leaks. One more example of this is the leak of personal information of users of one of the popular Android forums and finally the hack of the NVIDIA developer forum. Itís worth saying that many successful attacks are just not announced and the Internet community doesnít find out about them.

So, how do we deal with cases when our passwords can be leaked? Obviously the end user canít do much to protect his on-line service provider and prevent the leak, but there are some basic tips on how to avoid a big disaster when our passwords are compromised.

1.†† †Use a different password for each different online resource. Never reuse the same password for different services. If you do, all or many of your other online accounts can be compromised.
2.†† †Use complex passwords. This means, in a perfect scenario, a combination of symbols, letters and special characters. The longer the better.
3.†† †Sometimes our online service providers donít let us create really complex passwords, but try to use long passwords, with at least 23 characters in a combination of uppercase and lowercase letters. A password of 23 characters (131 bits) would be ok.

For some users itís hard to remember complex passwords, in which case a good solution would be to use a password manager like Kaspersky Password Manager.

Remember, you canít stop your service provider being hacked, but you can avoid a bigger disaster when all of your accounts get compromised at once just because you used the same password!

Comment      Link

Opinions|Traveling in an interesting time

Dmitry Bestuzhev
Kaspersky Lab Expert
Posted June 25, 05:15  GMT
Tags: Data leaks
0.1
 

When you arrive to a foreign country you may encounter an unexpected situation when the local authorities request your passwords. If you refuse, your entry to the country may be denied. That is a really bad situation. So, what should you do and what shouldn’t you do in order to not to lose your sensitive information and at the same time be granted entry to the country?

  • Have a bulk email with a unique password. This email address must be simple but a real one with no sensitive information stored in it. Please remember that the password you have for it shouldn’t be the same as for any other resource. The same is for the secret question you may have for the password recovery.
  • Don’t bring your main computer on trips! Have a travel one; use it only for when you travel abroad. Since it would be only for travel, you may encrypt only a part of the hard drive of this computer and not the entire disk. It will help you avoid more questions.
  • If you bring USB devices, make sure not to have anything sensitive on them.
  • Work only under your own VPN connections; make sure to use OpenVPN since it works even under very restrictive Firewalls and Proxies.
  • Make sure to use security software capable to detect malware and also network layer attacks.
comments      Link
0.2
 

††† Carolina Dieckmann, a famous Brazilian actress, recently became the victim of cyber attacks that allowed cybercriminals to steal personal property - nude pictures of her- from her computer. Many pictures or maybe all of them got leaked to the Internet. This incident has served as a good incentive for the Brazilian government to have new cybercrime laws in the country (the current law to fight cybercrime in Brazil was approved back in the 40’s of XX century). As a result of this incident, a new cybercrime law that carries a punishment of up to 2 years in prison for such crimes has finally been proposed for consideration. This is a good and right move! A press article in Portuguese can be

Incidents|Public points of data loss

Dmitry Bestuzhev
Kaspersky Lab Expert
Posted May 14, 11:18  GMT
Tags: Data leaks
0.1
 

††† “Forgetting” or “underestimating” are the main reasons for data loss around the world. In an airport lounge during my last trip I came across† some cool tab devices running on Android integrated with an external keyboard available for public use and connected to the Internet.

As in the past I performed a quick check of downloaded files, most visited sites and browser history and found a huge list of sensitive information. Here are some examples:

  • Access via OWA to a corporate email of a Latin American bank.
  • Medical files from Spanish hospitals.
  • Commercial offers with personal banking information of a service provider.
  • Personal traveller information with full names, IDs, frequent flyer number and the destination of the flight.
  • Audit control released by a Latin American government to local companies.
I didn’t check if the browser function “save passwords” was enabled. Just imagine if it was! I also didn’t check the saved cookies. Anyway enough sensitive information was already exposed out there.

Lots of people are not very good at safeguarding their personal information on standard PCs; they are even worse when it comes to tab computers. More often than not, they just don’t know where a file was downloaded on a tab, and they have no idea how to delete it afterwards.

I wonder how much sensitive information is already exposed in this way at airports around the globe! Without any doubt it’s a huge advantage for cybercriminals who know how to use social engineering and a big pain for security officers of the companies who have to train employees. Another important point is when people fly on business – they are usually managers, so any leaked information can compromise not only their personal identity but also a company’s secrets.
comments      Link
0.4
 

Following their major database breach, Zappos leadership is doing the right thing by what seems to be quickly and clearly communicating what data was accessed and what was not - there are no unexplained delays or confusion on their part about the event. It's like another Aurora moment in my book, when Google extraordinarily opened up about their breach while the other 30-odd Aurora-breached major corporations did the opposite, aggressively maintaining NDA's to hide their Aurora incidents and hide their heads in the sand. Zappos reset 24 million customers' passwords and emailed all of them about the problem last night.

Webcasts|Lab Matters - Cloudy with a chance of stolen data

Ryan Naraine
Kaspersky Lab Expert
Posted January 12, 12:08  GMT
Tags: Data leaks, Cloud Computing
0.3
 

Director of Kaspersky Lab's global research and analysis team Costin Raiu appears on Lab Matters to discuss the security ramifications of the growing dependence on cloud computing. The discussions center on the convenience of using consumer cloud services and some of the risks involved with outsourcing security to third-parties.

comments      Link
0.2
 

It's the end of 2011 as we know it, and Microsoft feels fine finishing out the year with a handful of out-of-band holiday patches. This round is important not because the vulnerabilities directly impact massive numbers of customers and their online behavior on Windows laptops, tablets, and workstations, but because ASP.NET maintains vulnerable code enabling easy DoS of hosting websites, authentication bypass techniques, and stealth redirections to other websites (most dangerously those sites hosting phish and hosting client side exploits and spyware). All of this could curdle your eggnog in the coldest of weather.

0.3
 

Several Eastern European banks have started notifying their customers in the beginning of last week that their cards have been blocked and will be replaced with new ones. Most of the banks did not give out any more details about what happened, and in many cases even failed to notify their customers prior to actually blocking their cards. Is it just another day in the payment processing business? Based on the rushed response from banks and the lack of information surrounding the case, I would say no.

It all started one week ago after the state-owned Romanian bank CEC Bank blocked ~17,000 cards in response to a security breach at one of VISA’s European payment processor.

The reaction of other banks followed soon. The Romanian branch of ING Bank also confirmed to have blocked compromised cards, but didn’t put out a number. They say they’ve only blocked a few cards, but are closely monitoring the situation.

A few days later, Serbian banks also started blocking thousands of cards for security reasons. Raiffeisen Bank, Komercijalna and Societe Generale confirm they have been informed by VISA about some of their customer’s cards being compromised. Very similar to what happened in Romania.

Rumors indicate the European branch of an electronic payment services provider, Euronet Worlwide, to be the source of this breach. This information has been going around Romanian business media (1, 2) – and though it hasn’t been confirmed officially, it would explain why customers from different banks in different countries were affected.

It’s very hard to assess the severity of this security breach, as the banks’ reaction to these events was very mixed. Some banks proceeded immediately to blocking and replacing all affected cads, while others decided to monitor the situation more closely.

Currently, it’s very hard to get a full picture of what is going on, but as it usually happens, these are unlikely to be isolated incidents. Actually, these stories could be just the tip of the iceberg. If you have recently received such a notification from your bank, we’d like to hear from you, especially if it’s outside Serbia and Romania.

Meanwhile, make sure to follow these 3 basic steps to make sure you don’t become a victim of credit card fraud:

  1. Check your statements as often as possible. Make sure all payments showing up are actually made by yourself. In case you suspect a fraudulent transaction, get in touch with your bank as soon as possible.
  2. Enable instant SMS notifications if your bank offers it. Some banks offer it for free, others charge for this option. No matter what, it’s worth it. You’ll be able to get instant reports of payments made with your cards.
  3. Make sure you keep most of your money in an account that has no card linked to it. Having to move money from an account to another on a weekly or monthly basis might seem annoying, but it can save you a great deal of pain in case your card gets compromised.

Last, but not least, we know it’s the holiday season and shopping is on everyone’s mind. So if you want to keep your money safe when doing online shopping, this insightful article we’ve put together is for you: Online shopping made safe and convenient.

comments      Link