Business

It’s been a day since the BashBug aka Shellshock bug was disclosed. What real damage has been inflicted and who is most in danger?

A new nasty bug discovered in Bourne again shell set the infosec on fire, Heartbleed-style. Is it as dangerous as the notorious OpenSSL flaw? It depends…

Critical infrastructure operators are often reluctant to deploy full-scale anti-malware protection. They are worried about compatibility, performance, compliance, and the most important thing: possible downtime. But our research shows that malware is the true enemy.

Brian Donohue interviews Adam Firestone, President and General Manager of Kaspersky Government Security Solutions, about why critical infrastructure systems are insecure, and why added on security does not work.

iOS-based devices have a large share in the enterprise, which assures a strong demand for BYOD-oriented security features. A number of them arrive in iOS 8.

This post is comprised of two topics: a Trojan Opfake.a, which made a lot of buzz earlier this months and analyzing mobile malware at home. The latter is quite possible, but requires protective measures.

Cyber-resilience is the ability to sustain damage, but ultimately succeed. In order to be resilient, businesses need to have a plan. One organization is dealing with attacks today that another will deal with tomorrow. There are ways businesses can help each other become cyber-resilient.

The healthcare and financial services industries are among those especially reluctant to implement newer technologies, security included, and believe they have a good reason for that.

It’s been years since we’ve last heard of any large worm epidemics. Does it really mean that malware epidemics have gone away for good?

Kaspersky Lab’s recent survey surprisingly found that e-commerce, online retailers and financial service providers are not just the biggest sources of stolen financial data, but also feel just a bit too lax about security. However, this has some severe implications.

Having your business bank account hijacked by cybercriminals could bankrupt your company, but that type of breach isn’t really what law enforcement cares about. They are concerned with only one thing: how well you protect certain information.

A curious story about a cyber-investigation of fraudulent activities, which our GERT group had recently conducted on behalf of one of the company’s clients. The attackers were quite thoughtful, but not good enough.

A large number of logins and passwords to accounts in several free email services – Mail.ru, Yandex and Gmail.com – had been leaked. Once again, passwords prove to provide insufficient protection. What does it mean for businesses?

The biggest concern about Apple Pay is that one’s iCloud account now controls not only private photos, app data, and messages, but also money. You lose your password – you lose everything and as the celebrity hack showed us, there is no need to hack Apple’s servers. Social engineering, phishing, trojans – all cybercriminal tools will now be targeted at people’s electronic wallets.

There have long been rumors in the InfoSec community that in the wake of recent revelations, foreign institutions embraced old-school means of keeping their secrets safe. Namely, once again embracing the typewriter. This is actually like betting on horse carriages at the dawn of the auto industry – sort of denying the future.

IT staff of various companies complain that employees are slow to report losing their mobile devices. Thanks to BYOD, the responsibility for those devices now appears to be shared.

It is widely known in cybersecurity that the door to a data breach is often opened by employees. In what percentage of breaches is an employee directly at fault?

A while ago we “celebrated” 10 years since the first smartphone malware emerged. While we made the first Symbian antivirus in 2004, it doesn’t mean that we had no mobile security products before that. It was hard to unearth and boot an antique handheld from early 2000s, and even harder to find, install and launch our old software. Yes, it’s long obsolete, but there’s a reason for all these efforts. Read about it in our new blog post.

Small businesses are unwilling to invest in security solutions – often because they don’t think there are any – designed specifically for their needs. But such solutions do exist.

Kaspersky Endpoint Security proved to be an undisputed champion in Dennis Technology Labs’ testing in Q2, 2014.

Kaspersky Lab launches Beta Testing of a new version of its enterprise security solution. Service Pack 1 for Kaspersky Endpoint Security 10 for Windows (the software for endpoints) and Kaspersky