![]() The vulnerability was discovered by the security researcher Ronald Eikenberg, it resides in the URL scanning module, called Kaspersky URL Advisor, of the antivirus software. Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035 | Japan's JPCERT warns of new 'MalDoc in PDF' attack technique |Īttackers can discover IP address by sending a link over the Skype mobile app |Ĭisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software |Ĭloud and hosting provider Leaseweb took down critical systems after a cyber attack |Ĭrypto investor data exposed by a SIM swapping attack against a Kroll employee |Ĭhina-linked Flax Typhoon APT targets Taiwan | Hackers infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for months |įIN8-linked actor targets Citrix NetScaler systems | ![]() ![]() UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw | National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization |Ībusing Windows Container Isolation Framework to avoid detection by security products |Ĭritical RCE flaw impacts VMware Aria Operations Networks | Paramount Global disclosed a data breach | Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware |Īkira Ransomware gang targets Cisco ASA without Multi-Factor Authentication | Researchers released a free decryptor for the Key Group ransomware |įashion retailer Forever 21 data breach impacted +500,000 individuals | Kaspersky is currently banned on computers used by the US government on claims that it helped Russian spies launch attacks against American targets.UNRAVELING EternalBlue: inside the WannaCry’s enabler | When discovering the classified docs, Kaspersky decided to delete the files, it says, but the “archive was not shared with any third parties.” As per the antivirus policy, infected files were uploaded to Kaspersky for further analysis. Kaspersky says some of NSA’s files ended up on its servers after the antivirus system detected a 7Zip archive infected with the malware. The detection took place on October 4, 2014, the firm says. The security firm says its antivirus detecting the malware when it was re-enabled, adding that the system infection was used to call out to a known command and control server. The malware consisted of a full-blown backdoor which could have allowed other third-parties to access the user’s machine,” Kaspersky says. ![]() The user was infected with this malware for an unspecified period while the Kaspersky Lab product was inactive. “The illegal activation tool contained within the Office ISO was infected with malware. Kaspersky Antivirus, which was indeed installed on the system, was disabled manually by the user in order to activate the pirated copy of Microsoft Office, as illegal key generators are typically blocked by security software. It appears the user downloaded and installed a pirated copy of Microsoft Office 2013 and used a key generator to bypass the activation process. In its report, Kaspersky explains that an internal forensic analysis revealed that an attack aimed at the NSA employee’s computer was indeed successful, but it did not take place in 2015, as the original media outlets indicated, but between September and November 2014.įurthermore, Kaspersky says, the successful cyberattack led to the source code for Equation Group malware being stolen, with the security vendor adding that this could be an indication the computer itself was being used by someone who was part of this particular NSA unit.īut when it comes to software that facilitated the hack, Kaspersky says it wasn’t its antivirus that allowed cybercriminals to breach into system, but pirated Microsoft software. Original reports coming from US-based media indicated that Kaspersky’s antivirus was running on the NSA worker’s home computer, allowing what were believed to be Russian spies to access the machine and steal documents belonging to NSA’s hacking unit called the Equation Group. Kaspersky Labs has published the results of its investigation following claims that its antivirus software was used in an attack aimed at an NSA employee and which led to several classified documents being stolen from the targeted computer. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |