PC World Philippines » Kaspersky Lab

Kaspersky Lab Performs Best in Dedicated Testing Against Online Banking Threats

Fei — Thu, 17 May 2012 01:42:31 +0000

May 17, 2012

Kaspersky Internet Security 2012 has come out on top among three commercial solutions in dedicated testing by the independent test lab AV-Test.org. The Kaspersky Lab solution was up against products from Symantec and BitDefender and was the clear leader in terms of dynamic and static detection of online banking threats.

Online banking threats are considered to be among the most sophisticated and dangerous features of cybercriminal activity. In the first quarter of 2012 alone, Kaspersky Lab experts detected an average of 7,800 new online banking Trojans per month. This means effective protection against this particular type of malware is especially important.

The March 2012 evaluation by AV-Test.org made use of 70 of the most recent malware samples, all of them boasting functionality capable of accessing users’ online banking accounts or payment systems. The products were tested on physical machines running Windows 7 with Internet access and all protection features enabled.

The three security products were subjected to three different types of tests. Detection level was evaluated in static and dynamic tests. The products were also assessed on the quality of remediation of an infected machine.

In the static testing Kaspersky Lab’s product achieved a 99.3% detection rate. The BitDefender solution came second with 94.6%, while the product from Symantec demonstrated a much lower performance rate, detecting just 38.7% of the online banking samples.

In dynamic testing, which better reflects real user scenarios, Kaspersky Internet Security 2012 was the only product to achieve a 100% detection rate. The result for the second-best vendor was 97.8% and the third achieved 95.6%.

In the most complex remediation tests on an infected system Kaspersky Internet Security 2012 led the field again in terms of the disinfection rate for all active components.

“Online banking threats present the greatest danger, as an infection can result in the very real loss of money from a credit card or bank account. The test methods chosen by AV-Test.org were stringent, as the use of the very latest malware samples testifies,” said Oleg Ishanov, Director of Anti-Malware Research at Kaspersky Lab.

“The results show that among the most advanced security products the Kaspersky Lab solution is the leader when it comes to detecting modern financial malware. Importantly, our product also performed strongly in static, dynamic and remediation tests. For end users it means that in a real-life scenario, Kaspersky will better protect their money from the latest and the most complex threats,” Ishanov added.

A detailed report on AV-Test.org’s online banking test is available at http://www.kaspersky.com/downloads/pdf/av-test_online_banking_report_march_2012.pdf

For further information about the company, please visit http://www.kaspersky.com.

Kaspersky Lab: 10 simple tips for boosting security for Mac users

Fei — Fri, 27 Apr 2012 01:19:29 +0000

April 27, 2012

With the increasing popularity of laptops and desktop computers running Apple’s Mac operating system, Kaspersky Lab, a leading secure content and threat management solutions developer, stressed in a number of ways to ensure that their devices remain secure.

The appearance of the most recent Flashback/Flashfake malware is a testament to the fact that cybercriminals will target any device as long as these would provide them with potential revenue.

Kaspersky Lab security expert Costin Raiu explained that “during the next few months, we are probably going to see more attacks of this kind which focuses on exploiting two main things: outdated software and the user’s lack of awareness.”

“If you follow these steps, keep everything updated and be aware of these attacks, your chances of becoming yet another random victim will be greatly diminished,” Raiu reminded.

1. Create a non-admin account for everyday activities – create a non-admin user where you only log in as administrator when you need to perform administrative tasks. This greatly helps to limit the damage from zero-day threats and drive-by malware attacks.

2. Use a web browser that contains a sandbox and has a solid track record of fixing security issues in a prompt manner — Google Chrome is updated more often than Apple’s built-in Safari browser. Google Chrome also comes with a sandboxed version of Flash Player that puts up a significant roadblock for malicious exploits. It has also a silent, automatic update mechanism that removes the burden of patching security vulnerabilities.

3. Uninstall the standalone Flash Player — Adobe’s Flash Player has been a common target for hackers as it allows them to take complete control over target computers. Removing it will significantly lessen security risks.

4. Solve the Java problem — Java is also a preferred target for exploit writers looking to plant malware on your machine. It is recommended to have it completely uninstalled.

5. Run “Software Update” and patch the machine promptly when updates are available — Many of the recent attacks against Mac OS X took advantage of old or outdated software. Commonly exploited suites include Microsoft Office, Adobe Reader/Acrobat, and Oracle’s Java. It is recommended to update to 2011 as soon as possible. Be sure to apply the fixes and reboot the machine when necessary.

6. Use a password manager to help cope with phishing attacks — Mac comes with a built-in password manager, the “Keychain,” which generates unique and strong passphrases for a device’s resources. Whenever the cyber-criminals manage to compromise one account, they will immediately try the same password everywhere – GMail, Facebook, eBay, PayPal and so on. Hence, having a unique strong password on each resources is a huge boost to your online security.

7. Disable IPv6, AirPort and Bluetooth when not needed — Turn off connectivity services when not in use, or when not required. These include IPv6, AirPort and Bluetooth — three services that can be used as entry points for hacker attacks.

8. Enable full disk encryption (MacOS X 10.7+) or FileVault — In MacOS X Lion, Apple updated their encryption solution (FileVault) and added full disk encryption. Now known as “FileVault 2”, this has the advantage of securing the entire disk instead of just your home folder and can be very useful if your laptop gets stolen.

9. Upgrade Adobe Reader to version “10” or later — Adobe Reader is also a preferred target of cybercriminals. Version 10 includes numerous security enhancements which make it a lot safer than any previous versions.

10. Install a good security solution – It is no longer true that “Macs do not get viruses.” After six years, the situation has changed considerably. The Flashback trojan which appeared in September 2011 caused a huge outbreak in March 2012, which amounted for over half a million infected users worldwide. Thus, a security solution is absolutely required for any Mac user. One can easily download and install a trial of Kaspersky Anti-Virus for Mac.

For further information about the company, visit http://www.kaspersky.com.

Kaspersky finds largest attack on Mac OS by malware Flashback/Flashfake

Fei — Sun, 15 Apr 2012 13:02:18 +0000

April 15, 2012

Kaspersky Lab, a leading secure content and threat management solutions developer, recently analyzed the Flashfake botnet and discovered a massive number of infected computers worldwide, most likely running Mac OS X. The botnet is being distributed via infected websites as a Java applet that pretends to be an update for the Adobe Flash Player.

About 670,000 computers worldwide, 98 percent of them running Mac OS X, were infected by Flashfake. Kaspersky Lab attests that this is the largest Mac-based infection to date, with the largest number of victims targeting developed countries. The United States had the most infected computers (300,917) followed by Canada (94,625), the United Kingdom (47,109) and Australia (41,600).

Infections also found in France (7,891), Italy (6,585), Mexico (5,747), Spain (4,304), Germany (4,021), Japan (3,864) and Philippines is among the countries that contribute the average count of 1- 2,547 said Kaspersky Lab security expert, Igor Soumenkov in his blog.

Security expert Alexander Gostev also stated in his blog that they were able to reverse-engineer the Flashfake malware that enabled them to successfully analyze the communications between infected computers and the command and control (C&C) servers of Flashfake.

“After intercepting one of the domain names used by the Flashback/Flashfake Mac Trojan and setting up a special sinkhole server last Friday, April 6, we managed to gather stats on the scale and geographic distribution of the related botnet. We continued to intercept domain names after setting up the sinkhole server and we are currently still monitoring how big the botnet is. We have recorded a total of 670,000 unique bots. Over the weekend of April 7 to 8, we saw a significant fall in the number of connected bots,” added Gostev.

Kaspersky Lab is also directing users to visit the website www.flashbackcheck.com, specifically made to determine if a computer is infected with the malware using a tool that looks into the device’s universal unique identifier (UUID). It also has instructions on how remove the malware if it is found.

Kaspersky Lab is one of the world’s largest privately-held Internet Security company, providing comprehensive protection against all forms of IT threats such as viruses, spyware, hackers and spam. The company’s products provide in-depth computer defense for more than 300 million systems around the globe, including home and mobile users, small and medium-sized businesses and large enterprises. Kaspersky technology is also incorporated inside the products and services of nearly 100 industry-leading IT, networking, communications and applications solution vendors.

For further information about the company, visit http://www.kaspersky.com.

PH students to represent country in Kaspersky Lab’s student conference in Hong Kong

Fei — Thu, 15 Mar 2012 22:59:14 +0000

March 16, 2012

Two groups from the University of the Philippines (UP) have been selected as finalists in the upcoming international educational event by leading secure content and threat management solutions developer Kaspersky Lab.

Nineteen-year-old Ranyel Bryan Maliwanag and 21-year old Joshua Arvin Lat will represent the Philippines at the Kaspersky Lab International Student Conference Asia Pacific, Middle East and Africa Cup 2012, an annual event that brings together students and young professionals in a collaborative environment to present and discuss issues relating to cybercrime.

The conference will be held from March 14 to 16 at the City University of Hong Kong. Both Maliwanag and Lat are from the UP Department of Computer Science (UP-DCS) Diliman Campus.

Maliwanag and his team, composed of Mariah Strella Indrinal and Marynyriene Silvestre, created an application that uses voice recognition. Their research title is “Vox-Grid: A Mobile Voice Verification System.”

Meanwhile, Lat and his partners Kevin Atienza and Rod Xavier Bondoc wrote a research paper entitled “SOUL System: Secure Online USB Login System.”

This is the first time that the Philippines will be joining the annual conference, with the theme of “IT Security for the Next Generation”. They will be vying for cash prizes ranging from US$750 up to US$1,500.

A total of 52 papers were submitted to this year’s conference, five of which were from the Philippines. In Southeast Asia, only Malaysia and the Philippines made it to the Asia Pacific & MEA Cup 2012.

Kaspersky Lab Asia Pacific Managing Director Harry Cheung is very pleased that students from the Asia Pacific region are becoming more active participants in the company’s goal of involving the young minds in battling cybercrime through this conference.

“I congratulate all the lucky participants to the Asia Pacific and MEA Cup this year! This conference is a very good platform for our young, brilliant minds from the Asia Pacific region to cultivate their knowledge in understanding Internet security and eventually contribute innovative ways to improve cyber security,” Cheung said.

“I hope to see more of them join and really make the cut in the international round,” Cheung said.

All submitted research papers had been evaluated by the education programs committee, which is made up of professors from the United Kingdom, Hong Kong and Australia as well as key members of Kaspersky Lab’s Global Research and Analysis Team (GReAT) Michael Molsner, Head of Research Center in Japan and Stefan Tanase, Senior Security Researcher based in Romania.

At Kaspersky Lab Asia Pacific & MEA Cup 2012, the selected 15 research papers will be evaluated again through presentation and questions of the program committee members. Each student will be allocated 10 minutes presentation and five minutes Q&A by the program committee members.

Selection will be based on scientific and methodological level of work, the social importance of the topic presented, presentation skills & design, ability to answer queries from the panel, as well as practical and innovation value.

Three research papers will be selected in this round which will participate in the 2012 Kaspersky International Cup to be held at Delft Technical University in the Netherlands on May 11-13, 2012.

For further information about the company, visit http://www.kaspersky.com.

Samsung, Kaspersky Lab partnership to benefit corporate Android users in the Philippines

Fei — Wed, 29 Feb 2012 23:00:19 +0000

March 1, 2012

Kaspersky Lab, a leading developer of secure content and threat management solutions, announced a global partnership with Samsung to strengthen security among Samsung’s Android users to strengthen security among Samsung’s Android users to address the need of protection of the growing number of Android users in the Philippines from malicious software and other forms of cybercrime.

Kaspersky recently revealed that it has become a Golden Member of the Samsung Enterprises Alliance Program, a comprehensive program designed to provide differentiated benefits for sales, marketing and solutions development. Under this program, the systems integrator partners as well as the domestic and global independent software vendors such as Kaspersky could create new profit models through Samsung Electronics’ mobile solution business.

The program provides Kaspersky Lab an opportunity to supply Samsung Electronics products with its Kaspersky Mobile Security and Kaspersky Tablet Security. In particular, the application will be made available to private and corporate Android-based Samsung mobile devices.

The Kaspersky Mobile Security and Kaspersky Tablet Security are yet to be launched in the SEA region, but both products are available online.

Under another part of the program, Kaspersky Lab is to provide consumer security software to protect Samsung PCs, notebooks and netbooks running on Windows OS. For corporate products Kaspersky Lab is to supply Kaspersky Endpoint Security, different business models, and a flexible approach to achieve the best security for each corporate customer.

Kaspersky Lab ensures that their solutions for Samsung mobile devices are highest class of security based on advanced protection against privacy violation, device loss or theft, annoying calls and messages, as well as malicious software.

Commenting on the new partnership, Garry Kondakov, Chief Sales and Marketing Officer of Kaspersky Lab, says: “We are very glad to begin the new global partnership with Samsung Electronics and to take our cooperation to a whole new level. Our membership in the Samsung Enterprise Alliance Program will help us further develop our mobile solutions based on Samsung’s vast experience, and also expand the distribution of our solutions through Samsung Electronics’ global network, improving our market positions on a global scale.”

Suk Ling Gun, Corporate Sales Director APAC, Kaspersky Lab, said that the partnership will strengthen the company’s presence in the smartphone and tablet PC market, such as in the Philippines, which continues to be a growth market for such devices.

“Filipinos are becoming more technologically savvy and are purchasing more feature-rich, Internet-enabled phones and devices. Such demand can also be noticed by cybercriminals who continue to target people for their confidential information, especially among corporate users whose information are stored in their smartphones and tablet PCs,” she noted.

Gun also said that having Kaspersky Lab in their devices adds an extra layer of protection against cybercriminals and provides a high level of security for better customer experience.

“Working with Samsung Electronics has opened opportunities for us, especially in educating people on the risks of cybercrime through digital means. The Philippines will be an important market for Android-based devices in the coming years and we see more growth as we work with Samsung Electronics,” Gun said.

About Kaspersky Lab

Kaspersky Lab is the world’s largest privately-held Internet Security company, providing comprehensive protection against all forms of IT threats such as viruses, spyware, hackers and spam. The company’s products provide in-depth computer defense for more than 300 million systems around the globe, including home and mobile users, small and medium-sized businesses and large enterprises. Kaspersky technology is also incorporated inside the products and services of nearly 100 industry-leading IT, networking, communications and applications solution vendors.

For further information about the company, please visit http://www.kaspersky.com.

For more information, visit www.samsung.com.

Kaspersky Lab Whitelisting tests confirmed by independent analyst

Fei — Tue, 24 Jan 2012 22:59:41 +0000

January 25, 2012

The unique whitelisting technology by leading developer of secure content and threat management solutions Kaspersky Lab has passed its first, independent testing by a third party research institution, affirming its capabilities in improving security.

The testing conducted recently by research laboratory West Coast Labs used a new testing methodology in analyzing and assessing the effectiveness of whitelisting technology, an industry first and is expected to become universally adopted.

The successful test of Kaspersky Lab’s whitelisting technology also earned it the West Coast Labs Platinum Product Award after receiving an overall result of 94% for corporate software and 93% for consumer software.

Parameters in the testing process included 1) coverage of clean software (the number of legitimate programs Kaspersky Lab knows about); 2) the completeness of the database (the quantity and quality of data on all files); 3) the speed of a response to an inquiry; 4) the correctness of information supplied from the database; 5) database update speed; 6) data processing speed; and 7) the number of false positives/negatives.

Other functions and services that come as part of the whole whitelisting package were also tested. These include adequacy of the information contained in the database to enable a full-fledged “default deny” regime was also analyzed. “Default deny” scenario is when the software security is preventing any program from being run that is not clearly legitimate or appropriate and is thus allowed. It is more secure form of protection than the more widely-used “default allow” scenario when all programs are allowed apart from known malicious and inappropriate.

Kaspersky Lab’s whitelisting technology utilizes an online community of Kaspersky users who can provide appropriate information regarding the legitimacy of installed software. Kaspersky’s online ecosystem builds the list of all these legitimate applications and spreads them to other users who would know if their installed software is secure.

Whitelisting also minimizes “false positives” where legitimate software are banned because of some strange behavior, such as software updates. The goal is to give legitimate software clean bill of health to lessen the need for them to be scanned thoroughly.

Software that is included in the Whitelist is not required to be regularly scanned by Kaspersky Lab’s security software in each PC. This minimizes the need for the PC itself to utilize resources that would have otherwise been used in operations.

Corporate entities, in particular, would benefit from having a whitelisting technology to minimize system requirements needed to secure their IT infrastructure.

After the results came out, Vladimir Zapolyansky, Head of Independent Software Vendor Relationships at Kaspersky Lab, says that the West Coast Labs’ seal of approval validated the company’s goals of creating the best security software in the market. Kaspersky Lab’s whitelisting technology also creates a new model of protection against ever-increasing threats.

“We are confident in our approach to whitelisting, and were not afraid to have our technology tested, unlike some of our competitors. Now, both existing and potential users of our solutions who may be curious about the true worth of whitelisting and Application Control technologies have access to this detailed analysis of the operation of Kaspersky Lab’s database of legitimate software – analysis that objectively proves its effectiveness,” according to Zapolyansky.

For further information about the company, visit http://www.kaspersky.com

Kaspersky Lab Teams Up with Tag Heuer

Fei — Sun, 04 Dec 2011 23:00:28 +0000

December 5, 2011

Kaspersky Lab has announced a new collaboration with TAG Heuer, the renowned Swiss luxury watchmaker, which, in cooperation with ModeLabs Manufacture, has launched its first luxury touchscreen smartphone TAG Heuer LINK, operating on Android.

For this unique smartphone, Kaspersky Lab has developed TAG Heuer Mobile Security (Powered by Kaspersky). This user-friendly and reliable security software provides complex malware and data protection.

Commenting on the new partnership, Eugene Kaspersky, Chairman and CEO of Kaspersky Lab, said, “We are happy to start our partnership with and to provide protection for users of TAG Heuer smartphones. Kaspersky Lab and TAG Heuer have common core values, such as best-of-breed reliability, cutting edge technology, and constant innovation. TAG Heuer Mobile Security is our first project in the luxury segment, and we are looking forward to further develop our partnership with TAG Heuer.”

The new TAG Heuer LINK phone is the ultimate communication tool. Swiss-engineered, French-built, and equipped with upgradeable Google Android software, it combines elegance, reliability and unparalleled access and connectivity. Luxuriously crafted and detailed, the TAG Heuer LINK incorporates the most prestigious materials and advanced components in the watchmaking and automotive worlds, including black PVD, diamonds and rose gold. The mirror-polished and fine-brushed stainless steel is premium grade surgical 316L, corrosion-resistant and hypoallergenic.

TAG Heuer Mobile Security (Powered by Kaspersky) provides top grade protection from network attacks, malware targeting mobile platforms, and SMS spam. On top of that, it allows users to locate a lost or stolen smartphone using the GPS Find function, store all digital assets in encrypted folders, and remotely block or wipe the smartphone if it is lost or stolen. With Kaspersky Lab’s Mobile Security, the owner of a LINK smartphone is able to efficiently manage private contacts, filter out annoying calls and texts by assigning contacts to black lists and white lists, restrict children’s calls and texts, and monitor the phone’s whereabouts using GPS Find.

For further information, visit http://www.kaspersky.com.

Kaspersky Lab sets sights on software security growth in Philippines’ enterprise sector

Fei — Sun, 04 Dec 2011 22:59:11 +0000

December 5, 2011

The enterprise sector in the Philippines has been seeing an alarming number of malicious attacks in their networks. However, many do not report this due to fears or repercussions from business partners and customers that they are not entirely secure against hackers and creators of malware.

Statistics on malicious attacks in the Philippines are hard to come by, largely because many victims do not report these attacks to authorities. Even more alarming is that some victims do not know that they are already being attacked, with their valuable company information being passed on undetected to cybercriminals.

Concerns of cybercrime in the Philippines
Suk Ling Gun, Corporate Sales Director for Kaspersky Lab Asia says that any country in Asia that has a population of Internet users will always be targets for cybercriminals. The Philippines is no exception and Filipino companies are always under threat of having their most important data stolen.

Citing their previous reports, Gun says there is at least one malicious program appearing every 1.2 seconds compared to just five malicious programs every 2 minutes. Citing another Kaspersky Lab survey, she says 96% of companies were faced by external cyber threats, 45% of companies reported a growth in the number of threats. Of this survey, 46% of companies have lost critical data due to these attacks.

“These problems are real and they could get worse especially when businesses expand their operations. They become more enticing targets to hackers,” says Gun.

A report by the Philippine National Police-Anti-Transnational and Cyber Crime Division (PNP-ATCCD) showed an alarming number of cyberattacks on individuals, corporations and even government offices. These attacks vary from simple website defacement, to fraud using Facebook and Twitter, identity theft of credit cards, and even harassment through email or mobile phones.

According to PNP-ATCCD Police Inspector Felizardo Eubra, Jr., there were 109 cases of various forms of digital attacks as of the end of November 2011, up from just 72 in 2010. He stresses that these numbers are only the ones that have been reported either because the victims fail to do so or are not even aware that they are being victimized.

“There are still that go unreported. This is just the tip of the iceberg. No one is safe from these types of attacks, more so if you’re a company because attackers will target those that they see as more lucrative especially because of the information they keep,” according to Eubra.

With the scope of security problems, the company is bringing its Kaspersky Endpoint Security version 8.0 in the Philippines, the first time that Kaspersky Lab is bringing this particular enterprise level product and service to the country.

Kaspersky Lab Senior Product Marketing Manager Peter Beardmore highlights the key components of Kaspersky Endpoint Security 8. He points to Kaspersky’s exclusive Four-Point Approach that can classify, control, enforce and inspect applications that are running on a corporate network. This ensures that all activities in different applications remain safe.

Among its notable features are its Application Activity Monitor that classifies software as trusted, low restriction, high restriction and un-trusted. Application Startup Control sets the policies on allowing application to run during startup. Application Privilege Control enforces rules on specific functions of applications installed in the network, which ensures that certain software cannot be exploited by infection of malware.

Kaspersky Endpoint Security 8 also has Vulnerability Monitoring that checks for applications for potential exploits and alert the IT manager of potential threats. It also has a deep, granular Device Control that expands the protection of IT infrastructure from outside threats launched through USB drives and other attached devices.

Finally, the Kaspersky Endpoint Security 8 also has an effective Web Control function wherein certain websites can be restricted from being accessed during certain periods or even permanently. This allows the company to lessen the consumption of bandwidth in their corporate network. It also uses the cloud-based Kaspersky Security Network that provides 24/7 protection through monitoring and reporting of security concerns by a global network of monitoring facilities.

For further information, visit http://www.kaspersky.com.

Kaspersky Lab’s New Endpoint Protection Solution Makes Businesses Ready for the Next Cyber Threat

Fei — Tue, 22 Nov 2011 13:58:43 +0000

November 22, 2011

Kaspersky Lab, a leading developer of secure content and threat management solutions, announces today the release of Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center. The new endpoint protection solution and comprehensive management console are designed to keep businesses ahead of emerging threats with intelligent security solutions from the leading anti-malware experts at Kaspersky Lab. “With this new release we deliver a comprehensive Endpoint Protection Platform that consists of seamlessly integrated security modules. We have merged real-time, cloud-assisted protection with intelligent proactive endpoint protection, and have created a compelling security center that will help companies of all sizes protect themselves against emerging IT threats, including targeted attacks, and thus improve their productivity,” said Suk Ling Gun, corporate sales director for Asia Pacific of Kaspersky Lab. Deep anti-malware protection, based on Kaspersky Lab’s strong expertise and balanced global footprint, is supplemented with a broad set of IT security features, including Application Control, Web Filtering, and Device Control. Kaspersky Endpoint Security 8 for Windows integrates with a cloud-based security intelligence system, which provides real-time updates for new and unknown threats and support for application whitelisting. The efficiency of Kaspersky Endpoint Security 8 for Windows has been proven in the first independent testing, conducted by AV-Test.org, the reputable German independent research center. A total of seven corporate security solutions from different vendors were evaluated in the testing, and Kaspersky Endpoint Security 8 for Windows was awarded the highest number of points. Specifically, Kaspersky Lab’s corporate solution successfully detected 100% of widespread malware samples, blocked all zero-day malware attacks, and returned the best result in the detection and removal of active malware from an infected machine. Detailed results of Kaspersky Endpoint Security 8 for Windows in the independent testing can be found at AV-Test.org. Kaspersky Endpoint Security 8 for Windows is managed by a newly designed Kaspersky Security Center, which succeeds the Kaspersky Administration Kit. This new management console presents many new features for comprehensive control and manageability, supports physical as well as virtual environments, and is scalable to fit the needs growing businesses.

According to a recent Kaspersky Lab survey, in the past 12 months at least one IT Security incident was experienced by 91% of the companies surveyed. Almost a third of company representatives questioned admitted that they had incurred sensitive data loss as a result of malware infection. Though malware attacks are the most common type of business security threat, only 70% of the companies surveyed have fully implemented anti-malware protection; 3% have no anti-malware protection at all. The list of the most immediate current threats also includes potentially dangerous software vulnerabilities, network attacks (including targeted and DDos attacks), phishing, and spam. Large companies in developing markets are those most frequently targeted by cyber criminals. Besides protection from malware, most companies also actively use client firewalls as well as tools for vulnerability checks and updating software. But for protection of corporate infrastructure to be fully effective a security policy covering all endpoint devices needs to be enforced too. Control over programs used, network activity, and external devices can reduce the risk of unauthorized access to sensitive data and thus prevent possible financial losses.
The new versions of Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center provide intelligent protection by seamlessly harnessing new and improved features.

Kaspersky Lab warns of new Stuxnet-like malware called “Duqu”

Fei — Mon, 14 Nov 2011 22:59:00 +0000

November 15, 2011

Kaspersky Lab, a leading developer of secure content and threat management solutions, has released a warning of a new malicious program with similarities to the Stuxnet worm, which attacks computers that control industrial equipment, specifically those that are used for nuclear power plants.

Kaspersky Lab engineers identified the new worm as “Duqu,” first detected in September 2011 after a user from Hungary uploaded components of Duqu in a malware-analyzing website. Kaspersky Lab engineers then found other components being uploaded, which allowed them to compare the new worm to Stuxnet.

Though there are some overall similarities between the two worms Duqu and Stuxnet, there are also significant differences.

Shortly after several variants of Duqu had been found, the Kaspersky Lab experts started to track in real time infection attempts by the worm among users of the cloud-based Kaspersky Security Network (KSN). What was surprising was that during the first 24 hours, only one system had been infected by the worm.

Stuxnet, on the other hand, infected tens of thousands of systems all around the world; it is assumed that it had, however, a single ultimate target – industrial control systems used in Iran’s nuclear programs. The ultimate target of Duqu remains alarmingly unknown.

Analysis made by Kaspersky Lab experts showed that Duqu apparently possesses the malicious functionality of gathering information about the infected machine and also tracks key strokes made on its keyboard.

Alexander Gostev, chief security expert at Kaspersky Lab notes that despite the similarities to Stuxnet, they are still unable to find out Duqu’s real target. While Stuxnet targeted thousands of PCs that could control industrial equipment, Duqu only attacked one so far.

“We’ve not found any instances of infections of computers of our clients with the Trojan-Spy module of Duqu. This means that Duqu may be aimed at a small quantity of specific targets, and different modules may be used to target each of them,” Gostev said.

Gostev said that Kaspersky Lab is aiming to solve is the initial method of penetration of Duqu into a system.

“One of the yet-to-be-solved mysteries of Duqu is its initial method of penetration into a system: the installer or “dropper” needed for this has not yet been found. The hunt for this module of Duqu continues, and it is specifically this module that will help us in finding the ultimate target of this malicious program,”he said.

Stuxnet was among the most infamous malware found so far as it was claimed to target specific industrial equipment that operated nuclear power plants, particularly those in Iran. It was considered a major weapon for cyber warfare.

For further information about the company, visit http://www.kaspersky.com