Kaspersky has uncovered a previously unknown IIS module (a piece of software aimed at providing additional features to Microsoft web servers) they have since dubbed Owowa that steals credentials entered by a user when logging into Outlook Web Access (OWA); it also allows the attackers to gain remote control access to the underlying server. Compiled sometime between late 2020 and April 2021, this module is a stealthy theft method that is difficult to detect with network monitoring. It’s also resistant to software updates from Exchange, meaning it can stay hidden on a device for a long time.
Incident response (IR) is when companies call in a team in the aftermath of a breach to limit the damage and prevent an attack from spreading. At Kaspersky, IR is handled by the Global Response Emergency Team (GERT) and is reserved for mid-size to large organizations. From January to November 2021, nearly every second security incident handled by GERT was connected to ransomware (nearly 50% of all IR requests)—an increase of nearly 12 percentage points when compared to 2020. This is among the most important findings from Kaspersky’s Story of the Year: Ransomware in the Headlines. Part of Kaspersky’s annual Security Bulletin series, which examines critical security trends over the past year, 2021’s Story of the Year takes an in-depth look at the current ransomware landscape and what to expect in 2022.
When compared to Q3 2020, the total number of Distributed Denial of Service (DDoS) attacks increased by nearly 24%, while the total number of smart attacks (advanced DDoS attacks that are often targeted) increased by 31% when compared to the same period last year. Some of the most notable targets were tools to fight the pandemic, government organizations, game developers, and well-known cybersecurity publications.
Kaspersky researchers have discovered an advanced Trojan, dubbed the BloodyStealer, sold on darknet forums and used to steal gamers’ accounts on popular gaming platforms such as Steam, Epic Games Store, and EA Origin. With features to avoid analysis and detection, a low subscription price, and some interesting capabilities, BloodyStealer is a prime example of the type of threat online gamers face. This, alongside an overview of the game-related products stolen and sold on the darknet, can be found in Kaspersky’s latest report on game-related data threats.
The number of users attacked with QakBot – a powerful banking Trojan, in the first seven months of 2021 grew by 65% in comparison to the same period in 2020 and reached 17,316 users worldwide, demonstrating that this threat is increasingly affecting internet users.
Kaspersky has achieved ‘Champion’ status, for the second consecutive year, in the 2021 Cybersecurity Leadership Matrix by Canalys, a renowned global technology market analyst firm with a distinct channel focus.
No More Ransom – the initiative started in 2016 by law enforcement and IT security companies to help victims of ransomware restore their files – turns five today. The anniversary is marked by more than 900 million US dollars of illegal profit prevented, and more than 6 million people downloading free decryption tools.