Air-Fi is another path to stealing data from an isolated computer

To keep secret information beyond the reach of attackers, organizations place it on devices that are not connected to a local network, let alone the Internet — so-called air-gapped computers. However safe that may sound, infecting such a machine or a network segment is actually not that difficult (recall the…Read More

Hack the lights: The Italian Job in terms of cybersecurity

Protagonists, or their opponents, taking control of a city’s transportation management system is standard movie fare. The characters’ aim is to create either a traffic jam for pursuers or a getaway route for themselves. Hackers, Live Free or Die Hard and Taxi are a tiny sample of the artistic incarnations…Read More

Protecting virtual desktops

The mass transition of office employees to remote work has sparked the interest of companies in related technologies and security solutions. Many organizations have begun migrating their work processes to Virtual Desktop Infrastructure (VDI) environments. Using VDI enables employees to connect to corporate resources from any device (either remote or…Read More

Windows XP source code leak: Tips for businesses

In late September, news broke that the source code for Windows XP had leaked online. A torrent file for downloading the operating system code was published on an anonymous forum, and it spread webwide quickly. Although Web analytics service StatCounter estimates that fewer than 1% of all computers actually run…Read More

Training by security console

The notable shortage of cybersecurity specialists on the market in recent years has become particularly problematic in 2020. The pandemic, which has led to a widespread shift to remote working, has also highlighted the need to change security strategies at many companies. Even small firms have realized that the skills…Read More

Collaboration tools from a security perspective

For many companies, the mass transition of staff to remote working created a need for new tools. Years of fine-tuning employee interaction mechanisms went down the drain overnight as IT departments scrambled to deploy market-ready collaboration solutions. These solutions aroused no less interest among cybercriminals, who smelled an opportunity to…Read More

MontysThree: Industrial cyberspy

Our experts have found traces of activity of a new cybercriminal group that spies on industrial enterprises. The crooks are carrying out targeted attacks, using a tool that our researchers call MontysThree, looking for documents on victims’ computers. The group appears to have been active since at least as far…Read More

Malware delivery through UEFI bootkit with MosaicRegressor

Recently, our researchers uncovered a sophisticated targeted attack aimed at diplomatic institutions and NGOs in Asia, Europe, and Africa. As far as we can determine, all of the victims were connected to North Korea in one way or another, whether through nonprofit activity or diplomatic ties. The attackers used a…Read More

The Pied Piper of Hamelin and cyberweapons

Contrary to popular opinion, fairy tales and folk legends were not invented as entertainment, but to teach children (and adults) important lessons in an easy-to-understand form. Since time immemorial, storytellers have woven cybersecurity tips into their tales, hoping to make the Internet (which they foresaw) a safer place. For example,…Read More