Pull to refresh
3.19

Antivirus protection *

Protecting computer systems from malware

Show first
Rating limit
Level of difficulty

Top 10 incident response mistakes

Reading time 9 min
Views 1.1K

Imagine someone withdrew money from a company's account at night. The next morning panic breaks out, leading to yet more problems. The IT department can reinstall a compromised system from scratch or restore it from backup. Reinstalling from scratch will wipe out all traces left by the attackers, and external investigators will have to search for clues in other systems. Restoring from backup carries the risk of accidentally reinstating a compromised image. In this paper, we will describe common mistakes that experts make when responding to security incidents.

Read more
Rating 0
Comments 0

Kaspersky Removed an Important File, What To Do?

Reading time 11 min
Views 4.7K
Read this article to find out what to do if an antivirus removed important files and how to recover them. What is a quarantine and how to configure exclusions for an antivirus? Learn more about causes of data loss and available effective methods to restore missing user files.

image
Total votes 4: ↑0 and ↓4 -4
Comments 0

The hunt for vulnerability: executing arbitrary code on NVIDIA GeForce NOW virtual machines

Reading time 5 min
Views 6.6K

Introduction


Against the backdrop of the coronavirus pandemic, the demand for cloud gaming services has noticeably increased. These services provide computing power to launch video games and stream gameplay to user devices in real-time. The most obvious advantage of this gaming type is that gamers do not need to have high-end hardware. An inexpensive computer is enough to run the client, spending time in self-isolation while the remote server carries out all calculations.

NVIDIA GeForce NOW is one of these cloud-based game streaming services. According to Google Trends, worldwide search queries for GeForce NOW peaked in February 2020. This correlates with the beginning of quarantine restrictions in many Asian, European, and North and South American countries, as well as other world regions. At the same time in Russia, where the self-isolation regime began in March, we see a similar picture with a corresponding delay.

Given the high interest in GeForce NOW, we decided to explore this service from an information security standpoint.
Read more →
Total votes 6: ↑6 and ↓0 +6
Comments 0

EvilParcel vulnerabilities analysis

Reading time 8 min
Views 6.2K

Introduction


In mid-April, we published news about the Android.InfectionAds.1 trojan, which exploited several critical vulnerabilities in Android. One of them, CVE-2017-13156 (also known as Janus), allows malware to infect APK files without damaging the digital signature. The other one is CVE-2017-13315. It gives the trojan extended privileges, so that it can install and uninstall applications independently from user. A detailed analysis of Android.InfectionAds.1 is available in our virus library; while we’re here we will touch upon the CVE-2017-13315 vulnerability and see what it does.
Read more →
Total votes 3: ↑3 and ↓0 +3
Comments 0

How to prevent targeted cyber attacks? 10 best network sandboxes

Reading time 10 min
Views 3K


Targeted attacks are the most dangerous among the multitude of modern cyber threats. They are also known as ATP (an abbreviation which stands for Advanced Persistent Threat). Those are not viruses that can accidentally get into the computer due to user's carelessness. Neither it is an attempt to replace the address of a popular site in order to cheat billing information from credulous users. Targeted cyber attacks are prepared and thought out carefully and pose a particular threat.
Read more →
Total votes 17: ↑17 and ↓0 +17
Comments 0

Authors' contribution