Denis Makrushin

IoC

10/07/18 |Research # , , , , , ,

Ошибки “умной” медицины

Ошибки "умной" медицины

Как показали многочисленные исследования, “умные” дома, “умные” автомобили и “умные” города, не только приносят несомненную пользу человеку в быту, но и зачастую создают угрозу его безопасности. Речь не только об утечке персональных данных – достаточно представить, что в какой-то момент “умный” холодильник под воздействием третьей силы начнет воспринимать просроченные продукты как свежие. Или вот еще один, более печальный сценарий: на высокой скорости система “умного” автомобиля неожиданно для хозяина поворачивает руль вправо… Continue reading

0 likes no responses
05/07/18 |Research # , , , , ,

The Mistakes of Smart Medicine

As numerous studies have shown, smart houses, smart cars, and smart cities are undeniably beneficial to people in everyday life, but quite often can become a threat to their safety. It is not only a matter of personal data leakage. Just imagine that, for example, a smart refrigerator, affected by a third party at one point or another, would begin identifying expired products as fresh. There is yet another more dismal scenario: the system of a smart car turns the vehicle to the right at high speed, catching the driver unaware… Continue reading

0 likes no responses
23/04/18 |Research # , , , ,

Honeypots and the Internet of Things

According to Gartner, there are currently over 6 billion IoT devices on the planet. Such a huge number of potentially vulnerable gadgets could not possibly go unnoticed by cybercriminals. As of May 2017, Kaspersky Lab’s collections included several thousand different malware samples for IoT devices, about half of which were detected in 2017.

The article is prepared jointly Vladimir KuskovMikhail KuzinYaroslav ShmelevIgor Grachev especially for Securelist.com

Continue reading

0 likes no responses
19/04/18 |Research # , , , ,

Ловушки «интернета вещей»: Анализ данных, собранных на IoT-ловушках

Материал подготовлен совместно с  специально для Securelist.ru

По данным Gartner в мире сейчас насчитывается более 6 миллиардов «умных» устройств. Такое количество потенциально уязвимых гаджетов не осталось незамеченным злоумышленниками: по данным на май 2017 года в коллекции «Лаборатории Касперского» находилось несколько тысяч различных образцов вредоносного ПО для «умных» устройств, причем около половины из них были добавлены в 2017 году.  Continue reading

0 likes no responses
09/01/17 |Research # , , , ,

Is Mirai Really as Black as It’s Being Painted?

Is Mirai Really as Black as It's Being Painted?

The Mirai botnet, which is made up of IoT devices and which was involved in DDoS attacks whose scale broke all possible records, causing denial of service across an entire region, has been extensively covered by the mass media. Given that the botnet’s source code has been made publicly available and that the Internet of Things trend is on the rise, no decline in IoT botnet activity should be expected in the near future.

Continue reading

0 likes no responses
09/11/16 |Blog # , , , , ,

IT threat evolution Q3 2016. Statistics

0 likes no responses
05/09/16 |Blog # , , ,

Talent Lab and Indicators of Compromise

The data obtained by Honeypot sensors requires manual analysis and interpretation, and in most cases cannot be used in automated tools to identify the threat in other segments of the network. It is necessary to create and demonstrate a set of data that can be used as indicators of compromise (IoC) and which is received in an automated mode. The use of this data by other automated tools should not lead to false positives.
Continue reading

0 likes no responses
28/08/15 |Research # , , ,

Показатели компрометации как средство снижения рисков

Показатели компрометации как средство снижения рисков

Владельцам IT-инфраструктур необходимо регулярно проверять свои ресурсы на наличие вредоносных компонентов. Заражение может произойти, например, в результате эксплуатации злоумышленниками уязвимостей «нулевого дня». В таких случаях о новой угрозе еще могут не знать разработчики средств защиты, установленных в информационной системе. В то же время эксперты уже могут вести расследования связанных с новой угрозой инцидентов. Более того, могут быть опубликованы некоторые результаты этих расследований. Continue reading

0 likes no responses
20/08/15 |Research # , , , ,

Indicators of compromise as a way to reduce risk

Indicators of compromise as a way to reduce risk

Infrastructure owners must regularly check their resources for the presence of malicious components. One of the ways in which a resource may become infected is as a result of “zero-day” vulnerability exploitation by cybercriminals. In this case, the developers of security tools used to protect the information system may be as yet unaware of the new threat. At the same time, experts may be investigating incidents related to the new threat. Moreover, some findings of these investigations may already be publicly available. Continue reading

0 likes no responses
Twitter

New friends, new vibes: 6 Cybersecurity Conferences you’ve never been to.
@nullcon @HackerHalted @vangelis_at_POC @TheSAS2018 @GeekPwn @NOPcon https://t.co/SVFF9e0eRE

More than 120.000 vulnerable IoT-devices (DVR/NVR/CCTV-cameras) are available online #CVE20186214 #CVE20186215 #CVE20186216

Nice read from @difezza - The mistakes of smart #medicine https://t.co/QDn7pt6yXb #IoT

Vulnerabilities in firmware of major Chinese DVR/NVR vendor:
#CVE20186214 (web-backdoor)
#CVE20186215 (unauth web-access to video stream)
#CVE20186216 (telnet-backdoor)
Not sure about public report, cause vendor has no roadmap to fix it, and tons of white-label devices use it.

First time in London and first time with the talk at @Infosecurity: https://t.co/p1HRemc1Vp

Recent Comments
- Sergey to Погружение в даркнет: Снифаем выходную ноду Tor и анализируем получившийся контент
лучше заходиииииииить через тор онлайн http://torproject.online/,...
- Denis Makrushin to The problems of heterogeneous means of protection
Of course!...
- K. Olbert to The problems of heterogeneous means of protection
Insightful diagram, Denis. Would you mind if I use it in a presentation, with credit, of course?...