Latest news with #Kaspersky
Biz Bahrain
16 hours ago
- Biz Bahrain
Scan or Scam? Kaspersky experts warn of the risks hidden behind QR codes
In today's digital world, QR codes are placed on almost everything – from yogurt containers and restaurant menus to museum exhibits, and even utility bills and parking lots. People use them to open websites, download apps, collect loyalty program points, make payments and transfer money, and even for charity donations. The accessible and practical technology is convenient for many, including cybercriminals, who have already rolled out a variety of QR-based schemes. Kaspersky experts have identified the top security risks when scanning QR codes: • Phishing and redirection to malicious sites: QR codes can direct users to fraudulent websites designed to steal personal or financial information, such as passwords and credit card numbers. Attackers can impersonate legitimate sites, such as banks or streaming services, and trick users into entering their credentials. • Malware download: Some QR codes can trigger the download of malicious applications that compromise the security of the user's device, especially if it is not protected against unauthorized installation. • Payment fraud: During special events or sales periods like holiday sales, a fake QR code can redirect users to make payments to fraudulent accounts. • Unsafe automatic connections: A QR code can also automatically connect the user to Wi-Fi networks controlled by cyber attackers, allowing them to intercept their communications. 'QR codes are a fertile ground for potential manipulation, especially as they appear in various everyday contexts such as receipts, flyers, and signage. Attackers have nearly endless possibilities to exploit them. As these codes have already become an integral part of our daily lives, it is essential for users to know how to use them safely and responsibly,' says Seifallah Jedidi, Head of Consumer Channel for META at Kaspersky. In order to not fall for a scam when scanning a QR code, Kaspersky experts recommend: • Verify the source: Scan QR codes only from trusted and known sources. Avoid scanning codes in public places that may have been tampered with. • Check the URL: If you really need to scan a publicly available code, verify that the web address it directed you to is legitimate before taking any action on this website. • Don't share personal information: Avoid entering sensitive information if you're not completely sure of the origin of the QR code. • Protect your digital life: Install a cybersecurity solution with anti-phishing and anti-fraud protection, such as Kaspersky Premium, on all your devices; it will alert you to any danger timely.
Biz Bahrain
2 days ago
- Business
- Biz Bahrain
Kaspersky highlights top risks of Quantum Computing
Kaspersky is addressing one of the most debatable technological challenges of the coming decade: the rise of quantum computing and its potential impact on digital security. In this context, experts have identified the main quantum threats that demand immediate action from the cybersecurity community. As classical computers approach their physical limits, their performance growth is slowing — constraining progress in areas that depend on complex computation. At the same time, quantum computers, offering the potential to solve specific problems far faster than classical systems. For now, however, their practical use remains limited to narrow and experimental domains. Nevertheless, experts estimate that we may see a fully fault-tolerant quantum computer within the next decade — a development that could unlock significant advances, but also unleash a new era of cybersecurity threats. Supporting this urgency, Deloitte's 2024 Global Future of Cyber Survey reports that 83% of organizations are already assessing or taking steps to address quantum computing risks, demonstrating growing awareness and proactive strategies in the private sector. To better understand the scope of the evolving threat, Kaspersky has identified three of the most urgent quantum-related risks that demand action from the cybersecurity community: The top three risks Quantum computers could be used to compromise the traditional encryption methods that currently protect data in countless digital systems — posing a direct threat to global cybersecurity infrastructures. Threats include the interception and decoding of sensitive diplomatic, military, and financial communications, as well as the real-time decryption of private negotiations – something quantum systems could handle much faster than classical machines, turning secure conversations into open books. 1. Store now, decrypt later: the key threat of the coming years Threat actors are already harvesting encrypted data today, with the intention of decrypting it in the future once quantum capabilities advance. This 'store now, decrypt later' tactic could expose sensitive information years after it was originally transmitted — including diplomatic exchanges, financial transactions, and private communications. 2. Sabotage in blockchain and cryptocurrency Blockchain networks are not immune to quantum threats. Bitcoin's Elliptic Curve Digital Signature Algorithm (ECDSA), which relies on elliptic curve cryptography (ECC), is especially vulnerable. Potential risks include forging digital signatures, which threatens Bitcoin, Ethereum, and other cryptocurrencies; attacks on ECDSA that secure crypto wallets; and tampering with blockchain transaction history, undermining trust and integrity. 3. Quantum-resistant ransomware: a new front Looking ahead, developers and operators of advanced ransomware may begin adopting post-quantum cryptography to protect their own malicious payloads. So-called 'quantum-resistant' ransomware would be designed to resist decryption by both classical and quantum computers — potentially making recovery without paying a ransom nearly impossible. At present, quantum computing does not offer a way to decrypt files locked by current ransomware. Data protection and recovery still rely on traditional security solutions and collaboration among law enforcement agencies, quantum researchers, and international organizations. Building quantum-safe defenses Quantum computers are not yet a direct threat — but by the time they are, it may be too late to respond. Transitioning to post-quantum cryptography will take years. Preparations must begin today. The cybersecurity community, IT companies, and governments must coordinate to address the risks ahead. Policymakers should develop clear strategies to migrate to post-quantum algorithms. Businesses and researchers need to begin implementing new security standards now. 'The most critical risk lies not really in the future, but in the present: encrypted data with long-term value is already at risk from future decryption. The security decisions we make today will define the resilience of our digital infrastructure for decades. Governments, businesses, and infrastructure providers must begin adapting now, or risk systemic vulnerabilities that cannot be retroactively fixed', states Sergey Lozhkin, Head of Kaspersky Global Research & Analysis Team for META and APAC.
Zawya
2 days ago
- Business
- Zawya
Kaspersky highlights top risks of Quantum Computing
Kaspersky is addressing one of the most debatable technological challenges of the coming decade: the rise of quantum computing and its potential impact on digital security. In this context, experts have identified the main quantum threats that demand immediate action from the cybersecurity community. As classical computers approach their physical limits, their performance growth is slowing — constraining progress in areas that depend on complex computation. At the same time, quantum computers, offering the potential to solve specific problems far faster than classical systems. For now, however, their practical use remains limited to narrow and experimental domains. Nevertheless, experts estimate that we may see a fully fault-tolerant quantum computer within the next decade — a development that could unlock significant advances, but also unleash a new era of cybersecurity threats. Supporting this urgency, Deloitte's 2024 Global Future of Cyber Survey reports that 83% of organizations are already assessing or taking steps to address quantum computing risks, demonstrating growing awareness and proactive strategies in the private sector. To better understand the scope of the evolving threat, Kaspersky has identified three of the most urgent quantum-related risks that demand action from the cybersecurity community: The top three risks Quantum computers could be used to compromise the traditional encryption methods that currently protect data in countless digital systems — posing a direct threat to global cybersecurity infrastructures. Threats include the interception and decoding of sensitive diplomatic, military, and financial communications, as well as the real-time decryption of private negotiations – something quantum systems could handle much faster than classical machines, turning secure conversations into open books. 1. Store now, decrypt later: the key threat of the coming years Threat actors are already harvesting encrypted data today, with the intention of decrypting it in the future once quantum capabilities advance. This ' store now, decrypt later ' tactic could expose sensitive information years after it was originally transmitted — including diplomatic exchanges, financial transactions, and private communications. 2. Sabotage in blockchain and cryptocurrency Blockchain networks are not immune to quantum threats. Bitcoin's Elliptic Curve Digital Signature Algorithm (ECDSA), which relies on elliptic curve cryptography (ECC), is especially vulnerable. Potential risks include forging digital signatures, which threatens Bitcoin, Ethereum, and other cryptocurrencies; attacks on ECDSA that secure crypto wallets; and tampering with blockchain transaction history, undermining trust and integrity. 3. Quantum-resistant ransomware: a new front Looking ahead, developers and operators of advanced ransomware may begin adopting post-quantum cryptography to protect their own malicious payloads. So-called 'quantum-resistant' ransomware would be designed to resist decryption by both classical and quantum computers — potentially making recovery without paying a ransom nearly impossible. At present, quantum computing does not offer a way to decrypt files locked by current ransomware. Data protection and recovery still rely on traditional security solutions and collaboration among law enforcement agencies, quantum researchers, and international organizations. Building quantum-safe defenses Quantum computers are not yet a direct threat — but by the time they are, it may be too late to respond. Transitioning to post-quantum cryptography will take years. Preparations must begin today. The cybersecurity community, IT companies, and governments must coordinate to address the risks ahead. Policymakers should develop clear strategies to migrate to post-quantum algorithms. Businesses and researchers need to begin implementing new security standards now. 'The most critical risk lies not really in the future, but in the present: encrypted data with long-term value is already at risk from future decryption. The security decisions we make today will define the resilience of our digital infrastructure for decades. Governments, businesses, and infrastructure providers must begin adapting now, or risk systemic vulnerabilities that cannot be retroactively fixed', states Sergey Lozhkin, Head of Kaspersky Global Research & Analysis Team for META and APAC. About Kaspersky Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company's comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and over 200,000 corporate clients protect what matters most to them. Learn more at
Zawya
3 days ago
- Zawya
Kaspersky uncovers $500K crypto heist through malicious packages
Kaspersky GReAT (Global Research and Analysis Team) experts have discovered open-source packages that download the Quasar backdoor and a stealer designed to exfiltrate cryptocurrency. The malicious packages are intended for the Cursor AI development environment, which is based on Visual Studio Code — a tool used for AI-assisted coding. The malicious open-source packages are extensions hosted in the Open VSX repository that claim to provide support for the Solidity programming language. However, in practice, they download and execute malicious code on users' devices. During an incident response, a blockchain developer from Russia reached out to Kaspersky after installing one of these fake extensions on his computer, which allowed attackers to steal approximately $500,000 worth of crypto assets. The threat actor behind these packages managed to deceive the developer by making the malicious package rank higher than the legitimate one. The attacker achieved this by artificially inflating the malicious package's downloads count to 54,000. Search results for the query 'solidity': the malicious extension (highlighted in red) and the legitimate one (highlighted in green). After installation, the victim gained no actual functionality from the extension. Instead, malicious ScreenConnect software was installed on the computer, granting threat actors remote access to the infected device. Using this access, they deployed the open-source Quasar backdoor along with a stealer that collects data from browsers, email clients, and crypto wallets. With these tools, the threat actors were able to obtain the developer's wallet seed phrases and subsequently steal cryptocurrency from the accounts. After the malicious extension downloaded by the developer was discovered and removed from the repository, the threat actor republished it and artificially inflated its installation count to a higher number – 2 million, compared to 61,000 for the legitimate package. The extension was removed from the platform following a request from Kaspersky. 'Spotting compromised open-source packages with the naked eye is becoming increasingly difficult. Threat actors are using increasingly creative tactics to deceive potential victims, even developers who have a strong understanding of cybersecurity risks — particularly those working in the blockchain development field. As we expect adversaries to continue targeting developers, it is recommended that even experienced IT professionals deploy dedicated security solutions to safeguard sensitive data and prevent financial losses,' commented Georgy Kucherin, Security Researcher with Kaspersky's Global Research and Analysis Team. The threat actor behind the attack published not only malicious Solidity extensions but also another NPM package, solsafe, which also downloads ScreenConnect. A few months earlier, three additional malicious Visual Studio Code extensions were released — solaibot, among-eth, and blankebesxstnion — all of them have already been removed from the repository. To stay safe, Kaspersky recommends: Use a solution for monitoring the used open-source components in order to detect the threats that might be hidden inside. If you suspect that a threat actor may have gained access to your company's infrastructure, we recommend using the Kaspersky Compromise Assessment service to uncover any past or ongoing attacks. Verify package maintainers: check the credibility of the maintainer or organization behind the package. Look for consistent version history, documentation, and an active issue tracker. Stay informed on emerging threats: subscribe to security bulletins and advisories related to the open-source ecosystem. The earlier you know about a threat, the faster you can respond. More information is available in a report on About Kaspersky Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company's comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and over 200,000 corporate clients protect what matters most to them. Learn more at
Associated Press
5 days ago
- Business
- Associated Press
Kaspersky Partners with SIS International Limited to Expand Distribution in Hong Kong
HONG KONG SAR - Media OutReach Newswire - 11 July 2025 - Global cybersecurity and digital privacy company Kaspersky is pleased to expand its distribution network in Hong Kong by partnering with SiS International Limited. This collaboration reinforces Kaspersky's commitment to providing accessible, cutting-edge cybersecurity solutions to businesses and individuals across the region. This strategic collaboration highlights SIS International Limited's dedication to delivering premium IT solutions and supporting the region's digital transformation. Through SiS International Limited, Kaspersky's industry-leading security products —including endpoint protection, threat intelligence, and advanced threat detection and response —will be more widely available, ensuring enhanced protection against evolving cyber threats. 'As cyber risks continue to grow, partnering with a trusted distributor like SIS International Limited allows us to strengthen our reach and better serve customers in Hong Kong,' Adrian Hia, Managing Director for Asia Pacific. 'This expansion ensures that businesses and individuals have seamless access to the cybersecurity tools they need to safeguard their digital environments.' General Manager of Kaspersky in Greater China Alvin Cheng said, 'We are honored that Kaspersky has signed an agency agreement with SIS International Limited. Currently, with the continuous escalation of cybersecurity challenges, Kaspersky's technologies and products possess significant advantages. By leveraging the resources of SIS International Limited, we are able to provide customized security services to enterprises in various sectors in Hong Kong, China. Through the joint efforts of both parties, we are certain to build a high-quality ecosystem, create more business opportunities, achieve a win-win situation, and drive the development of the industry.' 'We are deeply honored to be appointed as Kaspersky's official distributor in Hong Kong,' said Raymond Au, general manager at SiS International Limited. 'This partnership aligns seamlessly with our mission to provide cutting-edge IT solutions and enhance cybersecurity for our valued clients. We are committed to working closely with Kaspersky to deliver advanced security solutions tailored to the unique needs of the Hong Kong market.' By joining forces with SIS International Limited, Kaspersky is enhancing product availability, customer support, and cybersecurity resilience across Hong Kong. Clients can expect greater convenience and improved service quality, reinforcing the region's defenses against modern cyber threats. This collaboration comes at a pivotal time when cybersecurity is of paramount importance, as businesses and individuals face increasingly sophisticated cyber threats. By joining forces, Kaspersky and SiS International Limited are committed to fostering a secure digital environment and empowering organizations to thrive in the digital era. For more information, please contact: Joe Lam, channel director, Kaspersky Hong Kong Email: [email protected] Website: Hashtag: #Kaspersky The issuer is solely responsible for the content of this announcement. About Kaspersky Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company's comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at About SIS International Limited SiS International Limited is one of the largest distributors of IT solutions across Asian countries. With over 30 years in the distribution business, SiS has managed to build long-term and trusting relationships with vendors and channel partners. As an experienced distributor, SiS International Limited provides a wide variety of products and offers professional technical services. By delivering business solutions to our customers, we assist in successfully proliferating their businesses.
