You can never have too many awards. Especially Euro-awards!

Hi folks – from Austria!…

But I wasn’t here to just look out of windows at the dreary Euro-weather. I was here on business – lots of it; first and foremost – to personally receive this! ->

…For, when your company is awarded none other than “Product of the Year”, by none other than AV-Comparatives, not getting yourself down to Tirol to receive it in person is simply out of the question!…

Read on…

Simply the best! (As if you needed confirmation.)

Ladies and gents, girls and boys!

Here’s something that needs celebrating (to brighten up these dull and dreary wintry days). The independent testing lab AV-Comparatives has released its Summary Report 2023 in which it “highlights the high-scoring [consumer anti-virus] products” it tested throughout last year. A total of 16 security solutions were rigorously put through their paces in several different tests – including of their ability to protect against malware and advanced threats, of performance (low-system impact), absence of false alarms, and so on and so forth. And out of all 16 there was only one winner – the only product that secured top marks in all 16 of the tests. Can you guess who?! Ok, it’s hardly a toughie since it’s me who’s telling you, but… yes: it was our Kaspersky Standard – named Product of the Year 2023! Hurray!

Ooh – that’ll go nicely in our shiny awards cabinet here at HQ. Oh – wait: is there any room left?!

What’s especially satisfying is that the testers heaped praise not only on the product’s technical capabilities, but also its interface. So it wasn’t for nothing we added plenty more top-notch functionality while seriously overhauling how it all looks. Nice.

Btw – for more than two decades already we’ve been constantly under AV-Comparatives’ microscope – unlike some of our competitors who only select the tests they’d do well in. Which brings me on to another win for us: we’ve garnered the most awards from AV-Comparatives out of all tested vendors across various categories – totaling a full 57 awards (two of which were for low impact on system performance)!

But wait. There’s yet more good news!…

Read on…

Flickr photostream

  • KLHQ
  • KLHQ
  • KLHQ
  • KLHQ

Instagram photostream

A Matter of Triangulation.

Hi all,

I’ve some big news about a cyber-incident we’ve uncovered…

Our experts have discovered an extremely complex, professional targeted cyberattack that uses Apple’s mobile devices. The purpose of the attack is the inconspicuous placing of spyware into the iPhones of employees of at least our company – both middle and top management.

The attack is carried out using an invisible iMessage with a malicious attachment, which, using a number of vulnerabilities in the iOS operating system, is executed on a device and installs spyware. The deployment of the spyware is completely hidden and requires no action from the user. The spyware they quietly transmits private information to remote servers: microphone recordings, photos from instant messengers, geolocation, and data about a number of other activities of the owner of the infected device.

Despite the attack being carried out as discreetly as possible, the infection was detected by the Kaspersky Unified Monitoring and Analysis Platform (KUMA) – a native SIEM solution for security information and event management; the system detected an anomaly in our network coming from Apple devices. Further investigation by our team showed that several dozen iPhones of senior employees were infected with new, extremely technologically sophisticated spyware we’ve dubbed “Triangulation”.

Read on…

Enter your email address to subscribe to this blog

Here’s how we should approach artificial intelligence.

I’m a bit tired by now of all the AI news, but I guess I’ll have to put up with it a bit longer, for it’s sure to continue to be talked about non-stop for at least another year or two. Not that AI will then stop developing, of course; it’s just that journalists, bloggers, TikTokers, Tweeters and other talking heads out there will eventually tire of the topic. But for now their zeal is fueled not only by the tech giants, but governments as well: the UK’s planning on introducing three-way AI regulation; China’s put draft AI legislation up for a public debate; the U.S. is calling for “algorithmic accountability“; the EU is discussing but not yet passing draft laws on AI, and so on and so forth. Lots of plans for the future, but, to date, the creation and use of AI systems haven’t been limited in any way whatsoever; however, it looks like that’s going to change soon.

Plainly a debatable matter is, of course, the following: do we need government regulation of AI at all? If we do — why, and what should it look like?

Read on…

There’s the famous inflation-indicating “basket of goods”. Much better – the “K basket of goods”! Another annual review…

There’s no stopping – not even a slowing down of – the passing of time, no matter how much we might want it. So we don’t waste… time, energy and nerves on fighting the inevitable. But what do we do instead? Well, I reckon that if you pump the time you have on the planet with meaningful and useful goals, events, achievements, excitement, and assorted other positive, busy “content” (though I do so dislike that term:), then said time we have will leave two-dimensional linearity and inevitability and blossom into a multi-dimensional world of energy and vigor to give life meaning. Yep – you know me: always positive – no matter what )…

Routine screws up memories, while the passing of time steadily nullifies the memory cells that store those memories. Life imperceptibly turns into an expressionless mass of vague sensations, and after renewing your passport two or three times – there can be emptiness. Note – “can” be. But life is what you make it: you can instead live as “correctly” as possible. And for me, included in my list of living maximally “correct” come my annual reviews! To stop, duck out of the routine, think, remember, write, think again, and be amazed. And out of the fog of the passing year an outline of experiences, events and achievements becomes distinguishable. Then, emboldened by pride, I find myself fully ready for new endeavors in the New Year.

In the oh-so tricky year of 2022, the chances of losing oneself all the more in the fog were through the roof: geopolitics gets in the way of all that’s good. But at the same time this makes summarizing the results of last year all the more a correct and necessary endeavor. So this time I’ve split up my reviews to make sure we don’t miss vital detail: I’ve already shared my mostly-personal annual review, and also my patent review.

What remains is the concluding third part – which is what I’ll be giving you today in this here post: about our product-and-tech achievements – our “bread and butter” that makes up our whole raison d’être: protecting the world from cyber-evil. And there were plenty such achievements – a lot more than might be expected given the difficult circumstances throughout the year… All righty – enough “intro”; let’s get to it (after all, it’s February already, like – tomorrow!!)…

// Btw – that’s the cover of our Midori Kuma 2023 calendar – simply to brighten up this here text ). As per, it can be downloaded – here.

Ok – sit  down. Better – fasten your seatbelt too! For this number is a shocker – in the good sense: last year we launched more than 750 releases! No, no typo there folks. Really: seven hundred fifty releases! By that I mean new products, updates, patches, and assorted other localizations/customizations. // And some folks still think we just do antivirus?!!

Out of that huge bulk, here are a few I want to highlight…

Read on…

2022 review: patents coming on strong too!

Inventing cutting-edge new technology is only the half of it. Wait – no: let’s not be so categorical…

Cutting-edge new technology that’s oh-my groundbreaking sets in motion a life-cycle that’s probably a lot more complex and long-winded than might at first be imagined by many. Of course, without the invention in the first place there’d be nothing, but without the life-cycle that comes after it, even the most amazing revolutionary technology risks going belly up before it’s even gotten off the ground, never to help humankind in the way it could have. Alternatively, the invention could be at risk of falling into the hands of so-called consumer champions or patent trolls.

Among the many business functions that go into the mentioned life-cycle of new technology is that of patenting. For, alas, the system works whereby, if the new tech’s not patented, you don’t have any rights to it – even though you invented it! And history is full of such examples: the karaoke machine, magnetic stipes on plastic cards, fidget spinners, and a whole load more.

So – patenting. It happens to be by far not the simplest or most accessible of business processes, and it requires lots of expertise and lots of money – especially when you’re global. But that doesn’t make it any less necessary. And since our business at K has always been founded upon new technology, as soon as our bottom line allowed it – we straight away got into patent protection: in 2008 we got our very first patent. Ever since, little by little, we’ve been steadily growing our own patent expertise as much as we could allow ourselves down the years. And quite right too!…

The more successful the business became and the more we expanded around the world – all the more often patent trolls would come after us looking for the easy money. Also – unscrupulous competitors, despite having tech that could hardly compete with us on quality, still weren’t happy allowing customers use our products. Altogether, we were hit with 10 patent actions; nine we won; one is currently being considered. Because we never give in. We fight back – and win!

Overall picture.

The pandemic years and current geopolitical turmoil have of course negatively affected our business on the whole, and that has had a knock-on effect on our patent work – also down. And both past and current events look likely to echo into the future for years. However, that’s no reason to lie low until things get better; just the opposite – it warrants hitting the gas stepping on the proverbial accelerator all the harder! And that’s just what we did in 2022 (2021, btw, is here), despite everything. Let me tell you how…

We finished last year with a portfolio of 1367 patents and 330 patent applications in different countries (including the U.S., the EU, Russia, and China). In 2022 we obtained 123 new patents (including in the U.S. – 51; Russia – 37; China – 24; the EU – 9), and submitted 58 patent applications. But let’s not concentrate just on quantity. Check out the quality too: we’ve been granted patents to ~98% of all our patent applications (in some countries – 100%!), while the world average for companies is somewhere around 50%. Go us!

Our overall patent picture looks like this:

Read on…

The antidote to operational technology conservatism.

I’ve been saying it often – for years: antivirus is dead.

Such a statement might at first seem strange – especially from someone who’s been a mover and shaker since the very earliest days in all things viruses and anti-virus in the late eighties and early nineties. However, if you dig a little deeper into the AV (RIP) topic and consult some authoritative sources in the (former:) field, then the statement quickly becomes quite logical: first, “antivirus” has turned into protective solutions “against everything”; second, viruses – as a particular species of malicious program – have died out. Almost. And it’s that seemingly harmless, negligible almost that causes problems for cybersecurity still to this day – at the back end of the year 2022! And that almost is the basis of this here blogpost today…

So. Viruses. Those Red-Listed last remaining few – where are they these days, and what are they up to?…

It turns out they tend to reside in… one of the most conservative sub-fields of industrial automation: that of operational technology (that’s OT – not to be confused with IT). OT is “hardware and software that detects or causes a change through the direct monitoring and/or control of industrial equipment, assets, processes and events” (– Wikipedia). Basically, OT relates to an industrial control systems (ICS) environment – sometimes referred to as “IT in the non-carpeted areas”. OT = specialized control systems in factories, power plants, transportation systems, the utilities sector, and the extraction, processing and other heavy industries. Yes – infrastructure; yes – often critical infrastructure. And yes again – it’s in this industrial/critical infrastructure where “dead” computer viruses are found today alive and kicking: around 3% of cyber incidents involving OT-computers these days are caused by this type of malware.

How so?

Read on…

Introducing: KEDR Optimum. Superior enterprise-cybersecurity – with no fluff.

Naming products and services – and also their many different functions and features – in the infosec domain is, in a word, tricky. Why? Complexity…

Cybersecurity: it’s not a one-dimensional object like, say, a boat. There are different sized boats, different types of boats, but a boat is mostly always a boat. But in infosec, a modern system of enterprise cybersecurity does a great many technically complex things, and the question arises: how can it all be labeled simply and catchily (if that’s at all possible) so as to be reasonably easy to understand? And how can you differentiate one security system from another? Often it’s difficult explaining such differences in a long paragraph – let alone in the name of a product or service. Like I say: tricky.

Maybe that’s why Kaspersky is still associated by some with “antivirus software”. But actually, detecting and neutralizing malware based on an antivirus database is today just one of our security technologies: over a quarter century we’ve added to it a great many others. The word antivirus today is more of a metaphor: it’s known, understood, and thus is a handy (if not too accurate or up-to-date) label.

But what are we supposed to do if we need to tell folks about complex, multifunctional protection for enterprise IT infrastructure? This is when strange sets of words appear. Then there are all the abbreviations that come with them, whose original idea was simplification (of those strange sets of words) but which often just add to the confusion! And with every year the number of terms and abbreviations grows, and memorizing them all becomes increasingly… tricky! So today, let me take you on a brief excursion of all this gobbledygook  some of these complex but necessary names, terms, descriptions and abbreviations – so that, hopefully, we achieve the thing the abbreviations themselves struggle with: bringing clarity.

Read on…

Goodbye antivirus. Hello new cybersecurity super-app!

In my review of 2021, I gave a few teasing clues about some upcoming ‘super releases’ of our desktop and mobile products, going so far as promising that this year’s newbie-upgrades will be nothing short of being head-spinningly, show-stoppingly staggering. Well today, finally, in this here post – I’ll be announcing what’s what with all this super-release talk…

Actually, the word ‘super’ isn’t just me bigging up our new and improved tech and products; for we’ve gone and come up with a dedicated cybersecurity super-app for our users in which they can access, control, and tweak all their cyber-protection (plus computer hygiene) needs! No, you’re not having a dream. This is real folks!

All righty. I’ve got your attention, I hope. Now let’s dive in!…

First, as per, a spot of background-history…

Read on…

Cyber-tales from the dark (and light) side: audacious crypto hack, K goes neuromorphic, and how to enter a data-center via a… toilet!

Hi folks!

For those still sweating it out in the office, not lucky enough to have left for some serious digital detox vacationing, herewith, to keep your mind off the heat, some juicy iNews, aka Dark (and Light) Tales from the Cyber Side – yet more extraordinary, hard-to-believe stories from the world of cybersecurity.

Crypto-decrepito

The gaming community will no doubt recall how, this spring, Axie Infinity, the online crypto-game (perhaps most notable for permitting virtual winnings to be exchanged into real money), suffered one of the largest robberies of all time. It appears highly likely that North Korean hackers broke into the Ronin blockchain that controls the game, and proceeded to steal around $625 million (the exact figure varies depending on the source) from users’ accounts! The incident went unannounced for a time, highlighting the vulnerability of the game’s security system, and putting the reputation of its developer behind – Sky Mavis – on the line too.

Oh my gigantic sum! But wait – that’s not all; there’s more!…

Earlier this month it was revealed precisely how the hackers managed to break into the blockchain. Are you sitting down?!…

Several months ago fake employees of a fake company on LinkedIn sent info about fake job vacancies to employees of Sky Mavis. A senior Axie Infinity developer decided to apply. He even got through several rounds of (fake) interviews, after which he was offered an extremely attractive (fake) salary and benefits package. Basically, he was made an offer he couldn’t refuse.

Said offer eventually arrived in the developer’s inbox in the form of a pdf document, which he had no qualms about downloading and opening on his work computer. And that was that – the bad guys were in. Henceforth it was all just a matter of technique: an espionage program infiltrated Ronin, via which they were able to seize four of the nine validators that protect the network. Access to the fifth validator (needed to complete the hack and then steal all the money) was gained by the hackers via the Axie Decentralized Autonomous Organization – a group set up to support the gaming ecosystem. Result – bingo; jackpot!

Read on…