GALÁPA-GOSH – PT. 3: If you can swim with turtles…

Hola folks!

Adios Española Island, and, after a short night flight, hola Punta Cormorant on Floreana Islandhere.

At Punta Cormorant you’d think there might be at least one or two Cormorants to be seen, but you’d be wrong (I wonder… did they become extinct on the island?). However, instead, there are one or two tons of Cheloniid sea turtles – which provided today’s main Ecuad-awesomeness!

Read more…

GALÁPA-GOSH – PT. 2.2: seals, iguanas, and yet more boobies!

While on Española Island, the young albatross leaping off a cliff face for the first time in his life hoping he’ll be able to fly – that kinda stole the show. However, there were other wild animals worthy of mention observed too – including species we’d seen for the first time or had never seen in such vast quantities. And we saw them at Punta Suarez – the westernmost point of the island.

Even before we’d made it ashore in the dinghy we came across a seal ‘kindergarten’. While mommy is out at sea getting the ‘groceries’ in, the little ones are frolicking on the beach!

I wondered briefly – how does mom know which toddler-seals are hers? Logically, I asked our guides; they answered: by smell. They added also how life can be rather cruel for the seals around here: if mommy get gobbled up by a shark while out to sea getting dinner in, her offspring will inevitably die. Other moms won’t feed them – poor things. But, at the same time – if one of those child seals happens upon a mom-penguin – young penguins wind up with no mommy too. And if penguins happen upon… and so on and so forth. I could carry on the ‘chain’ at length. But let’s look at some pics instead…

Read on…

Cyber-news from the dark side: Japanese legal hacking; iKeychain hack; 2FA -> $0; an Iranian cyber-whodunit; and a USB-eating leopard seal.

Privyet boys and girls!

Herewith, the next in my periodic/occasional cyber-news cyber-shocker-bulletins: a few stories of the cyber-interesting, the cyber-this-news-just-in, and the cyber-absurd…

State-sanctioned hacking!

The Japanese government is believed to be planning to hack 200 million IoT devices of its citizens. And that’s not science fiction folks; it looks like it’s for real. Indeed, it’s how the Japanese are preparing for the Olympics to be held in Tokyo in 2020 – and it’s all legal of course, since it’s the government who’s behind it. So their citizens’ gadgets will be hacked using the cybercriminals favorite method: using default passwords and password dictionaries. If a device is found to have a weak password, bureaucrats will enter the device into a list of unsecure gadgets, which list will then be handed over to internet service providers, which will be expected to inform subscribers and have them make their devices secure by changing the password. It’s all being done as a resilience test in the run-up to the Olympics, to work out if IoT devices in the country are sufficiently protected, and to try and prevent their use in attacks on the Olympics’ infrastructure. The methods to be used for this ‘test’ can easily be disputed, but the fact that the authorities are doing something concrete so well in advance is certainly a good thing. For let’s not forget that the Olympics have been targeted before – and not all that far away from Japan.

iOops!

An 18-year-old hacker, Linus Henze, has published a video highlighting a startling weakness in MacOS – specifically its Keychain program, which stores and secures a user’s many passwords. The teenager used a zero-day to develop his own app that can scan the full contents of the keychain.

Curiously, intriguingly, Mr. Henze isn’t planning on sharing his research and his app with the tech giant, since Apple still doesn’t run a bug-bounty program. So that leaves the company with two options: negotiate with the expert (which would be an unprecedented move for Apple), or consider trying to remedy the issue themselves – which they may or may not be able to do, of course.

Meanwhile, you, dear readers, need not fear for the safety of your passwords! Since there do exist (who’d know?!) fully secure, cross-platform password managers out there. And researchers – there do exist software companies that run bug-bounty programs ).

Even two-factor authentication can be hacked now.

Bank accounts being emptied by cyber-thiefs is on the up. One example recently involved accounts held at the UK’s Metro Bank. And the method used for the robberies involved intercepting text messages sent to account-holders’ phones for two-factor authentication. Now, 2FA is a good thing: it’s an extra layer of security and all that, so why not? It’s just that SMSs are by far not the most secure way to transfer data. For example, vulnerabilities can be exploited in the SS7 protocol, which is used by telecoms operators the world over to coordinate how they route texts and calls. If cyber-baddies manage to access the mobile network of an operator, they’re able to re-route messages and calls without the user being any the wiser. First they’d need to know your login and password for online banking, but that isn’t beyond the abilities of modern-day cyber-villains with their crafty keyboard spies, phishing tactics, or banking Trojans.

Once inside the online bank, the criminals send a request for a money transfer and intercept the message with the one-time code from the bank. The code is entered, and the bank transfers the funds, since both the password and the code were correctly entered. And the criminals are laughing all the way to the bank, as it were ).

So what can you do to stop such a scenario happening to you? Here are a couple of tips:

  • Never tell anyone your login or passwords – even to a bank employee, but you’ll probably know that one: banks helpfully remind us whenever they can.
  • Protect your devices from malware with a reliable antivirus app. There is one I happen to know of… but no – you choose the one you want ).

Cyber-spying on foreign diplomats in Iran – but whodunit?

Our researchers just recently discovered multiple attempts at infection of foreign diplomatic missions in Iran with some rather primitive cyber-espionage malware. The backdoor is presumed to be associated with the hacking group know as Chafer, which happens to ‘speak’ Farsi, and which is thought to have been responsible for cyber-surveillance on individuals in the Middle East in the past. This time, they cybercriminals used an improved version of the Remexi backdoor, designed to remotely control (as administrator) a victim’s computer.

Remexi software was first detected in 2015 when it was used for illegal surveillance of individuals and organizations across the whole region. The Windows-targeting surveillance-ware can exfiltrate keystrokes, screenshots, and browser-related data like cookies and history.

Much ‘home made’ malware is used in the region – often in combination with public domain utilities. But who’s behind these particular attacks? Finding out is made all the more difficult by the very fact that the malware is homespun; it literally could be anybody: Iranians, or non-Iranians pulling a false-flag operation. Alas, false flags are on the up and up and look set to remain so.

“Well, actually… a seal ate my USB stick, sir.”

In New Zealand, one day out walking a vet observed a clearly unwell leopard seal on a beach. As any concerned vet would, he proceeded to… scoop up a lump of the poorly seal’s poop and took it off for analysis. He was expecting to find therein some ghastly little parasites or viruses or what have you, but instead found… a USB stick. After much disinfection (I hope), the vet stuck the thumb drive into his computer (don’t try any of this at home kids, but this was a special case). And guess what? Thereon were stored lots of photos of the beautiful New Zealand scenery! Now the vet and Co. are seeking the owners of the USB – using this here video. Recognize it, anybody?

Enter your email address to subscribe to this blog
(Required)

Galápa-gosh – pt. 2: the maiden flight of a young albatross.

The albatross is one of the most astonishing birds in the world. It can fly for thousands of miles from the shore, it can actually live up in the air for years without landing, epic poems are written about it, epic songs are sung about it, it’s considered an omen, and generally there’s an air of mystery around the species. I mean, like, how did they learn to fly just soooo far? How do they sleep up in the sky? How do they sniff out smells of potential prey from miles away?.

The first time I saw some albatrosses was while sailing on a research vessel through the Drake Passage en route to Antarctica, as you do. They seemed to appear out of nowhere, soared so low over the ocean it looked like they were touching it, circled round the ship (just curious?), and then disappeared never to be seen again; and never once did we see them flap their wings! Like, really: zero times! Indeed, they can glide for hours (or is it days, weeks or months?) upon airstreams caused by large ocean waves and wind – both of which they need both to survive; calm, windless conditions are lethal to the albatross. No wind means it simply can’t fly off – not from water, not from land.

In fact, the species has gone so far down the evolutionary road that’s led to its extraordinary gliding abilities that their wings are hardly flappable like other birds’ wings any more. Instead, they have special retainers into which the bones of the wings stick into, fixing the two-or-three-meter-wide wings in place to resemble a glider plane – with no muscles being used at all and zero energy expenditure.

How do they sleep if they’re up in the sky for years (the first six years of their lives they never touch land once!)? Apparently it’s still not known. It might be that the two halves of their brains take it in turns to sleep and be awake, much like whales and dolphins’ do.

Great albatrosses are expert fishermen and fisherwomen. Much like the boobies, they’re super-fast divers, though they don’t go as far deep into the ocean as boobies. They can sniff out ‘food’ from miles away; they drink seawater (they have a special organ in their beaks (the little bumps with the holes thereon) that filters out the salt!!). They nest and breed only in one place – where they were born. That is, after several years and hundreds of thousands of kilometers of flying gliding they return right back to their birthplace.

Truly fantastic fowl.

Simply seeing an albatross would probably have been the main Ecuad-awe-someness of our second day on the Galápagos Islands. However, what made it even more incredible was that we saw the first ever flight of a young great albatross! But I’ll get to that in a bit…

Rewind! A new day – a new island. Next up: Española Island, which is the main breeding ground of the Galápagos Islands.

Read on…

Galápa-gosh – pt. 1: the dance of the boobies.

Hi folks!

Here we were – in the sunny Galápagos islands, after having flown in from the mainland and boarded the small ship we’d be on for the next seven days. And like I’ve already mentioned, on every one of those days we were treated to one large extraordinary Ecuad-awesomeness, plus several smaller ones. But let’s start with day one, whose main Ecuad-awesomeness was – the blue-footed booby!

Yes, I just wrote booby in a blogpost folks! Never thought I’d see that… But boobies with blue feet?! Ye gods!…

Before your imaginations get the better of you, here are the boobies:

Read on…

And you thought there was just one equator?

Even if you know hardly any Spanish at all, it’s fairly easy to work out that the etymology of ‘Ecuador’ has something to do with the equator upon which the country sits. And you’d be right: ‘ecuador‘ is in fact the Spanish for the English word equator.

So it seemed obvious to me that we just had to visit said ecuador/equator. If we didn’t, it’d be like going all the way to Paris and not visiting the Eiffel Tower, or to London and not snapping Big Ben and the Thames, or to Moscow and not seeing the Kremlin and Red Square, to Rome without the Colosseum, Sydney – the Opera House, Kamchatka – grizzly bears; New York – the Empire State Building, and so on and on and on… (now there’s a list that could go on forever:). So that’s just what we did – we went to visit the equator and the ‘equator museum’, both of which are in suburban Quito.

All righty. Off we pop to Ciudad Mitad del Mundo – the Middle of the World City. And here it is – the middle of the world – painted as a line in yellow:

Read on…

KL-2018: still growing, no matter what.

Hi folks!

The time has come to share our financial results for 2018. It can’t be denied that it was a tough year for us: the aftershock from the geopolitical turbulence that affected us which peaked in 2017 for sure caught up with us. But this is where it gets interesting…

You could be forgiven for thinking that everything’s reeeaaal bad for us and we’ve nothing at all to feel good about regarding 2018. But you’d be wrong. Because users still ‘voted’ for us with their dollars, euros and the rest: our business… continued to grow! The company’s global IFRS revenue for 2018 was 726 million dollars, 4% higher than in 2017*.

You could also be forgiven for thinking that, what with the unfair, coordinated informational campaign waged against us, we might have eased off a bit, gotten back into the trenches as it were, lain low for a while. You’d be wrong again! Just the opposite: we’ve continued to develop new products, new technologies, and new services of a kind our competitors can only dream!

So what did the best? Well, just like in the previous year we saw the highest growth in business based on promising new solutions and technologies that provide protection against the most complex of cyberthreats – the so-called ‘non-endpoint’ segment (+55%). Corporate segment sales also were up – by an impressive 16%; while online sales grew 4%.

Geographically, the greatest growth in sales (27%) was to be found in the META region (Middle East, Turkey, and Africa). Then (by some freak coincidence), the three regions of (i) Russia, Central Asia and the CIS**; (ii) APAC (Asia-Pacific); and (iii), Europe – achieved 6% growth in sales each.

A fall in sales occurred in Latin American (-11%), but that in large part can be put down to devaluations of national currencies in the region. And as could only have been expected, sales in North America fell – by 25%. All the same, North American users are good at reading between the lines when it comes to what their media tells them. How else can an increase of 8% in online sales of new licenses in the U.S. be explained? I’m often asked if we plan to close our offices in the U.S. and exit the market. No way! Actually, just the opposite: we’re planning on getting back to growth and developing the market.

So, why is it folks trust us? Maybe it’s because over the last year we’ve become the most transparent cybersecurity company in the world? We’ve opened up our source code and its updates, and in essence we’ve established new standards of transparency for the whole industry. And no matter how much nonsense they write about us in the press, still no one has provided even just a shred of technical evidence about any wrongdoing on our part (spoiler alert! They won’t provide any: none exists!). My life is set out before you right here on these here blog pages practically every day. I’ve nothing to hide; my company has nothing to hide! Folks see, think, understand, and vote with their money.

Finally, as per tradition, I simply must thank our users and partners who believe us – and believe in us! And of course all the KL employees, thanks to whom our products and services for many years now have remained the very best. Well done everyone! Now… back to work!

https://www.instagram.com/p/BkV29QdgziX/

* Unaudited IFRS revenue data. The given revenue figure was rounded up to the nearest million. Actual revenue: $725.6 million.

** The Central Asia and CIS region is made up of: Azerbaijan, Armenia, Belarus, Georgia, Kazakhstan, Kyrgyzstan, Mongolia, Russia, Tajikistan, Turkmenistan, and Uzbekistan.

Je m’appelle Eugene.

Bonjour folks!

A quick official interlude…

The other week it was time to roll out the red carpet again at KL HQ – this time for the French ambassador to Russia, Sylvie Bermann.

Our meet went very well: cordial, interesting, enjoyable. The ambassador and her aides showed great interest in cybersecurity matters, and clearly had a solid professional awareness of all things digital in this modern day. We told them all about our work and achievements in France and French-speaking countries, and shared our plans for development of new technologies and of cooperation with French companies and state bodies. Other topics included our vision of further development of digital technologies in industrial systems, and about possible cyberthreats to industrial infrastructure and how we can fight them together.

So yes, it went swimmingly. Our esteemed guests left us satisfied and certain of our shared cyber-tomorrow.

Btw, the ambassador was driven here in a Citroën C6. You don’t see many of those in Moscow. In fact [as curious as ever and looking it up on the net], you don’t see a great many of them anywhere: there were apparently only 23,384 ever produced, between 2005 and 2012. Nice car. And rather exclusive ).

Three days on the Condor.

My pals and I love a spot of trekking in remote places around the globe. Just two or three days normally does the trick: enough to get in plenty of gawping at luscious landscapes, plenty of exercise, plenty of curiosity satisfaction, and of course plenty of pretty photography.

And our New Year trip to Ecuador proved no exception. With small rucksacks on our backs (and accompanied by horses carrying the larger items like tents and so on) we walked along a lengthy stretch of the Condor Trek.

Read on…