gamersMinecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
Latest
scamHacking YouTube channels with stolen cookies
How scammers can hack your YouTube channel without knowing a password and second factor.
cyberimmunityStraight out of CSW ’23: what’s cooking in the world of cyberthreats in META?
APT discoveries, AI implications, Darknet wonders, and cyber immunity insights: CSW ’23 shaping the cybersecurity landscape of 2023.
iOS
biometric authenticationBrutePrint: bypassing smartphone fingerprint protection
Android fingerprint protection isn’t that reliable after all: it can be brute-forced even without a copy of your fingerprint.
MSI leak: tips for users, organizations, and developers
Now anyone can sign device firmware with MSI private keys. This represents a long-term persistent risk to be considered by all users.
What is multi-factor authentication?
What multi-factor authentication is, why you should use it, and what “factors” there are.
Know your personal threat landscape
You can apply the concept of a threat landscape as used in corporate security to yourself to make it easier to stay protected.
sandboxMaking a better sandbox
The effectiveness of a sandbox largely depends on its ability to realistically imitate a working environment.
Gamers
The Phantom Menace: how gamers of different ages are being attacked
Why scammers are more likely to target kids than hardcore gamers, how they do it, and what they want to steal
The true cost of gaming
Our research reveals gamers’ attitudes toward computer performance — and the ethics of winning and losing.
Where did that game cheats video on your YouTube channel come from?
The RedLine Trojan stealer spreads under the guise of cheats for popular games and posts videos on victims’ YouTube channels with a link to itself in the description.
$2 million inventory hacked in CS:GO
An unnamed hacker allegedly stole two million dollars’ worth of items from a CS:GO player’s backpack and has already started auctioning off the items.
Attack on Cities: Skylines — malicious code in a virtual city
We explain why game mods can be dangerous, using as an example malicious mods for Cities: Skylines.
Dangerous vulnerability in Dark Souls III videogame
Dangerous vulnerability was discovered in Dark Souls III videogame that can be used to gain control of a gamer’s computer.
Malicious activity in Discord chats
In the wake of recent research, we talk about several scenarios that underlie malicious activity on Discord.
BloodyStealer is hunting for gamers
Gamer accounts are in demand on the underground market. Proof positive is BloodyStealer, which steals account data from popular gaming stores.
Business
Brief cheat-sheet on cloud types and their risks
Сloud technologies differ in terms of both costs and risks. What cloud type should you choose, and how should you begin your migration?
Beware the .zip and .mov domains!
Website names in the ZIP and MOV domains are indistinguishable from file names. How will this affect IT systems, and what will threat actors do?
New hardware vulnerability in Intel processors
A brief, plain-language explanation of an advanced method of data theft using features of modern CPUs.
deepfakesHow to get ready for deepfake threats
Cybercriminals are increasingly using deepfakes in attacks against companies. What can we do to be safer?
How cybercriminals launder dirty crypto
Crypto mixers, nested exchanges, cash-out and other crypto-laundering methods used by ransomware operators.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Popular
Critical vulnerability in Apache Log4j library
Researchers discovered a critical vulnerability in Apache Log4j library, which scores perfect 10 out of 10 in CVSS. Here’s how to protect against it.
Case study: fake hardware cryptowallet
Full review of a fake cryptowallet incident. It looks and feels like a Trezor wallet, but puts all your crypto-investments into the hands of criminals.
Five things to update ASAP
Prioritize updating the apps that keep your devices and personal data safe from cyberattacks.
Update iOS, there is a dangerous vulnerability in WebKit
Dangerous vulnerability in WebKit (CVE-2022-22620) is believed to be actively exploited by hackers. Update your iOS devices as soon as possible!
What to do if you lose your phone with an authenticator app
Can’t sign in to an account because your authenticator app is on a lost phone? Here’s what to do.
Infected Android app store
The APKPure app store has been infected by a malicious module that downloads Trojans to Android devices.
Follina: office documents as an entrance
New vulnerability CVE-2022-30190, aka Follina, allows exploitation of Windows Support Diagnostic Tool via MS Office files.
Who’s in your Facebook and Instagram accounts?
What to do if you receive a notification about a suspicious login to your Facebook or Instagram account.
Tips
Why you should set up secure DNS – and how
Have you ever come across the words Secure DNS or Private DNS in your smartphone settings and security apps? It’s best to keep this feature enabled – it has many advantages.
How to avoid online recruitment scams in 2023
Received an attractive job offer from a stranger? Be careful! It could be a scam…
Cybersecure Christmas
Many hacks have started during Christmas holidays. A few simple tips will reduce the chances of your company becoming the next victim.