strategyHow to minimize software update risks
Today we tell you about our practices for releasing and updating new products, and also updating existing releases, which that reduce the risk of large-scale incidents.
Latest
kaspersky
How safe is Wi-Fi in Paris?
Kaspersky experts examined the security of public Wi-Fi hotspots in Paris on the eve of the Olympics.
AIHow to prepare corporate cybersecurity for all-seeing AI assistants
Although Microsoft has radically revised the rollout plan for its controversial Recall feature, cybersecurity teams can’t afford to ignore the issue of “AI onlookers.
Summer scams in Paris
Scammers prepared carefully for this very sporty summer. First they targeted soccer fans during the Euros; now they’re setting their sights on spectators at the Paris 2024 Olympics. How can you stay safe from scams during the Games?
failureGlobal outage due to Friday’s release of CrowdStrike
The story of how CrowdStrike released an update on a Friday and brought down thousands, tens of thousands, or maybe even hundreds of thousands of computers around the world.
How using free VPNs could land you in a botnet
The masterminds behind the colossal botnet encompassing 19 million IP addresses used free VPN services as bait to lure unsuspecting users.
Zero-day vulnerability in Internet Explorer
A zero-day vulnerability actively exploited by attackers has been discovered in Internet Explorer — the browser that Microsoft supposedly laid to rest over a year ago.
Gamers
gamersLive hack: Apex Legends esports tournament scandal
Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
The Phantom Menace: how gamers of different ages are being attacked
Why scammers are more likely to target kids than hardcore gamers, how they do it, and what they want to steal
The true cost of gaming
Our research reveals gamers’ attitudes toward computer performance — and the ethics of winning and losing.
Where did that game cheats video on your YouTube channel come from?
The RedLine Trojan stealer spreads under the guise of cheats for popular games and posts videos on victims’ YouTube channels with a link to itself in the description.
$2 million inventory hacked in CS:GO
An unnamed hacker allegedly stole two million dollars’ worth of items from a CS:GO player’s backpack and has already started auctioning off the items.
Business
What SIEM is and how it protects medium-sized businesses
Medium-sized businesses increasingly find themselves on the receiving end of targeted attacks. What tools does one need when basic security proves inadequate?
Attack on cybersecurity researchers: pseudo-exploit for regreSSHion
Someone is targeting security experts using an archive that allegedly contains an exploit for the regreSSHion vulnerability.
supply-chain attackRemove Polyfill.io from your website
The JavaScript CDN service Polyfill.io has started spreading malicious code. Remove the service’s script from your website.
regreSSHion vulnerability in OpenSSH
A new vulnerability allows remote attackers to gain root privileges on Linux servers. How easy is it for CVE-2024-6387 to be exploited – and how to prevent it
Phishing on GitHub through job offers to… developers
Developers’ accounts are being hijacked using fake job offers sent from a legitimate GitHub address.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Popular
Critical vulnerability in Apache Log4j library
Researchers discovered a critical vulnerability in Apache Log4j library, which scores perfect 10 out of 10 in CVSS. Here’s how to protect against it.
cryptocurrenciesCase study: fake hardware cryptowallet
Full review of a fake cryptowallet incident. It looks and feels like a Trezor wallet, but puts all your crypto-investments into the hands of criminals.
Five things to update ASAP
Prioritize updating the apps that keep your devices and personal data safe from cyberattacks.
Update iOS, there is a dangerous vulnerability in WebKit
Dangerous vulnerability in WebKit (CVE-2022-22620) is believed to be actively exploited by hackers. Update your iOS devices as soon as possible!
What to do if you lose your phone with an authenticator app
Can’t sign in to an account because your authenticator app is on a lost phone? Here’s what to do.
Infected Android app store
The APKPure app store has been infected by a malicious module that downloads Trojans to Android devices.
Follina: office documents as an entrance
New vulnerability CVE-2022-30190, aka Follina, allows exploitation of Windows Support Diagnostic Tool via MS Office files.
Tips
Setting up Shortcuts and Siri in Kaspersky for iOS
The updated VPN & Antivirus by Kaspersky for iOS now supports Apple Shortcuts and Siri. We explain what you can do with this feature, and how to set it up.
Don’t forget about Recall, because Recall won’t forget about you
The new AI function in Microsoft Windows has already been dubbed a “security nightmare” on the internet. What risks does it carry, and how to stay safe?
Setting up both security and privacy in WhatsApp
We discuss key aspects of WhatsApp’s security and privacy, and how to configure this messenger to enhance protection.
The incognito myth: how private browsing really works
How to use private browsing mode, what it doesn’t protect against, and why Google is deleting five billion dollars’ worth of user data.