vulnerabilitiesRetbleed attack, or Spectre strikes back
Using a recent study on hardware vulnerabilities in processors as an example, we contemplate the cost of security.
Latest
androidData Safety instead of App Permissions
Google Play’s app descriptions have a new Data Safety section now. We explain why this isn’t such great news.
ransomwareAndariel attacks with DTrack and Maui
The Andariel group attacks companies with several malicious tools.
DogWalk and other vulnerabilities
Microsoft has released patches for more than 140 vulnerabilities, some of which need to be closed as soon as possible.
black hatPreviewing Black Hat 2022
A look at what experts at Kaspersky will be watching during Black Hat 2022.
ChronicleILOVEYOU: the virus that loved everyone
We recall the story of the ILOVEYOU worm — one of the most infamous viruses from 22 years ago.
Protection through restriction: Apple’s new Lockdown Mode
Apple’s new feature promises enhanced protection in the fight against targeted attacks.
supply chainFour malicious packages in npm repository
New malicious campaign hunts for Discord tokens and credit card information via infected npm packages.
Obi-Wan Kenobi in terms of information security
How things stood with information security in a galaxy far, far away — nine years before the Battle of Yavin.
CosmicStrand: a UEFI rootkit
Our experts discovered a fresh version of CosmicStrand, a rootkit that hides from researchers in the UEFI firmware.
Gamers
$2 million inventory hacked in CS:GO
An unnamed hacker allegedly stole two million dollars’ worth of items from a CS:GO player’s backpack and has already started auctioning off the items.
Attack on Cities: Skylines — malicious code in a virtual city
We explain why game mods can be dangerous, using as an example malicious mods for Cities: Skylines.
Dangerous vulnerability in Dark Souls III videogame
Dangerous vulnerability was discovered in Dark Souls III videogame that can be used to gain control of a gamer’s computer.
Malicious activity in Discord chats
In the wake of recent research, we talk about several scenarios that underlie malicious activity on Discord.
BloodyStealer is hunting for gamers
Gamer accounts are in demand on the underground market. Proof positive is BloodyStealer, which steals account data from popular gaming stores.
The dangers of pirated games
Adware, Trojans, and other malware aren’t the only reasons not to download illegal games.
A trick auction to steal gold in World of Warcraft
A malicious script in the WeakAuras add-on can eradicate several days of farming in WoW Classic in a second.
Malware in Minecraft mods: story continues
We found more Minecraft modpacks and a file recovery utility available in Google Play concealing malicious adware.
Business
New ransomware: a cross-platform future
The new Luna and Black Basta ransomware strains are capable of attacking Windows, Linux and VMware ESXi.
The return of the macro
Microsoft cancels its decision to block macros by default. We discuss the cybersecurity implications for companies.
security awarenessHR on guard for cybersecurity
The most effective protection is increasing employees’ awareness, and it’s up to HR to maintain it.
Protecting corporate IoT devices
Cyber immune gateway that can shield IoT and IIoT devices from cyberthreats.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Popular
Critical vulnerability in Apache Log4j library
Researchers discovered a critical vulnerability in Apache Log4j library, which scores perfect 10 out of 10 in CVSS. Here’s how to protect against it.
How to watch porn safely and discreetly
Hiding your guilty pleasures from prying eyes is possible, but you need to do it properly.
Five things to update ASAP
Prioritize updating the apps that keep your devices and personal data safe from cyberattacks.
Update iOS, there is a dangerous vulnerability in WebKit
Dangerous vulnerability in WebKit (CVE-2022-22620) is believed to be actively exploited by hackers. Update your iOS devices as soon as possible!
What to do if you lose your phone with an authenticator app
Can’t sign in to an account because your authenticator app is on a lost phone? Here’s what to do.
Infected Android app store
The APKPure app store has been infected by a malicious module that downloads Trojans to Android devices.
Follina: office documents as an entrance
New vulnerability CVE-2022-30190, aka Follina, allows exploitation of Windows Support Diagnostic Tool via MS Office files.
Who’s in your Facebook and Instagram accounts?
What to do if you receive a notification about a suspicious login to your Facebook or Instagram account.
Tips
The hidden threats of router malware
Malware can infect your router, slow down the internet connection and steal data. We explain how to protect your Wi-Fi.
6 antiphishing tips
How to spot dangerous links sent in messages and other tricks scammers use to steal your data.
Kaspersky Security Cloud versus intrusive ads
How to remove browser ads in two clicks using our Anti-Banner feature.
How to make hybrid work effective and secure at home and in the office
Tips on security and productivity for those who work both from home and in an office.