vulnerabilitiesFollina: office documents as an entrance
New vulnerability CVE-2022-30190 aka Follina allows exploitation of Windows Support Diagnostic Tool via MS Office files.
Latest
interviewRosemarie Gonzales: “It’s important to free yourself of misconceptions”
Meet Rosemarie Gonzales, Corporate Communications Manager at Kaspersky Southeast Asia.
How to improve smart car apps
After conducting a thorough study of applications for connected cars, our experts highlighted a number of flaws of such software.
Automotive apps: who gets your car keys?
Most third-party apps for connected cars require access to your account with the manufacturer. But are they secure?
A passwordless future?
Let’s see how Google, Microsoft and Apple can work together to do away with passwords.
incident responseKey incident response skills
What should an incident response specialist be able to do and how can they improve their skills?
DHS recommends patching VMware, probably you should too
The Department of Homeland Security is urging US federal agencies to “patch or remove” a list of VMware products within five days. Probably you should do it too.
Ivan Kwiatkowski: “Cybersecurity is a domain I fell into by accident”
Meet Ivan Kwiatkowski, Senior Security Researcher with Kaspersky’s Global Research and Analysis Team.
Cryptoscam giveaway: phishers go after seed phrases
We explain how scammers steal cryptowallets through phishing.
phishingBank phishing and identity theft
We explain how phishers are swindling Wells Fargo customers out of personal credentials, passwords, card details, and selfies with an ID card.
Gamers
gamersAttack on Cities: Skylines — malicious code in a virtual city
We explain why game mods can be dangerous, using as an example malicious mods for Cities: Skylines.
Dangerous vulnerability in Dark Souls III videogame
Dangerous vulnerability was discovered in Dark Souls III videogame that can be used to gain control of a gamer’s computer.
Malicious activity in Discord chats
In the wake of recent research, we talk about several scenarios that underlie malicious activity on Discord.
BloodyStealer is hunting for gamers
Gamer accounts are in demand on the underground market. Proof positive is BloodyStealer, which steals account data from popular gaming stores.
The dangers of pirated games
Adware, Trojans, and other malware aren’t the only reasons not to download illegal games.
A trick auction to steal gold in World of Warcraft
A malicious script in the WeakAuras add-on can eradicate several days of farming in WoW Classic in a second.
Malware in Minecraft mods: story continues
We found more Minecraft modpacks and a file recovery utility available in Google Play concealing malicious adware.
Steam and mirrors: How gamers get duped
Gut-wrenching stories of in-game cheating told by actual participants.
Business
How to prevent a ransomware attack from happening again?
For Anti-Ransomware Day, we decided to publish few tips that will help your company avoid falling victim to ransomware for a second time.
vulberabilitiesActively exploited vulnerability in Windows
Time to update Windows! Microsoft has released patches for several dozen vulnerabilities, one of which cybercriminals are actively exploiting.
Is your mic really muted?
We cite an interesting study on how the mute button actually works in teleconferencing services, and discuss privacy in the web conferencing era.
e-mailMalware in e-mail on the rise
Malicious spam campaign targeting organizations grows 10-fold in a month, spreads Qbot and Emotet malware.
Decryptor for Yanluowang malware
Our cryptanalysts have found a way to decrypt files encrypted by Yanluowang.
BlackCat — new player in the ransomware business
Our experts investigated the activity and studied tools of ransomware gang BlackCat.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Popular
Critical vulnerability in Apache Log4j library
Researchers discovered a critical vulnerability in Apache Log4j library, which scores perfect 10 out of 10 in CVSS. Here’s how to protect against it.
Five things to update ASAP
Prioritize updating the apps that keep your devices and personal data safe from cyberattacks.
What to do if you lose your phone with an authenticator app
Can’t sign in to an account because your authenticator app is on a lost phone? Here’s what to do.
Infected Android app store
The APKPure app store has been infected by a malicious module that downloads Trojans to Android devices.
Who’s in your Facebook and Instagram accounts?
What to do if you receive a notification about a suspicious login to your Facebook or Instagram account.
How to guard against Zerologon and similar vulnerabilities
To stop all threats to the corporate infrastructure, you have to do more than just protect workstations.
PuzzleMaker: Targeted attacks against multiple companies
Our technologies detected targeted attacks involving a number of zero-day exploits.
How to download Windows 11 while avoiding malware
Scammers are distributing malware and adware made to look like Windows 11.
Tips
6 antiphishing tips
How to spot dangerous links sent in messages and other tricks scammers use to steal your data.
Kaspersky Security Cloud versus intrusive ads
How to remove browser ads in two clicks using our Anti-Banner feature.
How to make hybrid work effective and secure at home and in the office
Tips on security and productivity for those who work both from home and in an office.