phishingPhishing 101: what to do if you get a phishing email
Don’t panic. Again, don’t panic. Did we say don’t panic? A common threat explained in simple terms.
Latest
passkeysAre passkeys enterprise-ready?
Regulation and the evolving threat landscape are driving companies to adopt more resilient forms of employee authentication. Are passkeys a cost-effective and straightforward replacement for traditional passwords?
DiscordHow malicious actors exploit Discord’s invite system
Attackers hijack Discord invite links and redirect victims to scam servers to install malware using the ClickFix technique.
scamBeware of Google Forms bearing crypto gifts
Scammers are tricking people into giving up cryptocurrency through Google Forms surveys. Here is what they are doing and how to avoid falling victim to this scam.
Setting up security and privacy in the Garmin ecosystem
A detailed guide to configuring security and privacy in Garmin Connect and the Connect IQ Store.
From CVSS to RBVM: vulnerability prioritization done right
Causes of discrepancies in Common Vulnerability Scoring System ratings, common mistakes when using CVSS for vulnerability prioritization, and how to do this right.
Attack on Microsoft SharePoint servers
Two critical zero-day vulnerabilities in SharePoint are actively exploited by attackers in real-world attacks.
New phishing scam lures users with fake HR policy updates
A curious case of spear-phishing email techniques employed on a mass scale.
wi-fiIs your printer informing on you to the police?
Wi-Fi sensing lets you monitor motion in your home – without cameras or motion sensors. We weigh the pros and cons of this increasingly popular technology.
Gamers
Gamers beware: Trojans have invaded Steam
If you still think that Steam, Google Play, and the App Store are malware-free, then read this fascinating story about PirateFi and other hacker creations disguised as games.
How scammers attack young gamers
Autumn is here, kids are going back to school and also meeting up with friends in their favorite online games. With that in mind, we have just carried out one of our biggest ever studies of the threats young gamers are most likely to encounter.
Live hack: Apex Legends esports tournament scandal
Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
The Phantom Menace: how gamers of different ages are being attacked
Why scammers are more likely to target kids than hardcore gamers, how they do it, and what they want to steal
Business
All about CVSS: how vulnerability scoring evolved
We break down the Common Vulnerability Scoring System: what it’s for, how it’s used in practice, and why the Base Score is just the beginning — not the end — of vulnerability assessment.
Schrödinger’s antivirus: is protection dead or alive?
How the research tool Defendnot disables Microsoft Defender by registering a fake antivirus, and why you shouldn’t always trust what your operating system says.
How installing a fake extension from Open VSX led to cryptocurrency theft
This is a story of how a blockchain developer lost US$500 000 to a fake Solidity extension from the Open VSX marketplace.
Top fraud schemes threatening e-commerce
How cybercriminals can exploit your online store — and how to stop them.
How not to go bankrupt from industrial digitalization
How integrated industrial cybersecurity solutions protect OT networks and reduce the cost of critical incidents.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Tips
TipsIs your router secretly working for foreign intelligence?
Why advanced attackers are interested in your home Wi-Fi access points, and how they maintain control over your devices.
How to protect yourself from SMS blaster scams
Scammers have figured out how to send text messages that actually bypass cellular networks. How does illicit “SMS blasting” work, why does it matter for travelers, and how to stay safe.
Is a Gemini AI update about to kill privacy on your Android device?
Google has rolled out an update for Android that gives Gemini access to your Phone, Messages, WhatsApp, and Utilities data without your explicit consent. Here’s a detailed guide on how to disable these permissions.
How to shrink your digital footprint
Adjust your daily routines to leave as little data about yourself online as possible.