cryptocurrenciesEfimer Trojan using hacked websites to steal cryptocurrency
We’ve uncovered a new Trojan — Efimer — which steals cryptocurrency via the clipboard. Here’s how it functions, and how you can stay protected.
Latest
SIEMUEBA rules in a SIEM system
Using anomalies in the behavior of users, devices, applications, and other entities to detect cyberthreats.
Android
phishingPhishers targeting PyPi and AMO developers
Attackers are sending phishing emails to developers of PyPi packages and Firefox add-ons.
scamHow Meta’s social networks became a platform for investment scams
Deepfake videos, fraudulent Instagram and Facebook accounts, private WhatsApp chats: how Mark Zuckerberg’s social media platforms have become a primary tool for investment scammers.
The polyworking Gen Z: new victims of cybercrime
The more jobs you juggle, the higher your exposure to personal cybersecurity risks — especially if you’re a Zoomer.
Enterprise passkey adoptions: nuances and challenges
We dive into which corporate systems support passkeys, where compatibility falls short, and why we probably won’t be saying goodbye to passwords anytime soon.
Phishing 101: what to do if you get a phishing email
Don’t panic. Again, don’t panic. Did we say don’t panic? A common threat explained in simple terms.
Are passkeys enterprise-ready?
Regulation and the evolving threat landscape are driving companies to adopt more resilient forms of employee authentication. Are passkeys a cost-effective and straightforward replacement for traditional passwords?
Gamers
Gamers beware: Trojans have invaded Steam
If you still think that Steam, Google Play, and the App Store are malware-free, then read this fascinating story about PirateFi and other hacker creations disguised as games.
How scammers attack young gamers
Autumn is here, kids are going back to school and also meeting up with friends in their favorite online games. With that in mind, we have just carried out one of our biggest ever studies of the threats young gamers are most likely to encounter.
Live hack: Apex Legends esports tournament scandal
Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
The Phantom Menace: how gamers of different ages are being attacked
Why scammers are more likely to target kids than hardcore gamers, how they do it, and what they want to steal
Business
From CVSS to RBVM: vulnerability prioritization done right
Causes of discrepancies in Common Vulnerability Scoring System ratings, common mistakes when using CVSS for vulnerability prioritization, and how to do this right.
Attack on Microsoft SharePoint servers
Two critical zero-day vulnerabilities in SharePoint are actively exploited by attackers in real-world attacks.
signs of phishingNew phishing scam lures users with fake HR policy updates
A curious case of spear-phishing email techniques employed on a mass scale.
All about CVSS: how vulnerability scoring evolved
We break down the Common Vulnerability Scoring System: what it’s for, how it’s used in practice, and why the Base Score is just the beginning — not the end — of vulnerability assessment.
Schrödinger’s antivirus: is protection dead or alive?
How the research tool Defendnot disables Microsoft Defender by registering a fake antivirus, and why you shouldn’t always trust what your operating system says.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Tips
Setting up security and privacy in the Garmin ecosystem
A detailed guide to configuring security and privacy in Garmin Connect and the Connect IQ Store.
Is your printer informing on you to the police?
Wi-Fi sensing lets you monitor motion in your home – without cameras or motion sensors. We weigh the pros and cons of this increasingly popular technology.
Is your router secretly working for foreign intelligence?
Why advanced attackers are interested in your home Wi-Fi access points, and how they maintain control over your devices.
How to protect yourself from SMS blaster scams
Scammers have figured out how to send text messages that actually bypass cellular networks. How does illicit “SMS blasting” work, why does it matter for travelers, and how to stay safe.