All posts

The JavaScript CDN service Polyfill.io has started spreading malicious code. Remove the service’s script from your website.

A turnkey home? A turnkey website? How about turnkey phishing? Scammers now sell turnkey phishing services to other scammers. Read on to find out how it works.

A new vulnerability allows remote attackers to gain root privileges on Linux servers. How easy is it for CVE-2024-6387 to be exploited – and how to prevent it

Today we talk about our five main centers of expertise and their contribution to Kaspersky’s products, threat intelligence and expert cybersecurity services.

Developers’ accounts are being hijacked using fake job offers sent from a legitimate GitHub address.

Training AI requires a colossal amount of data. Meta seems to have found a “brilliant” solution — using the personal data of its own users.

The updated EU Network and Information Security Directive (NIS 2) came into force in January 2023. Member states have until October 17, 2024, to transpose it into national law. What does this mean, and how to prepare for it?

The new AI function in Microsoft Windows has already been dubbed a “security nightmare” on the internet. What risks does it carry, and how to stay safe?

The exact location of your router is publicly available through global Wi-Fi geolocation databases. Let’s explore why this is necessary, and the risks it entails and how to mitigate them.

A new phishing technique uses progressive web apps (PWAs) to mimic browser windows with convincing web addresses to steal passwords.

Almost six out of ten passwords can be cracked in less than an hour using either a modern graphics card or cloud services. All it costs is a few dollars and some free time. How this is possible and what to do about it is the topic of our study.

Based on our analysis of ZKTeco vulnerabilities, we dissect the risks associated with biometric authentication.

Tips on how to watch the UEFA Euro 2024 tournament while keeping your money safe and your mood good.

Our experts have discovered ransomware they’ve dubbed “ShrinkLocker”, which encrypts infected computers’ drives using BitLocker — a utility built into Windows.

Cybercriminals are using genuine Facebook infrastructure to send phishing emails threatening to block accounts.

Two-factor authentication protects your account from theft — until you yourself give away your one-time password.

We discuss key aspects of WhatsApp’s security and privacy, and how to configure this messenger to enhance protection.

We’re expanding the capabilities of the Kaspersky Unified Monitoring and Analysis SIEM system by adding new normalizers and correlation rules.

A recent zero-click vulnerability in TikTok has led to high-profile accounts being taken over.

How to use private browsing mode, what it doesn’t protect against, and why Google is deleting five billion dollars’ worth of user data.

Threat actors are targeting hotel staff with malicious and phishing e-mails.