AIWould you entrust your vacation travel plans to AI?
We look at how AI can help you plan your vacation — and what can go wrong.
Latest
phishingTelegram scams with bots, gifts, and crypto
Everything you need to know about the latest Telegram scams and phishing, and how to stay safe.
side-channel attackSleepwalk: a sophisticated way to steal encryption keys
Researchers have devised a theoretical attack to steal private encryption keys through monitoring standard CPU and OS behavior.
cybersecurity awarenessNo blame: how psychological safety helps improve cybersecurity
Companies need to build a culture of security, but this is impossible when employees are afraid to discuss incidents or suggest improvements.
Efimer Trojan using hacked websites to steal cryptocurrency
We’ve uncovered a new Trojan — Efimer — which steals cryptocurrency via the clipboard. Here’s how it functions, and how you can stay protected.
SIEMUEBA rules in a SIEM system
Using anomalies in the behavior of users, devices, applications, and other entities to detect cyberthreats.
Android
Phishers targeting PyPi and AMO developers
Attackers are sending phishing emails to developers of PyPi packages and Firefox add-ons.
scamHow Meta’s social networks became a platform for investment scams
Deepfake videos, fraudulent Instagram and Facebook accounts, private WhatsApp chats: how Mark Zuckerberg’s social media platforms have become a primary tool for investment scammers.
Gamers
Gamers beware: Trojans have invaded Steam
If you still think that Steam, Google Play, and the App Store are malware-free, then read this fascinating story about PirateFi and other hacker creations disguised as games.
How scammers attack young gamers
Autumn is here, kids are going back to school and also meeting up with friends in their favorite online games. With that in mind, we have just carried out one of our biggest ever studies of the threats young gamers are most likely to encounter.
Live hack: Apex Legends esports tournament scandal
Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
The Phantom Menace: how gamers of different ages are being attacked
Why scammers are more likely to target kids than hardcore gamers, how they do it, and what they want to steal
Business
Enterprise passkey adoptions: nuances and challenges
We dive into which corporate systems support passkeys, where compatibility falls short, and why we probably won’t be saying goodbye to passwords anytime soon.
Are passkeys enterprise-ready?
Regulation and the evolving threat landscape are driving companies to adopt more resilient forms of employee authentication. Are passkeys a cost-effective and straightforward replacement for traditional passwords?
From CVSS to RBVM: vulnerability prioritization done right
Causes of discrepancies in Common Vulnerability Scoring System ratings, common mistakes when using CVSS for vulnerability prioritization, and how to do this right.
Attack on Microsoft SharePoint servers
Two critical zero-day vulnerabilities in SharePoint are actively exploited by attackers in real-world attacks.
New phishing scam lures users with fake HR policy updates
A curious case of spear-phishing email techniques employed on a mass scale.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Tips
The polyworking Gen Z: new victims of cybercrime
The more jobs you juggle, the higher your exposure to personal cybersecurity risks — especially if you’re a Zoomer.
Setting up security and privacy in the Garmin ecosystem
A detailed guide to configuring security and privacy in Garmin Connect and the Connect IQ Store.
Is your printer informing on you to the police?
Wi-Fi sensing lets you monitor motion in your home – without cameras or motion sensors. We weigh the pros and cons of this increasingly popular technology.
Is your router secretly working for foreign intelligence?
Why advanced attackers are interested in your home Wi-Fi access points, and how they maintain control over your devices.