kaspersky
-
… Card was delivered through INTERPOL’s African Joint Operation … which was enriched by INTERPOL and its private sector partners … this collaborative effort led by INTERPOL. The evolving threat landscape … supported two editions of INTERPOL’s Africa Cyber Surge …
-
Over the past few weeks, there’s been a series of unpleasant news items on advertising and user privacy in with regard to every major browser developer — except Apple: Google allowing ad tracking through digital fingerprinting; powerful ad blockers ceasing to work in both Edge and Chrome, and Mozilla revising its license agreement seemingly showing…
-
We closely monitor changes in the tactics of various cybercriminal groups. Recently, experts from Kaspersky’s Global Research and Analysis Team (GReAT) noted that, after attacks with Fog ransomware, malefactors were publishing not only victim’s data, but also the IP addresses of the attacked computers. We haven’t seen this tactic used by ransomware groups before. In…
-
Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal. “Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized command-and-control (C2) servers exclusively linked to Twelve prior to these incidents,” the company said. “This suggests
-
Kaspersky’s ICS Threat Landscape Report (Q4 2024) presents itself as a cyber intelligence product but falls short of intelligence tradecraft standards. The analysis exposes its reliance on statistical aggregation without structured attribution, predictive modeling, or actionable foresight. Intelligence professionals demand rigorous methodologies that inform strategic decision-making—not surface-level data repackaged for industry branding. The report fails…
-
Attacks on open-source mostly start with publishing new malicious packages in repositories. But the attack that occurred on March 14 is in a different league — attackers compromised the popular GitHub Action tj-actions/changed-files, which is used in more than 23,000 repositories. The incident was assigned CVE-2025-30066. All repositories that used the infected changed-files Action are…
-
Since February, many users have been complaining about the Android System SafetyCore app suddenly appearing on their Android phones. It has neither UI nor settings, but Google Play says the developer is Google itself, the number of installations exceeds a billion, and the average rating is a dismal 2.4 stars. The purpose of the app…
-
On March 4, Broadcom released emergency updates to address three vulnerabilities — CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 — that affect several VMware products, including ESXi, Workstation, and Fusion. A note in the Broadcom advisory stated that at least one of these — CVE-2025-22224 — has been exploited in real-world attacks. The vulnerabilities allow for virtual machine escape —…
-
In its monthly Patch Tuesday update, Microsoft has provided patches for six vulnerabilities that are being actively exploited in the wild. Four of these vulnerabilities are related to file systems — three of which having the same trigger, which may indicate that they’re being used in one and the same attack, or at least by…
-
February 21 was a dark day for the crypto market as it suffered the largest heist in its history. Attackers made off with around $1.5 billion from Bybit, the world’s second-largest crypto exchange, with experts citing it as the biggest theft – of anything – of all time. Although neither this loss nor the withdrawal…
-
In an attempt to bypass security solutions, attackers are increasingly hiding phishing and other malicious links inside QR codes. It’s for this reason that we’ve added a technology to Kaspersky Secure Mail Gateway that reads QR codes (including ones hidden inside PDF files), extracts links and checks them before they land in an employee’s inbox.…
-
Millennials have grown up alongside the rise of social media and digital communication – and in many ways appear to be the most tech-savvy generation. However, our latest research reveals a concerning reality: 70 percent of millennials rarely verify the authenticity of the people they engage with online, leaving them vulnerable to cyberrisks such as…
-
In early 2025, the Chinese chatbot, DeepSeek, burst onto the AI scene. It provoked much comment and controversy across the globe: we could hardly fail to spot the similarity of its logo to our own, comparisons with ChatGPT were abundant, and in Italy, South Korea, Australia, and other countries, DeepSeek was blocked altogether. The hype…
-
Over the past six months, Windows Packet Divert drivers for intercepting and modifying network traffic on Windows systems have become popular in Russia. From August to January 2024, we noted that detections of these drivers almost doubled. The main reason? These drivers are being used in tools designed to bypass restrictions for accessing foreign resources.…
-
A vulnerability was found in Kaspersky Security for Linux Mail Server up to 8.0.3.30. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to injection. The identification of this vulnerability is CVE-2024-1619. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a…
-
You almost certainly know the situation when a friend or colleague sends you files in a format you can’t open. For example, you asked for photos, expecting JPEGs or PNGs, but instead they arrive in HEIC format. What do most people do in this case? That’s right, they look for a free online file-converter. If…
-
Comments
-
You’ve probably heard the rumor — our smartphones are always listening. But the truth is, they don’t need to. The information shared with data brokers by virtually every app on your smartphone — from games to weather apps is more than enough to create a detailed profile on you. For a long time, “online tracking”…
-
Scanning the hard drives of work computers is a simple daily procedure that happens without impacting the user or requiring any manual action. In the case of servers, however, things are more complex — especially if done in response to an incident, after which all company storage (perhaps tens of terabytes worth) need an unscheduled scan.…
-
The Australian Department of Home Affairs has mandated that government entities must prevent the installation of products and web services on government systems and devices from Kaspersky Lab. Additionally, any existing instances must be removed. The directive, issued under the Protective Security Policy Framework (PSPF) by the Secretary of the Department of Home Affairs, aims…