vulnerabilitiesCVE-2025-33053: a good reason to update Windows
Internet Explorer sends its regards: a vulnerability in the HTTP protocol extension allows attackers to run malicious code — even on a modern operating system.
Latest
threatsHow hackers target Gen Z
Malicious actors are busy setting up fake Netflix websites, trying to trick visitors into paying for supposedly legitimate subscriptions, and promising in-game currency and skins for popular games. How else are they scamming Gen Zers, and what can we do to fight back?
SIEMThe hidden costs of free SIEM
While open-source projects let you build almost any infosec solution, it’s crucial to realistically assess your team’s resources and the time it would take to achieve your goals.
scamYou’re in for a big payout again
Scammers are promising compensation from a bank to all comers — with no exceptions — and to boost their credibility they’ve even rolled out a deepfake newscast generated by AI.
wordpressDollyWay World Domination: attack on WordPress websites
Since 2016, a threat actor has been exploiting insecure plugins and themes to infect WordPress websites and redirect traffic to malicious websites.
kidsWhat kids are doing online
Ever wondered why kids these days spend so much time online? Most parents do. So we found out what they’re actually doing there (spoiler: nothing bad).
extensions57 shady Chrome extensions clock up six million installs
Researchers find 57 potentially dangerous browser extensions in the Chrome Web Store. Here’s why they’re dangerous, and how not to fall victim.
Lessons learned from the trojanized KeePass incident
A popular password manager was modified to allow attackers to steal passwords and encrypt users’ data. How to protect home computers and corporate systems from this threat?
Data theft during smartphone charging
Can your photos be viewed, stolen, or deleted when your smartphone is plugged into a public charging station? As it turns out — yes!
Gamers
Gamers beware: Trojans have invaded Steam
If you still think that Steam, Google Play, and the App Store are malware-free, then read this fascinating story about PirateFi and other hacker creations disguised as games.
How scammers attack young gamers
Autumn is here, kids are going back to school and also meeting up with friends in their favorite online games. With that in mind, we have just carried out one of our biggest ever studies of the threats young gamers are most likely to encounter.
Live hack: Apex Legends esports tournament scandal
Hackers have long been engaging with the gaming world: from cracking games and creating cheats, to, more recently, attacking esports players live during an Apex Legends tournament. Regarding the latter, we break down what happened and how it could have been avoided.
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
The Phantom Menace: how gamers of different ages are being attacked
Why scammers are more likely to target kids than hardcore gamers, how they do it, and what they want to steal
Business
Scammers exploiting Microsoft business notifications to launch attacks
This post examines a hybrid email-and-phone scam in which attackers send emails from a genuine Microsoft email address.
The ABCs of cyber-resilience
Businesses reaching the “acceptance stage”: given inevitable breaches — how to prepare for them?
Fake websites popping up in Google search ads
Scammers are using Google ads to push fake versions of real websites – and they’re after business accounts and company data.
How Interlock attacks IT specialists with fake CAPTCHAs and ClickFix
We explore how cybercriminals are targeting IT specialists searching for a popular network scanner, using the Interlock ransomware attack as an example.
Migration to zero trust in practice – including the pitfalls
How organizations implement zero-trust principles, and what CISOs advise for project success.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Tips
Digital detox: How to take a safe break from screens
Planning a safe digital detox: a checklist to help prepare for a vacation and unwind in peace.
How to safely convert files
Online converters are a tempting but dangerous way to change file formats. We tell you how to convert files and not get trojanized.
Spam 101: what is spam, and how to defeat it
It feels as if spam is as old as the internet itself. The post looks at the money-making scams devised over the years, and how to avoid them today.
New Year’s resolutions for a cybersecure 2025
Mistakes to learn from in 2024 – and resolutions for a safer 2025.