Business

Researchers have discovered a vulnerability in the 7-Zip file archiver software.

The complete story of the hype, panic, and misunderstanding surrounding attacks on cryptographic algorithms using quantum computers.

Dangerous features are creeping into legitimate Chrome extensions. How to keep your organization safe?

Attacks on companies via their suppliers and contractors are becoming increasingly widespread. How can you manage this risk?

European researchers have discovered a vulnerability in AMD processors that can be exploited by modifying RAM modules.

How to estimate what and how much hardware will be needed for a SIEM system to assess the costs before deployment?

Kaspersky specialists, in collaboration with external experts, have formulated some key guidelines for safe and legal use of AI.

Cybercriminals distributing the Mamont banker under the guise of an application for tracking the delivery of goods at wholesale prices.

How a simple, well-known general threat became a key targeted-attack vector on companies.

We discuss the recently discovered Nearest Neighbor attack method, which enables attackers to compromise a Wi-Fi network from the other side of the world.

What IT and cybersecurity leaders need to know about implementing network detection and response.

Detection of tactics involving malicious DLL registration and other Kaspersky SIEM improvements in Q4 2024.

Hidden logic, data poisoning, and other targeted attack methods via AI systems.

The patch that fixes CVE-2024-49040 in Microsoft Exchange is temporarily unavailable. We’ve implemented heuristics that detect attempts to exploit it.

Malicious packages for AI integration containing infostealer malware were found in the Python Package Index repository.

A vulnerability that permits bypassing authentication has been found in a popular security hardening plugin for WordPress.

Exploitation of vulnerability CVE-2024-43451 allows an attacker to steal an NTLMv2 hash with minimal interaction from the victim.

Analyzing incidents and drawing lessons from them should be an integral part of the incident response process. This can help improve the overall security level of a company.

Discontinuing mandatory password rotations, banning outdated MFA methods, and other updates in the NIST SP 800-63 standards for digital account authentication and management.

Rules for detecting atypical behavior in container infrastructure at the data collection stage, and other updates to our SIEM system.

Hackers continue to target developers: during a fake job interview, they ask “potential employees” to run a script from GitHub that hides a backdoor.