Business

What is Auto-Woodpecker, and what does it have to do with AI?

A year after the ransomware attack on healthcare giant UnitedHealth Group, we’ve compiled all publicly available information about the incident and its aftermath.

Just a few hours before 2025, we recorded a surge in cryptominer distribution through video games. Interestingly, not only home PCs but also corporate machines were affected.

New research demonstrates for the first time how hardware vulnerabilities in modern CPUs can be exploited in practice.

We look at the most notable supply-chain attacks of 2024.

$3 billion worth of damage to healthcare insurance giant, schools closed, soccer club players’ data leaked, and other ransomware incidents in 2024.

What network-security and access-control tools do the world’s top cyber-regulators recommend to companies?

Researchers have discovered a vulnerability in the 7-Zip file archiver software.

The complete story of the hype, panic, and misunderstanding surrounding attacks on cryptographic algorithms using quantum computers.

Attacks on companies via their suppliers and contractors are becoming increasingly widespread. How can you manage this risk?

How to estimate what and how much hardware will be needed for a SIEM system to assess the costs before deployment?

Kaspersky specialists, in collaboration with external experts, have formulated some key guidelines for safe and legal use of AI.

Cybercriminals distributing the Mamont banker under the guise of an application for tracking the delivery of goods at wholesale prices.

How a simple, well-known general threat became a key targeted-attack vector on companies.

We discuss the recently discovered Nearest Neighbor attack method, which enables attackers to compromise a Wi-Fi network from the other side of the world.

What IT and cybersecurity leaders need to know about implementing network detection and response.

Detection of tactics involving malicious DLL registration and other Kaspersky SIEM improvements in Q4 2024.

Hidden logic, data poisoning, and other targeted attack methods via AI systems.

The patch that fixes CVE-2024-49040 in Microsoft Exchange is temporarily unavailable. We’ve implemented heuristics that detect attempts to exploit it.

Malicious packages for AI integration containing infostealer malware were found in the Python Package Index repository.

A vulnerability that permits bypassing authentication has been found in a popular security hardening plugin for WordPress.