Business

657 articles

Kaspersky's experts studied adverts on the darkweb and found out how much access to your company's infrastructure can cost.

Initial access market analysis

Our experts studied the shadow market for initial access to corporate infrastructure.

Most prevalent adversarial techniques applied in 2021 incidents

Kaspersky Managed Detection and Response experts identified the adversarial techniques that were most prevalent cybersecurity incidents in 2021.

The LuoYu APT group distributes and controls the WinDealer malware through a man-on-the-side attack.

WinDealer: spyware with a peculiar delivery mechanism

Our experts studied the WinDealer malware created by the LuoYu APT group.

CVE-2022-30190 aka Follina, a recently found vulnerability in the Windows Support Diagnostic Tool (MSDT), can be exploited via office documents.

Follina: office documents as an entrance

New vulnerability CVE-2022-30190, aka Follina, allows exploitation of Windows Support Diagnostic Tool via MS Office files.

How to improve smart car apps

After conducting a thorough study of applications for connected cars, our experts highlighted a number of flaws of such software.

Key incident response skills

What should an incident response specialist be able to do and how can they improve their skills?

Critical vulnerabilities in VMWare products

DHS recommends patching VMware, probably you should too

The Department of Homeland Security is urging US federal agencies to “patch or remove” a list of VMware products within five days. Probably you should do it too.

How to avoid becoming a ransomware victim a second time

How to prevent a ransomware attack from happening again?

For Anti-Ransomware Day, we decided to publish few tips that will help your company avoid falling victim to ransomware for a second time.

Time to update Windows! Microsoft released patches for several dozen of vulnerabilities, including CVE-2022-26925 that is being actively exploited by cybercriminals.

Actively exploited vulnerability in Windows

Time to update Windows! Microsoft has released patches for several dozen vulnerabilities, one of which cybercriminals are actively exploiting.

Is your mic really muted?

We cite an interesting study on how the mute button actually works in teleconferencing services, and discuss privacy in the web conferencing era.

Malware in e-mail on the rise

Malicious spam campaign targeting organizations grows 10-fold in a month, spreads Qbot and Emotet malware.

Decryptor for Yanluowang malware

Our cryptanalysts have found a way to decrypt files encrypted by Yanluowang.

BlackCat — new player in the ransomware business

Our experts investigated the activity and studied tools of ransomware gang BlackCat.

128 vulnerabilities in Microsoft products

A bunch of vulnerabilities in Windows, one already exploited

Microsoft patches 128 vulnerabilities in a list of products, including Windows and its components.

Anti-ransomware strategy

Practical tips for protecting companies from ransomware.

How to choose an XDR vendor

What to look for when choosing an XDR vendor.

Spring4Shell: critical vulnerability in Spring Java framework

Researchers found critical vulnerability in Spring, a popular Java framework. Here’s how it works, why it’s dangerous and how to protect from it.

Does your organization need extended detection and response (XDR) class protection?

Does your organization need XDR?

Answers to basic questions about extended detection and response.

What are the possible consequences of Okta hack?

Hackers from Lapsus$ group claim they breached Okta, a major provider of access management systems.

Ransomware as a distraction

HermeticRansom cryptor was used as a distraction to support HermeticWiper attacks.

Password reset notification scam

Anti-phishing lessons: what company employees should know about fake notifications about account security.

Privacy & Kids