iOSDangerous investments: App Store scammers
We’ve found several scam investment-apps in the App Store that dupe users out of personal information.
Latest
Three common attacks on Linux in homes
Even if you don’t know it, you probably have devices running Linux at home — and they need protection too! Here are three Linux threats that even IT professionals often forget about.
passwordsPassword storage as the cornerstone of security
How online services should store user passwords, and how to minimize the damage in the event of a leak or hack.
kidsBack-to-school threats: social networking
Kids use social networks and IMs a lot, and don’t keep in mind that the “internet remembers all”. How to reduce the digital footprint of your tiny beloved ones (even if they’re taller than you).
vulnerabilitiesSecurity of Electron-based desktop applications
A few words on why desktop applications based on the Electron framework should be approached with caution.
TechnologyThe Fediverse: what is it, what’s it for, and how does it work?
We explain what the Fediverse is, how it works, where you can experience it today, and what to expect in the future.
Self-evaluation questionnaire phishing scam
Attackers invite employees to complete fake self-evaluations to steal corporate credentials.
Unlocking the AI Pandora’s box: APAC Cybersecurity Weekend 2023 Uncovered
Dive into the depths of AI’s promised game-changing effects and also its perils, emerging AI threats, and our CEO’s vision for cyber immunity at our APAC Cybersecurity Weekend 2023.
How to lessen the workload on the CISO and their team
What tasks needlessly overload infosec experts, and how to break the curse of overtime.
Gamers
Mario Forever, malware too: a free game with a miner and Trojans inside
Malicious versions of the free-to-download game Super Mario 3: Mario Forever plant a miner and a stealer on gamers’ machines.
Minecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
The Phantom Menace: how gamers of different ages are being attacked
Why scammers are more likely to target kids than hardcore gamers, how they do it, and what they want to steal
The true cost of gaming
Our research reveals gamers’ attitudes toward computer performance — and the ethics of winning and losing.
Where did that game cheats video on your YouTube channel come from?
The RedLine Trojan stealer spreads under the guise of cheats for popular games and posts videos on victims’ YouTube channels with a link to itself in the description.
$2 million inventory hacked in CS:GO
An unnamed hacker allegedly stole two million dollars’ worth of items from a CS:GO player’s backpack and has already started auctioning off the items.
Attack on Cities: Skylines — malicious code in a virtual city
We explain why game mods can be dangerous, using as an example malicious mods for Cities: Skylines.
Dangerous vulnerability in Dark Souls III videogame
Dangerous vulnerability was discovered in Dark Souls III videogame that can be used to gain control of a gamer’s computer.
Business
Wrong system time and insecure Secure Time Seeding
Why the Windows system time can suddenly change, and how to stop it from happening.
How to stop your site from being a partner in crime
Why criminals want to hack your website, how they might use it in new attacks, and how to stop them.
OSINT: what’s the danger, and how to stay safe
We explain what OSINT is, why it has to be front-of-mind at all times, and how to guard against hackers using it.
tipsWhat to patch first: prioritizing updates
Some thoughts on what PC software patches should be prioritized and why.
The security aspect of employee offboarding
Offboarded employees often retain access to work information. What are the risks, and how to deal with them?
Zenbleed: new hardware vulnerability in AMD CPUs
Explaining an issue in popular PC and server CPUs in simple terms.
I firmly believe that the concept of cybersecurity will soon become obsolete, and cyberimmunity will take its place.
Eugene Kaspersky
Business
Popular
Critical vulnerability in Apache Log4j library
Researchers discovered a critical vulnerability in Apache Log4j library, which scores perfect 10 out of 10 in CVSS. Here’s how to protect against it.
Case study: fake hardware cryptowallet
Full review of a fake cryptowallet incident. It looks and feels like a Trezor wallet, but puts all your crypto-investments into the hands of criminals.
Five things to update ASAP
Prioritize updating the apps that keep your devices and personal data safe from cyberattacks.
Update iOS, there is a dangerous vulnerability in WebKit
Dangerous vulnerability in WebKit (CVE-2022-22620) is believed to be actively exploited by hackers. Update your iOS devices as soon as possible!
What to do if you lose your phone with an authenticator app
Can’t sign in to an account because your authenticator app is on a lost phone? Here’s what to do.
Infected Android app store
The APKPure app store has been infected by a malicious module that downloads Trojans to Android devices.
Follina: office documents as an entrance
New vulnerability CVE-2022-30190, aka Follina, allows exploitation of Windows Support Diagnostic Tool via MS Office files.
Who’s in your Facebook and Instagram accounts?
What to do if you receive a notification about a suspicious login to your Facebook or Instagram account.
Tips
Know your personal threat landscape
You can apply the concept of a threat landscape as used in corporate security to yourself to make it easier to stay protected.
Why you should set up secure DNS – and how
Have you ever come across the words Secure DNS or Private DNS in your smartphone settings and security apps? It’s best to keep this feature enabled – it has many advantages.
How to avoid online recruitment scams in 2023
Received an attractive job offer from a stranger? Be careful! It could be a scam…