Business

763 articles

AI assistant in Kaspersky Container Security

Another look inside the container

The latest update to Kaspersky Cloud Workload Security adds support for an AI assistant for image analysis.

CVE-2026-3102: macOS ExifTool image-processing vulnerability

The ExifTool vulnerability: how an image can infect macOS systems

An in-depth analysis of CVE-2026-3102, a vulnerability posing a potential threat to anyone processing images on a Mac.

Cloudless malware attribution

What is the purpose of a local version of the Kaspersky Threat Attribution Engine, and how to hook it up to IDA Pro?

Finger, DNS-lookup, captcha, and other ways ClickFix techniques is being used in real world attacks.

Variations of the ClickFix

Various cases of the ClickFix technique used in real world attacks.

Phishing via Google Tasks

Attackers are delivering phishing links via Google Tasks notifications.

OpenClaw threats: assessing the risks, and how to handle shadow AI

What corporate security teams should do about the “viral” AI agent.

Which cybersecurity terms your management might be misinterpreting

Risks, vulnerabilities, and zero trust: key terms the CISO and the board must agree on

Breaking down core cybersecurity terms that colleagues often interpret differently or incorrectly.

Rules for detecting exploitation of vulnerabilities in FortiCloud SSO

How to detect FortiCloud SSO authentication bypass

Kaspersky SIEM got a set of correlation rules for detecting attempts to exploit vulnerabilities for authentication bypass in Fortinet products.

How does cyberthreat attribution help in practice?

The practical value of cyberthreat attribution

Why is it useful to attribute malware to a specific hacker group?

Detecting account compromise with SIEM

Detecting attacks related to compromised accounts with AI and other updates in Kaspersky SIEM.

Essential agentic AI security measures based on the OWASP ASI Top 10

AI agents in your organization: managing the risks

The top-10 risks of deploying autonomous AI agents, and our mitigation recommendations.

What is the Epochalypse, also known as the "year 2038 problem", and how can businesses fix it?

Epochalypse Now — or how to deal with Y2K38

What is the year 2038 problem — also known as “Unix Y2K” — and how to prepare corporate IT systems for it?

Why businesses need to track down their evil digital twins

Crooks are impersonating your brand to attack customers, partners, and employees. How do you spot — and stop — an attack of the clones?

Trust but verify: how we set the standard for transparency and trust

Who can you trust in the cybersecurity solutions market? Fourteen major vendors were compared in terms of transparency, security management, and data-handling practices – and guess which was a leader across the board?!…

ForumTroll targets political scientists

GReAT experts have analyzed a new targeted campaign by the ForumTroll APT group.

Malware hiding in a 3D model

How automation turns legitimate tools into a channel for malware delivery.

CVE-2025-55182 vulnerability in React and Next.js

React4Shell vulnerability: protecting web servers from CVE-2025-55182

Millions of websites based on React and Next.js contain an easy-to-exploit vulnerability that can lead to complete server takeover. How to check if your server is vulnerable, and protect corporate web assets?