Security assessment of corporate information systems in 2017
Each year, Kaspersky Lab’s Security Services department carries out dozens of cybersecurity assessment projects for companies worldwide. In this publication, we present a general...
Spam and phishing in Q2 2018
Quarterly highlights
GDPR as a phishing opportunity
In the first quarter, we discussed spam designed to exploit GDPR (General Data Protection Regulation), which came into effect...
Implementing Modern Approaches to Database Authentication and Authorization
The most common question I hear about Database Accounts is, “Can your solution vault Database Service and other Privileged Database Accounts?”
Every time I hear...
How to Authenticate Users Into Apps Using AWS Application Load Balancer and Centrify
At Centrify, an AWS Partner Network (APN) Advanced Technology Partner, we frequently work with developers building applications on Amazon Web Services (AWS). While many aspects of app...
Centrify Zero Trust Security Network Partners Highlighted at BlackHat USA 2018 Booth 2410
This week, BlackHat USA commemorates its 21st year, taking over the Mandalay Bay Convention Center in Las Vegas to present trainings as well as...
IT threat evolution Q2 2018
Targeted attacks and malware campaigns
Operation Parliament
In April, we reported the workings of Operation Parliament, a cyber-espionage campaign aimed at high-profile legislative, executive and judicial...
IT threat evolution Q2 2018. Statistics
Q2 figures
According to KSN:
Kaspersky Lab solutions blocked 962,947,023 attacks launched from online resources located in 187 countries across the globe.
351,913,075 unique URLs were...
Let’s Encrypt Root Trusted By All Major Root Programs
As of the end of July 2018, the Let’s Encrypt root, ISRG Root X1, is directly trusted by Microsoft products. Our root is now...
MFA Everywhere: A Tried and True Method in Accelerating Security
While phishing attacks continue to jeopardize today’s organizations (a reported 76% of organizations experienced phishing attacks in 2017), it was refreshing to hear that...
Latest article
Chromium: CVE-2026-13027 Use after free in FileSystem
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2025) for more information. - Read...
Weekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and more
Help shape the future of Metasploit FrameworkWe are planning future work in relation to the evasion capabilities present in Metasploit Framework, and how they...
New DirtyClone Linux Vulnerability Allows Attackers to Gain Root Access Via Cloned Packets
A new Linux kernel local privilege escalation vulnerability, dubbed “DirtyClone” (CVE-2026-43503), that allows unprivileged local users to gain full root access by manipulating cloned...
Hackers Claim French Employment Leak Exposes Over 1M Records, Health Data
Hackers claim 1M+ records tied to French employment apps were exposed, including HR files, health data, worker details, and plaintext passwords.
The post Hackers Claim...
