Why the Path Towards Zero Trust Starts with Next-Gen Access
Zero Trust Security has gained a lot of popularity over the last six months. Almost daily you can read articles about this security strategy...
Engineering deep dive: Encoding of SCTs in certificates
Let’s Encrypt recently launched SCT embedding in
certificates.
This feature allows browsers to check that a certificate was submitted to a
Certificate Transparency
log. As part of the...
Pocket cryptofarms
In recent months, the topic of cryptocurrency has been a permanent news fixture — the value of digital money has been see-sawing spectacularly. Such...
GDPR and Privacy: How to Earn the Trust of Your Customers and Keep Regulators...
Customer data is the lifeblood of any organisation and the key to unlocking sales and growth. But the data you hold and how you...
Your new friend, KLara
While doing threat research, teams need a lot of tools and systems to aid their hunting efforts – from systems storing Passive DNS data...
Old Dog, New Targets: Switching to Windows to Mine Electroneum
Apache Struts 2 Jakarta Multipart Parser RCE crypto-mining campaign is now targeting Windows, not just Linux systems. - Read more
Real-Life Exposed Privileged Identity Theft
Have you ever had your identity stolen? Credit cards obtained under your name that were not yours?
Most of us have, and what a pain...
Threat Landscape for Industrial Automation Systems in H2 2017
For many years, Kaspersky Lab experts have been uncovering and researching cyberthreats that target a variety of information systems – those of commercial and...
Six Reasons to Experience Zero Trust Security in Centrify Booth 501 at RSA
In case you hadn’t heard, the 2018 RSA Conference will be held April 16-19 at the Moscone Center in San Francisco. If you haven’t...
Latest article
Chromium: CVE-2026-13027 Use after free in FileSystem
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2025) for more information. - Read...
Weekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and more
Help shape the future of Metasploit FrameworkWe are planning future work in relation to the evasion capabilities present in Metasploit Framework, and how they...
New DirtyClone Linux Vulnerability Allows Attackers to Gain Root Access Via Cloned Packets
A new Linux kernel local privilege escalation vulnerability, dubbed “DirtyClone” (CVE-2026-43503), that allows unprivileged local users to gain full root access by manipulating cloned...
Hackers Claim French Employment Leak Exposes Over 1M Records, Health Data
Hackers claim 1M+ records tied to French employment apps were exposed, including HR files, health data, worker details, and plaintext passwords.
The post Hackers Claim...
