Still Stealing
Two years ago in October 2015 we published a blogpost about a popular malware that was being distributed from the Google Play Store. Over...
Looking Forward to 2018
Let’s Encrypt had a great year in 2017. We more than doubled the number of active (unexpired) certificates we service to 46 million, we...
Cybercriminals vs financial institutions in 2018: what to expect
ul li {margin-bottom:2.4rem;}
Introduction – key events in 2017
2017 was a year of great changes in the world of cyberthreats facing financial organizations.
Firstly, in 2017...
Kaspersky Security Bulletin: Review of the Year 2017
ul li {margin-bottom:2.4rem;}
Introduction
The end of the year is a good time to take stock of the main cyberthreat incidents that took place over the...
Kaspersky Security Bulletin: Story of the year 2017
Download the Kaspersky Security Bulletin: Story of the year 2017
Introduction: what we learned in 2017
In 2017, the ransomware threat suddenly and spectacularly evolved. Three...
Achieving Multi-Dimensional Security Through Information Modeling—Unwrapping Controls Part 4
In Part 3 of this blog series, we demonstrated modeling the threat landscape along with executive threat-modeling. In this blog, we discuss the importance...
IoT lottery: finding a perfectly secure connected device
Black Friday and Cyber Monday are great for shopping. Vendors flood the market with all kinds of goods, including lots of exciting connected devices...
A CISO Landmine: No Security Awareness Training
CISOs who fail to prioritize security awareness training are putting their business and assets at serious risk. - Read more
What Happens to Encryption in a Post-Quantum Computing World?
As the possibility of quantum computing draws nearer, changes to today’s TLS key exchange algorithms will be required. - Read more
ACME Support in Apache HTTP Server Project
We’re excited that support for getting and managing TLS certificates via the ACME protocol is coming to the Apache HTTP Server Project (httpd). ACME...
Latest article
Chromium: CVE-2026-13027 Use after free in FileSystem
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2025) for more information. - Read...
Weekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and more
Help shape the future of Metasploit FrameworkWe are planning future work in relation to the evasion capabilities present in Metasploit Framework, and how they...
New DirtyClone Linux Vulnerability Allows Attackers to Gain Root Access Via Cloned Packets
A new Linux kernel local privilege escalation vulnerability, dubbed “DirtyClone” (CVE-2026-43503), that allows unprivileged local users to gain full root access by manipulating cloned...
Hackers Claim French Employment Leak Exposes Over 1M Records, Health Data
Hackers claim 1M+ records tied to French employment apps were exposed, including HR files, health data, worker details, and plaintext passwords.
The post Hackers Claim...
