Business

678 articles

Six key areas for cost-effective development of a company's information security function in 2025, with a focus on budget optimization

CISO priorities in 2025

Analyzing the popular CISO MindMap from an economic efficiency perspective.

Protecting against attacks in ZIP, RAR, CAB, MSI, ISO and other archives

Security measures for handling archive files in organizations

Archives are being used in targeted phishing and other attacks on organizations. What tools, settings, and policies can mitigate the threat?

Scammers exploiting GetShared for phishing attacks

Scammers are exploiting GetShared to bypass email security.

Polyglot technique for disguising malware

When files are not what they seem

Attackers use the polyglot technique to disguise malware. We explain what it is and how to protect your company against attacks.

A ransomware attack through an IP camera

Fending off ransomware attacks that exploit corporate IoT devices.

AI technologies in Kaspersky SIEM

How and why we deploy artificial intelligence in our SIEM system.

CVE-2025-2783 in Operation ForumTroll APT attack

Operation ForumTroll: APT attack via zero-day vulnerability

Our technologies have helped to detect the zero-day vulnerability CVE-2025-2783 in Google Chrome, which was used in a sophisticated APT attack.

Fog ransomware publishes victim’s IP-addresses

Cybercriminals behind the Fog ransomware publish leaked data along with the IP addresses of attacked computers.

Attack on DevOps: secrets leaked via malicious GitHub Action

How to respond to a compromised GitHub changed-files Action incident.

Update your VMware ESXi products now to patch these three critical vulnerabilities from 2025

Three VMware vulnerabilities: key risks and urgent patches

Reasons for updating your ESXi infrastructure ASAP, and enterprise threats that VM escape poses.

Main vulnerabilities from Microsoft's March Patch Tuesday

Six Microsoft vulnerabilities being actively exploited

Microsoft’s March Patch Tuesday fixes several vulnerabilities that have already been used in the wild. Details are not clear at the moment, but it’s worth installing the patches ASAP.

Technology to check QR codes for phishing

Checking QR codes in emails

We’ve added technology that checks QR codes in emails for phishing links.

What events to collect on computers for monitoring complex threats

What events help an MDR service detect attacks?

What information does an MDR service need to protect a company from complex targeted attacks?

Attack on Google OAuth using abandoned domains

A vulnerability in Google OAuth allows attackers to access accounts of defunct organizations through abandoned domains.

How to optimize and safely scan huge file storage for infections

How to safely scan large file storage for malware

A step-by-step guide to scanning disk arrays weighing tens of terabytes with the aid of Kaspersky products.

Auto-Woodpecker’s anniversary!

What is Auto-Woodpecker, and what does it have to do with AI?

The complete story of the 2024 ransomware attack on UnitedHealth

UnitedHealth ransomware attack

A year after the ransomware attack on healthcare giant UnitedHealth Group, we’ve compiled all publicly available information about the incident and its aftermath.

XMRig miner as a New Year’s gift

Just a few hours before 2025, we recorded a surge in cryptominer distribution through video games. Interestingly, not only home PCs but also corporate machines were affected.

SLAP and FLOP vulnerabilities in Apple CPUs

SLAP and FLOP: Complex vulnerabilities in Apple CPUs

New research demonstrates for the first time how hardware vulnerabilities in modern CPUs can be exploited in practice.

Supply-chain attacks in 2024

We look at the most notable supply-chain attacks of 2024.

Ransomware: the most notable attacks of 2024

$3 billion worth of damage to healthcare insurance giant, schools closed, soccer club players’ data leaked, and other ransomware incidents in 2024.

Privacy & Kids