Tag: kaspersky
57 articles

GoSerpent Malware Targets Southeast Asian Governments for Espionage
A stealthy cyber threat, known as GoSerpent, has been secretly targeting Southeast Asian governments and diplomats since late 2025, with the goal of gathering sensitive intelligence. This sophisticated malware has been evolving, with a new set of malicious tools deployed as recently as May 2026.

Kaspersky Compromise Assessments Reveal Persistent Detection Gaps
Kaspersky's 2025 Compromise Assessment analysis reveals a shocking truth: 60% of incidents go undetected due to a lack of reliable alerts from existing tools, while manual detection accounts for only 20% of discovered threats. This blind spot allows threats to hide for alarmingly long periods, with 30.8% of incidents having a dwell time of over three months.

Mexico's Public Wi-Fi Exposes Security Risks Ahead of 2026 World Cup
Mexico's public Wi-Fi networks are leaving users vulnerable to security threats, with a staggering 84,588 signals and 69,473 unique network identifiers detected in high-traffic areas across the country. This alarming discovery comes as Mexico prepares to host the 2026 World Cup, highlighting the urgent need for improved cybersecurity measures.

Docker Images Expose Hidden Vulnerabilities
Docker containers are a top target for attackers, with a recent analysis of 100 popular Docker Hub images revealing that 64 contained critical flaws due to outdated software versions. Only one in ten images was fully up to date, leaving a vast majority vulnerable to predictable and dangerous exposures.

ExifTool Flaw Exposes Macs to Arbitrary Command Execution
A newly discovered vulnerability in ExifTool, known as CVE-2026-3102, left Macs open to hackers who could exploit it to run malicious commands by hiding them in image metadata. This flaw allowed attackers to take control by slipping instructions into seemingly harmless image files.

Ransomware Evolves With Post-Quantum Encryption, New Extortion Tactics
Ransomware attacks may be on the decline, but don't let your guard down - attackers are getting smarter, ditching encryption, and selling stolen data, with the manufacturing sector alone losing a whopping $18 billion in just three quarters. The threat may have evolved, but the damage and risk remain very real.

xrdp Vulnerability Exposes Remote Code Execution Risk
A critical vulnerability, CVE-2025-68670, was discovered in the xrdp remote desktop server, allowing for remote code execution - a flaw that was thankfully patched in January 2026. This security risk was found during a routine audit, highlighting the importance of regular security checks to protect against potential threats.

MD5 Password Hashes Cracked in Under an Hour
In a shocking test, Kaspersky researchers cracked 60% of 231 million MD5 password hashes in under an hour using just one high-powered graphics card, revealing the alarming vulnerability of even the most seemingly secure passwords. This unsettling experiment highlights the urgent need for stronger password protection.

Kaspersky Exposes Web Filtering Category for Sites with Undefined Trust Levels
Kaspersky has introduced a new web-filtering category for sites that just don't feel right - they're not quite phishing sites, but you still shouldn't trust them. The new "Sites with an undefined trust level" category helps keep you safe from manipulative or shady online resources.

Kaspersky Uncovers Trojanized DAEMON Tools in Targeted Supply-Chain Attack
If you installed DAEMON Tools between April 8 and now, your system may be compromised - Kaspersky researchers warn that a highly sophisticated supply-chain attack has been delivering a backdoor to thousands of systems via trojanized installers. Check your machines for unusual activity and take action ASAP to protect your organization.

Kaspersky Uncovers DAEMON Tools Supply Chain Attack
Kaspersky researchers have uncovered a sneaky supply chain attack that used compromised DAEMON Tools installers, downloaded directly from the official website, to deliver a malicious payload - and what's even scarier is that these installers were digitally signed by the very developers of DAEMON Tools themselves.

Lotus Wiper Malware Disrupts Venezuelan Energy Sector
Cybersecurity researchers uncovered a highly destructive malware, known as Lotus Wiper, that was used to disrupt Venezuela's energy sector in a targeted attack. This powerful data wiper was deployed in a series of devastating attacks at the end of 2025 and beginning of 2026.

Lotus Malware Targets Venezuelan Energy Firms with Data-Wiping Attacks
A new, highly destructive malware called Lotus has been targeting Venezuela's energy sector, leaving systems completely unrecoverable after wiping data and disabling recovery mechanisms. This devastating attack systematically deletes files and overwrites physical drives, causing irreversible damage.

Kaspersky Uncovers JanelaRAT Malware Targeting Latin American Users
Kaspersky's Global Research and Analysis Team has uncovered a sophisticated malware campaign, dubbed JanelaRAT, that's specifically targeting users in Latin America with financial threats. This evolved malware has been detailed in a recent report, revealing its updated functionality and infection chain.

Kaspersky Report Warns of Evolving Financial Cyberthreats
Stay ahead of financial cyber threats with Kaspersky's expert report, which reveals the latest trends and patterns from 2025 and offers a crucial outlook for 2026. Discover how phishing, PC malware, and infostealers are shaping the threat landscape and what it means for your financial security.

Kaspersky Uncovers Horabot Campaign Targeting Mexico
Kaspersky's Security Operations Center has uncovered a complex Horabot campaign targeting Mexico, and is now sharing crucial insights on how it works and how to detect it. This critical threat intelligence will help defenders in Mexico and beyond prioritize their resources and stay one step ahead of the threat.

Kaspersky Report Exposes Shifting Cyberattack Landscape
Get ready to face the future of cyber threats! The Kaspersky Security Services report delivers eye-opening insights into the evolving cyberattack landscape, combining real-world incident response findings with hard data from its Managed Detection and Response service.

Kaspersky Uncovers Coruna Exploit Kit Linked to Operation Triangulation
Kaspersky's researchers have made a significant discovery: the Coruna exploit kit, now targeting iPhones, uses an updated kernel exploit linked to the notorious Operation Triangulation. This finding highlights the evolving threat landscape, where offensive code is repurposed to target new devices.

Kaspersky Uncovers CrystalX RAT with Extensive Spyware and Stealer Capabilities
Meet CrystalX, a sinister new remote-access tool that's being sold as a ready-made menace, packing an alarming combination of spyware, stealer, and prankware capabilities that put your digital security at risk. This malicious toolkit is the latest threat to watch out for, and Kaspersky researchers are sounding the alarm.

Mustang Panda Exclusive: Signed Rootkit Threatens Systems
Think a signed driver means its safe? Kaspersky uncovered Mustang Panda using a legitimately signed rootkit to load the TONESHELL backdoor and bypass defenses—proof that a signed rootkit can be weaponized to gain kernel‑level control.

RevengeHotels malware: Stunning, Dangerous AI Comeback
Kaspersky warns that RevengeHotels has resurfaced, now using AI to churn out highly convincing fake booking pages and tailored phishing messages that quietly steal card details. Travelers and hotels should double-check booking links, vet payment workflows, and monitor transactions closely to avoid getting burned.

China Cyber Espionage Africa: Stunning Critical Risk
As Africa’s digital services boom, a China-linked group tied to APT41 has been quietly targeting government networks and critical infrastructure—stealing data and eroding public trust. Strengthening cybersecurity, building local talent, and boosting regional cooperation are urgent steps to protect citizens and preserve digital sovereignty.

China cyber espionage: Stunning Threat to Africa
As African governments rapidly digitize, startling new research linking APT41—widely tied to China—to precise, long-running intrusions shows our digital services and citizens’ data are suddenly on the frontline of global espionage. It’s a wake-up call: without stronger defenses, collaboration, and local expertise, nations risk costly breaches that undermine security, economies, and public trust.

AsyncRAT Code Release Drives Global Rise in Malware Threats
When a powerful open-source tool like AsyncRAT falls into the wrong hands, it can quickly transform from a helpful remote admin app into a global malware menace—fueling a surge of cyberattacks that threaten industries worldwide.