vulnerabilities

Can a device be hacked when switched off? Recent studies suggest so. Let’s see how this is even possible.

New vulnerability CVE-2022-30190, aka Follina, allows exploitation of Windows Support Diagnostic Tool via MS Office files.

The Department of Homeland Security is urging US federal agencies to “patch or remove” a list of VMware products within five days. Probably you should do it too.

Time to update Windows! Microsoft has released patches for several dozen vulnerabilities, one of which cybercriminals are actively exploiting.

Microsoft patches 128 vulnerabilities in a list of products, including Windows and its components.

If you use an iPhone, it’s crucial to always install the Safari and WebKit updates, even if your browser of choice is Chrome, Firefox or something else. Here’s why.

Researchers found critical vulnerability in Spring, a popular Java framework. Here’s how it works, why it’s dangerous and how to protect from it.

The recent Google Chrome update patches 10 high severity vulnerabilities and a dozen of less critical bugs. Time to update your browser!

Dangerous vulnerability in WebKit (CVE-2022-22620) is believed to be actively exploited by hackers. Update your iOS devices as soon as possible!

How to update Google Chrome right when you really need to, and what to do if you run into problems.

Does hardware vulnerabilities in CPU pose a practical threat to businesses?

Dangerous vulnerability was discovered in Dark Souls III videogame that can be used to gain control of a gamer’s computer.

Microsoft patches more than a 100 vulnerabilities in Windows 10 and 11, Windows Server 2019 and 2022, Exchange Server, Office, and Edge browser.

Remembering 2021’s most interesting infosec events — in memes and tweets.

A look at what’s changed in the Matrix in the 18 years since the last update.

Even to the naked eye, the Matrix’s flawed implementation threatens the system’s stability and security.

Researchers discovered a critical vulnerability in Apache Log4j library, which scores perfect 10 out of 10 in CVSS. Here’s how to protect against it.

Researchers from Cambridge describe the Trojan Source method for inserting hidden implants in source code.

Kaspersky’s Ask the Analyst service will ease access to our expertise.

On October’s Patch Tuesday, Microsoft patched 71 vulnerabilities, several of which are particularly serious.

Our security technologies detected the exploitation of a previously unknown vulnerability in the Win32k driver.