All posts

A matter of triangulation

Targeted attack on our management with the Triangulation Trojan.

Brute-forcing a fingerprint-protected smartphone

BrutePrint: bypassing smartphone fingerprint protection

Android fingerprint protection isn’t that reliable after all: it can be brute-forced even without a copy of your fingerprint.

Safeguards against firmware signed with stolen MSI keys

MSI leak: tips for users, organizations, and developers

Now anyone can sign device firmware with MSI private keys. This represents a long-term persistent risk to be considered by all users.

What is multi-factor authentication?

What multi-factor authentication is, why you should use it, and what “factors” there are.

The personal threat landscape: securing yourself smartly

Know your personal threat landscape

You can apply the concept of a threat landscape as used in corporate security to yourself to make it easier to stay protected.

Creating a realistic isolated environment for threat intelligence and analysis

Making a better sandbox

The effectiveness of a sandbox largely depends on its ability to realistically imitate a working environment.

Public and private clouds compared for risks and costs

Brief cheat-sheet on cloud types and their risks

Сloud technologies differ in terms of both costs and risks. What cloud type should you choose, and how should you begin your migration?

Security risks associated with the new .zip and .mov domains

Beware the .zip and .mov domains!

Website names in the ZIP and MOV domains are indistinguishable from file names. How will this affect IT systems, and what will threat actors do?

New hardware vulnerability in Intel processors

A brief, plain-language explanation of an advanced method of data theft using features of modern CPUs.

Here’s how we should approach artificial intelligence

It’s obvious already that AI needs regulating, but how? Here’s Eugene Kaspersky telling us how he sees it.

ChatGPT jailbreaks

How Lord Voldemort helps hack neural networks.

How the A-GPS in your smartphone works, and whether Qualcomm is tracking you

Are geolocation services spying on you?

Learn how geolocation services work, and who learns of your location when your smartphone pins it down.

How to get ready for deepfake threats

Cybercriminals are increasingly using deepfakes in attacks against companies. What can we do to be safer?

The most popular ways to launder cryptocurrency

How cybercriminals launder dirty crypto

Crypto mixers, nested exchanges, cash-out and other crypto-laundering methods used by ransomware operators.

What threatens smart devices, and how microkernel OSs can help protect them.

Microkernel OSs against threats to smart devices

Why such OSs are gaining more significance in markets in need of security.

How real is deepfake threat?

Understanding the mechanics of the darknet deepfake industry.

Review and analysis of fake Trezor cryptowallet

Case study: fake hardware cryptowallet

Full review of a fake cryptowallet incident. It looks and feels like a Trezor wallet, but puts all your crypto-investments into the hands of criminals.

Microsoft buried Internet Explorer. But not completely — again

Internet Explorer is finally dead. Or is it?

In its February update, Microsoft buried Internet Explorer once and for all. Or did it? We investigate what really happened.

A look at cybersecurity issues in season 3 of The Mandalorian show.

Cybersecurity in season 3 of The Mandalorian

As per tradition, on May 4, we review the status of cybersecurity in a galaxy far, far away.

How to choose a browser that spies on you less

Private browsers: a beginner’s guide

Alternatives to Google Chrome that take data privacy more seriously.

Purging your company’s LinkedIn page of fake employees

Fake accounts on LinkedIn: time for a purge

Why you should purge your company’s LinkedIn page from fake employee profiles, and how to do it.

Privacy & Kids

TARGETED SECURITY SOLUTIONS