Cybersecurity

We share the results of assessing the effectiveness of Kaspersky SIEM in real-world infrastructures and explore common challenges and solutions to these.

Kaspersky expert describes how DCOM interfaces can be abused to load malicious DLLs into memory using the Windows Registry and Control Panel.

Kaspersky experts detail the journey of the victims’ data after a phishing attack. We break down the use of email-based phishing kits, Telegram bots, and customized administration panels.

Kaspersky expert describes the Zigbee wireless protocol and presents two application-level attack vectors that allow Zigbee endpoints to be turned on and off.

We analyze the network activity of the Mythic framework, focusing on agent-to-C2 communication, and use signature and behavioral analysis to create detection rules for Network Detection and Response (NDR) solutions.

This report examines how employment and recruitment function on the dark web, based on over 2,000 job-related posts collected from shadow forums between January 2023 and June 2025.

Kaspersky experts break down the recent BetterBank incident involving ESTEEM token bonus minting due to the lack of liquidity pool validation.

Kaspersky researchers identified over 2000 unique hashtags across 11,000 hacktivist posts on the surface web and the dark web to find out how hacktivist campaigns function and whom they target.

With the end of Windows 10 support approaching, we discuss which forensic artifacts in Windows 11 may be of interest.

An expert at the Kaspersky AI expertise center explains how the team developed a machine-learning model to identify DLL hijacking attacks.

We will tell you how we integrated a DLL Hijacking detection model into the Kaspersky SIEM platform and how it helped us uncover several incidents in their early stages.

Kaspersky experts share insights into how AmCache may prove useful during incident investigation, and provide a command line tool to extract data from this artifact.

Kaspersky experts discuss the Model Context Protocol used for AI integration. We describe the MCP’s architecture, attack vectors and follow a proof of concept to see how it can be abused.

Kaspersky experts explain the different types of cookies, how to configure them correctly, and how to protect yourself from session hijacking attacks.

We analyze the built-in protection mechanisms in macOS: how they work, how threat actors can attack them or deceive users, and how to detect such attacks.