Analysis of user password strength
Kaspersky experts conducted a study of password resistance to attacks that use brute force and smart guessing techniques. Continue reading Analysis of user password strength
Collaborate Disseminate
Kaspersky experts conducted a study of password resistance to attacks that use brute force and smart guessing techniques. Continue reading Analysis of user password strength
We performed the security analysis of a Telit Cinterion modem in course of a bigger project of security assessment of a popular model of a truck and found eight vulnerabilities. Continue reading Cinterion EHS5 3G UMTS/HSPA Module Research
The report analyzes the security properties of a popular biometric access control terminal made by ZkTeco and describes vulnerabilities found in it. Continue reading QR code SQL injection and other vulnerabilities in a popular biometric terminal
This is the first part of the research, devoted to null session vulnerability, unauthorized MS-RPC interface and domain user enumeration. Continue reading A journey into forgotten Null Session and MS-RPC interfaces
Enterprises spend enormous effort fixing software vulnerabilities that make their way into their publicly-facing applications. The Consortium for Information and Software Quality estimates that the cost of poor software quality in the United States rea… Continue reading Finding software flaws early in the development process provides ROI
Our Security assessment team set up rankings that reflected our take on the most widespread and critical web application vulnerabilities as viewed through a prism of eight years’ experience. Continue reading Top 10 web application vulnerabilities in 2021–2023
Group-IB identified a large-scale malicious campaign primarily targeting job search and retail websites of companies in the Asia-Pacific region. The group, dubbed ResumeLooters, successfully infected at least 65 websites between November and December 2… Continue reading ResumeLooters target job search sites in extensive data heist
This paper aims to provide guidance for organizations looking to select an MSSP and help to identify the benefits and drawbacks of using an MSSP. Continue reading Selecting the right MSSP: Guidelines for making an objective decision
What is the analyst on a penetration testing team, what role they perform at Kaspersky, and why is their job vital to the success of the project? Continue reading Good, Perfect, Best: how the analyst can enhance penetration testing results
Any organization that’s actively working on managing its cybersecurity risk can’t ignore the risk that goes with third-party vendors having access to its critical systems and customer data. “Up until today, organizations of all sizes … Continue reading MVSP: A minimum cybersecurity baseline to simplify vendor security assessment