Newsletter: Introducing Kaspersky Next XDR Optimum: cutting-edge cybersecurity designed for medium-sized businesses

[THIS IS A PRESS RELEASE]

Kaspersky is strengthening its flagship product line, Kaspersky Next, with two new innovative solutions: Kaspersky Next XDR Optimum and Kaspersky Next MXDR Optimum, designed specifically for small and mid-sized businesses. These products offer powerful protection, automated response capabilities, easy deployment, and managed security, enabling organizations to effectively combat modern threats and minimize risks without stretching their existing resources.

As cyber threats grow increasingly complex and costly, mid-sized businesses find themselves facing sophisticated attacks that exploit legitimate tools and use advanced tactics to evade detection. At the same time, limited budgets and a shortage of skilled cybersecurity personnel make it difficult to deploy and manage advanced protective measures. To help these businesses protect themselves effectively without breaking the bank, Kaspersky has developed easy-to-use and highly effective solutions: Kaspersky Next XDR Optimum and Kaspersky Next MXDR Optimum. 

Newsletter: Trend Micro pushes for proactive cybersecurity at DECODE 2025: Maximize Momentum

[THIS IS A PRESS RELEASE]

Leading cybersecurity company Trend Micro recently concluded its annual free-for-all cybersecurity conference DECODE 2025: Maximize Momentum. Now in its ninth year, DECODE 2025 was attended by over 600 cybersecurity professionals and featured a variety of talks led by local and global industry experts, hands-on activities, and engaging demonstrations highlighting the current state of the cybersecurity landscape.

Newsletter: Acronis Report Finds AI-Powered Phishing and Social Engineering Fueling Surge in Ransomware

[THIS IS A PRES RELEASE]

Acronis, a global leader in cybersecurity and data protection, today released the findings of the Acronis Cyberthreats Report H1 2025, detailing the most popular threat vectors, active threat groups, and targeted industries in the first half of 2025. Ransomware remains the major threat for large and medium-sized businesses, with new groups increasingly leveraging AI to automate their activities – phishing accounted for 25% of all attacks and 52% of attacks targeting MSPs, a 22% increase compared to 1H 2024.

Newsletter: Kaspersky has discovered SparkKitty: a new Trojan spy on App Store and Google Play

[THIS IS A PRESS RELEASE]

Kaspersky researchers have discovered a new Trojan spy called SparkKitty which targets smartphones on iOS and Android. It sends images from an infected phone and information about the device to the attackers. This malware was embedded in apps related to crypto and gambling, as well as in a trojanized TikTok app, and was distributed on App Store and Google Play, as well as on scam websites. Experts suggest that the goal of the attackers is to steal cryptocurrency assets from residents of Southeast Asia and China. Users in the Philippines are also potentially at risk of facing a similar cyber threat. 

Kaspersky has notified Google and Apple about the malicious apps. Certain technical details suggest that the new malware campaign is linked to the previously discovered SparkCat Trojan — malware (the first of its kind on iOS) with a built-in optical character recognition (OCR) module that allows it to scan image galleries and steal screenshots containing cryptocurrency wallet recovery phrases or passwords. The SparkKitty case is the second time in a year that Kaspersky researchers have found a Trojan stealer on App Store, following SparkCat.

iOS

On App Store, the Trojan pretended to be an app related to cryptocurrencies — 币coin. On phishing pages mimicking the official iPhone App Store, the malware was distributed under the guise of TikTok and gambling applications.

An alleged crypto exchange app, 币coin, on App Store

A webpage mimicking AppStore to install an alleged TikTok app through developer tools

A fake web store embedded into the alleged TikTok app

"One of the vectors for the Trojan's distribution turned out to be fake websites where the attackers tried to infect the victims' iPhones. iOS has several legitimate ways to install programs not from the App Store. In this malicious campaign, the attackers used one of them — special developer tools for distributing corporate business applications. In the infected version of TikTok, during authorization, the malware, in addition to stealing photos from the smartphone gallery, embedded links to a suspicious store in the person's profile window. This store only accepts cryptocurrencies, which increases our concerns about it,” explains Sergey Puzan, a malware expert at Kaspersky.

Android

The attackers targeted users both on third-party websites and on Google Play, passing off the malware as various crypto services. For example, one of the infected applications — a messenger called SOEX with a cryptocurrency exchange function — was downloaded from the official store over 10,000 times. 

An alleged crypto exchange app, SOEX, on Google Play

Experts also found APK files of infected apps (these can be installed directly on Android smartphones bypassing official stores) on third-party websites that are likely related to the detected malicious campaign. They are positioned as investment crypto projects. The websites on which these applications were posted were advertised on social networks, including YouTube. 

"After the apps were installed, they functioned as promised in their description. But at the same time, photos from the smartphone gallery were sent to the attackers. The attackers may later try to find various confidential data in the images, for instance, crypto wallet recovery phrases to access the victims' assets. There are indirect signs that the attackers are interested in people's digital assets: many of the infected apps were related to crypto, and the trojanized TikTok app also had a built-in store that accepted payment for goods only in crypto," comments Dmitry Kalinin, a malware expert at Kaspersky. 

A detailed report about this attack is available on Securelist.com. 

To avoid becoming a victim of this malware, Kaspersky recommends the following safety measures:

• If you have installed one of the infected applications, remove it from your device and do not use it until an update has been released to eliminate the malicious functionality
• Avoid storing screenshots containing sensitive information in your gallery, including cryptocurrency wallet recovery phrases. Passwords, for example, could be stored in specialized applications such as Kaspersky Password Manager.
• Reliable cybersecurity software, like Kaspersky Premium, can prevent malware infections. Due to the architectural features of the Apple operating system, the Kaspersky solution for iOS shows the user a warning if it detects an attempt to transfer data to the attacker's command server, and blocks the attacker from transferring data.
• If an app asks for permission to access the phone's photo library, consider if this app really needs it. 

[END OF PRESS RELEASE]

Newsletter: Tenable Uncovers “GerriScary” Supply‑Chain Compromise Vulnerability in Popular Google’s Open‑Source Projects

[THIS IS A PRESS RELEASE]

Tenable, the exposure management company, has identified a vulnerability in Google’s open-source code review system, Gerrit, dubbed GerriScary. The vulnerability allowed unauthorised code submission to at least 18 major Google projects, including ChromiumOS (CVE-2025-1568), Chromium, Dart, and Bazel. GerriScary could have allowed attackers to submit unauthorised code revisions to existing change requests, bypassing manual approvals and enabling malicious code injection into major projects.

Newsletter: Kaspersky study: Only a quarter of organizations in APAC perform regular cybersecurity assessments

[THIS IS A PRESS RELEASE]

This leaves them exposed to unplanned downtime, production losses and the reputational and financial damages that can result from possible cyber breaches. This alarming trend was highlighted in a recent joint survey conducted by VDC Research and Kaspersky.

Newsletter: Over 250,000 cyberattacks disguised as anime: Kaspersky explores the dangers behind Gen Z’s favorite shows and platforms

[THIS IS A PRESS RELEASE]

From Naruto to Attack on Titan, cybercriminals are increasingly using anime and other Gen Z favorites as bait. In a new report covering Q2 2024 – Q1 2025, Kaspersky has found over 250,000 cyberattacks disguised as popular anime among other shows and streaming platforms favored by younger audience. To help Gen Z recognize these and other cyber risks, Kaspersky is launching “Case 404” — an interactive cybersecurity game, teaching how to protect their digital lives.

Kaspersky warns of emerging AI threats in APAC, urges proactive defense with SOC

[THIS IS A PRESS RELEASE]

Global cybersecurity and digital company Kaspersky raised urgent concerns about the rising misuse of artificial intelligence (AI) in cyberattacks across Asia Pacific (APAC), revealing new threat data and defensive strategies at its Cyber Insights 2025 forum held in Seoul.

Newsletter: Acronis TRU Reveals SideWinder’s Geofenced Malware Targeting Regional Defense and Financial Bodies

[THIS IS A PRESS RELEASE]

The Acronis Threat Research Unit (TRU) has uncovered a sophisticated cyber-espionage campaign orchestrated by the SideWinder Advanced Persistent Threat (APT) group, targeting key government and military institutions across South Asia. The latest campaign, which came to light in early 2025, focuses on high-value organizations in Sri Lanka, Bangladesh, and Pakistan, including Sri Lanka’s elite 55 Division of the Army and the Central Bank of Sri Lanka (CBSL).

Newsletter: Tenable Powers AI-Driven Exposure Management with Third-Party Data Connectors and Unified Dashboards

[THIS IS A PRESS RELEASE]

Tenable®, the exposure management company, today announced powerful new enhancements to its flagship platform, Tenable One, with the introduction of Tenable One Connectors and customizable risk dashboards. These advancements — powered by Tenable ExposureAI™ and built on the Tenable Data Fabric — make Tenable One the most advanced exposure management solution available today. With third-party data connectors, organisations unlock a contextualised view of all their security risk data in one place, regardless of the security products they use.

Newsletter: Kaspersky reaffirms 100% anti-tampering protection in latest AV-Comparatives test

[THIS IS A PRESS RELEASE]

Kaspersky Next EDR Foundations – represented by Kaspersky Endpoint Security – once again demonstrated 100% tamper protection in the latest focus penetration test by AV-Comparatives.

Attackers often attempt to disable security tools as an initial step in compromising business infrastructure. This makes tamper protection a key mechanism for preventing further compromise of the system. It safeguards the product from end-user and third-party changes, and protects services, processes, files, registry entries, and more from any unauthorized control attempts – even in the context of a privileged user (high or system integrity level). The Kaspersky solution met the strict certification requirements by successfully preventing all tampering attempts during testing.

Newsletter: PNP-ACG, GCash alert public on emerging shoulder surfing, video- and screen-sharing scams

[THIS IS A PRESS RELEASE]

The Philippine National Police Anti-Cybercrime Group (PNP-ACG) and leading finance super app GCash are urging the public to stay vigilant against emerging scams that threaten the safety of digital transactions. These scams—dubbed “Video Sharing,” “Screen Sharing,” and “Shoulder Surfing”—have recently surfaced as among the latest methods used by cybercriminals to gain access to financial accounts.

Newsletter: On World Password Day Kaspersky warns against AI password generation

[THIS IS A PRESS RELEASE]

How many passwords do you have? It could be more than you think. Most online services and apps require the user to create a password. Chances are many of those passwords are not being used daily and due to this overabundance, there’s a high probability that many of the passwords are being reused.

Newsletter: Cyber Immunity recognized by 71% of experts in APAC as a promising strategy against cybercriminals

[THIS IS A PRESS RELEASE]

At GITEX Asia 2025, Kaspersky has revealed findings from its latest research, stating that 71% of cybersecurity professionals from Asia Pacific (APAC) regard Cyber Immunity as an effective strategy for minimizing the capabilities of cybercriminals to penetrate networks and compromise systems. These insights indicate a growing demand for developing secure by design systems instead of relying solely on additional cybersecurity solutions.

Newsletter: Acronis Drives Cybersecurity Leadership with Over 7.5 Million Attacks Prevented, Continuous Growth, Innovation, and Industry Recognition

[THIS IS A PRESS RELEASE]

Acronis, a global leader in cybersecurity and data protection, solidifies its position as a cybersecurity leader through significant milestones, a broadened global user base, and new product releases and enhancements. Over the past year, Acronis has prevented more than 7.5 million attacks, demonstrating the proactive defense capabilities of its technologies.

Newsletter: Tenable Warns that Open-Source AI Tools Widen Cybersecurity Gaps as Adoption Outpaces Cloud Security Readiness

[THIS IS A PRESS RELEASE]

As businesses rush to harness artificial intelligence (AI) for competitive advantage, Tenable®, the exposure management company, warns that organisations may be overlooking the mounting risks embedded in the open-source tools and cloud services powering their AI development. New research from Tenable’s Cloud AI Risk Report 2025 finds that the pace of AI adoption is far outstripping security preparedness, with vulnerabilities, cloud misconfigurations and exposed data quietly accumulating across cloud environments.

Newsletter: Cyber security and resilience key factors to user online protection, economic growth

[THIS IS A PRESS RELEASE]

The 2025 Cyber Resilience Summit: Delivering Competitive Advantage Through Security held March 5-6 at the Crowne Plaza Manila is the first of its kind in the Philippines. The event featured top level experts from the Philippines and the SEA region representing government, finance and technology, banking and healthcare, BPM, advocacies and education, and the Armed Forces.

Newsletter: Kaspersky expands Partner Locator with access to global learning centers

[THIS IS A PRESS RELEASE]

Kaspersky has expanded its interactive Partner Locator service by adding a dedicated section for Authorized Training Centers. The expanded capability provides resellers, Kaspersky partners, and cybersecurity professionals worldwide with easy access to technical training centers for in-depth education on Kaspersky solutions.

Newsletter: From Backup to Business Resilience: AI’s Data Challenge in 2025

[THIS IS A PRESS RELEASE]

By Matthew Hardman, Chief Technology Officer, APAC, Hitachi Vantara

Asia is leading the world in AI adoption, but many businesses are beginning to realise that its 

effectiveness depends on how well data is structured, secured, and made accessible.

Newsletter: Tenable Research finds that DeepSeek R1 can be tricked into developing malware

[THIS IS A PRESS RELEASE]

When new technologies such as generative artificial intelligence (GenAI) emerge, cybercriminals inevitably look for ways to exploit its capabilities for malicious purposes. While most mainstream GenAI models have built-in safeguards to prevent misuse, Tenable Research has found that DeepSeek R1 can be tricked into generating malware, raising concerns about the security risks posed by AI-powered cybercrime.