Cybersecurity firm Kaspersky has introduced a significant enhancement to its Digital Footprint Intelligence (DFI) service: the External Attack Surface module.
This digital tool, integrated into Kaspersky’s Threat Intelligence portal, aims to enable organizations with advanced capabilities to monitor and secure their internet-exposed assets.
Alongside this development, Kaspersky’s recent reports reveal alarming trends, including a surge in smartphone attacks and the persistent dominance of Windows 10 among PC users, underscoring the need for cybersecurity measures in 2025.
The External Attack Surface module addresses a critical challenge for businesses navigating the complexities of modern digital infrastructure.
As companies increasingly rely on cloud services, external applications, and shadow IT, their attack surfaces—the points where attackers can exploit vulnerabilities—have grown considerably.
According to Kaspersky’s 2024 Incident Response report, public-facing applications were the primary entry point for 39% of cyber incidents last year, with over 90% of exploited vulnerabilities being over a year old, often due to outdated software or lax update policies.
The new module tackles this by continuously monitoring internet-connected assets, identifying weaknesses such as outdated software or open ports, and prioritizing risks based on their potential business impact.
This allows security teams to gain a clear understanding of their exposure and take proactive steps to mitigate threats, such as patching vulnerabilities or reconfiguring systems.
The module’s design is particularly timely as organizations face increasingly sophisticated cyberattacks.
By combining vulnerability detection with misconfiguration analysis and risk assessment, it provides actionable insights for security professionals.
For instance, it answers critical questions like, “Which of our internet-exposed assets are vulnerable?” and offers tailored recommendations to reduce risks.
This addition strengthens Kaspersky’s DFI service, which already monitors threats across the surface, deep, and dark web, reinforcing its role as a comprehensive tool for digital risk protection.
Meanwhile, Kaspersky’s latest data highlights a worrying rise in mobile threats.
In the first half of 2025, attacks on Android smartphones surged by 29% compared to the same period in 2024 and by 48% compared to the second half of 2024.
Notable threats included the SparkCat and SparkKitty malware, which bypass app store securities, and the Triada backdoor, found preinstalled on counterfeit smartphones.
Other malicious activities involved apps disguised as VPNs or adult content, capable of launching DDoS attacks or intercepting login codes.
Anton Kivva, Kaspersky’s Malware Analyst Team Lead, emphasized that while Google’s efforts to verify developers for sideloaded apps are a step forward, malware continues to infiltrate even official app stores like Google Play and Apple’s App Store.
Kaspersky advises users to download apps only from trusted sources, regularly update their operating systems, and use reliable security solutions like Kaspersky Premium to stay protected.
Adding to the cybersecurity landscape’s complexity, Kaspersky reports that over half of general users and nearly 60% of corporate users still rely on Windows 10, with only 33% having upgraded to Windows 11.
This is concerning as Windows 10’s widespread use makes it a prime target for cybercriminals, especially with the operating system approaching its end-of-support date in October 2025.
Outdated systems are more vulnerable to exploits, as evidenced by Kaspersky’s finding that vulnerability exploits on Windows and Linux increased in the first half of 2025 compared to 2024.
Regular updates and endpoint protection are critical to safeguarding these systems.
Kaspersky’s introduction of the External Attack Surface module, combined with its insights into mobile threats and operating system vulnerabilities, highlights the urgent need for proactive cybersecurity.
As digital transformation accelerates, businesses and individuals must prioritize monitoring, updating, and securing their digital assets to stay ahead of evolving threats.