U.S. authorities have seized over $23 million in cryptocurrency linked to the theft of $150 million from a Ripple crypto wallet in January 2024. Investigators believe hackers who breached LastPass...
Posted by Dirk GöhmannIn 2024, our Vulnerability Reward Program confirmed the ongoing value of engaging with the security research community to make Google and its products safer. This was evident...
These threats and trends just may define your year
DoJ indicts i-Soon and APT27 actors, EncryptHub buys pay-per-install services to compromise victims, and ClickFix abuses MS SharePoint to deploy Havoc.
Black Basta was one of the fastest growing ransomware threats in the last couple of years. Now it's gone silent. What happened?
2025-03-04 • Hunt.io • Hunt.io • py.pyramid, win.stealc Open article on Malpedia
2025-03-05 • Microsoft • Microsoft Threat Intelligence Open article on Malpedia
A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices. [...]
Eleven11bot infects webcams and video recorders, with a large concentration in the US.
Microsoft Threat Intelligence exposes a malvertising campaign exploiting GitHub, Discord, and Dropbox. Discover the multi-stage attack chain, the…
From DeepSeek adoption to impact on security and governance.
A Memphis man was arrested and charged with stealing DVDs and Blu-ray discs of unreleased movies and sharing ripped digital copies online before their release. [...]
AI-driven cyberattacks are rapidly escalating, with a vast majority of security professionals reporting encounters and anticipating a surge, while struggling with detection
Abuse of Active Directory Certificate Services (AD CS) has become a staple of our internal network assessment methodology. In fact, I can’t recall an internal I’ve done in the past two or more...
Safe{Wallet} has revealed that the cybersecurity incident that led to the Bybit $1.5 billion crypto heist is a "highly sophisticated, state-sponsored attack," stating the North Korean threat...
We identified multiple vulnerabilities in ICONICS Suite, SCADA software used in numerous OT applications. This article offers a technical analysis of our findings. The post Multiple...
2025-02-27 • SC Media • SC Staff Open article on Malpedia
2025-02-28 • Palo Alto Networks Unit 42 • Margaret Kelley Open article on Malpedia
The administrators of the Russian Garantex crypto-exchange have been charged in the United States with facilitating money laundering for criminal organizations and violating sanctions. [...]
2025-02-27 • AhnLab • ASEC Open article on Malpedia
The FBI is warning that scammers are impersonating the BianLian ransomware gang using fake ransom notes sent to U.S. corporate executives. The fake ransom notes, first reported by U.S....
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. "The attacker has exploited the vulnerability...
The Federal Bureau of Investigation (FBI) has alerted businesses about a disturbing new data extortion scam targeting corporate executives. The scheme, which is being orchestrated by criminals...
Symantec found that Medusa has listed almost 400 victims on its data leaks site since early 2023, demanding ransom payments as high as $15m
Check out best practices for shoring up data security and reducing cyber risk. Plus, get tips on how to improve job satisfaction among tech staff. Meanwhile, find out why Congress wants federal...
Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident. [...]
The U.S. National Institute of Standards and Technology (NIST) released an initial public draft of a Cybersecurity White... The post NIST releases draft cybersecurity white paper on crypto...
Recent findings from Symantec indicate a significant rise in Medusa ransomware activity, which is reportedly being operated as... The post Symantec reports Medusa ransomware surges 42%, as...
The U.S. House Committee on Homeland Security held a full committee hearing on Wednesday to examine threats posed... The post US House Committee warns of homeland security threats from CCP...
Elastic has released a critical security update to address a vulnerability in Kibana, a widely used data visualization and analysis tool for Elasticsearch. This Kibana vulnerability, identified as...