Treasury officials attributed the December cyberattack to China. © 2024 TechCrunch. All rights reserved. For personal use only.

The data was found exposed on an Amazon cloud server, and contained precise location data on thousands of vehicles. © 2024 TechCrunch. All rights reserved. For personal use only.

The vulnerability, found in versions of Four-Faith routers, appears to have been exploited in the wild and has been connected to attempted infections of Mirai. The post Thousands of industrial...

Immunefi has contests, similar to C4 and Sherlock. Uniquely, they publish all of their findings for people to see. I just found this and wanted to have a public record of it for my own sanity later.

Microsoft advises users not to install recent security updates using physical media. The company is working on a fix.

Installing the Windows 11 2024 version via a CD or flash drive may cause it to reject any future updates. Microsoft is working on a fix

The United States Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard...

Every week, the digital world faces new challenges and changes. Hackers are always finding new ways to breach systems, while defenders work hard to keep our data safe. Whether it's a hidden flaw...

Chinese state-sponsored threat actors hacked the U.S. Treasury Department after breaching a remote support platform used by the federal agency. [...]

News has been making headlines over the weekend of the extensive attack campaign targeting browser extensions and injecting them with malicious code to steal user credentials. Currently, over 25...

Palo Alto, Calif., USA, 30th December 2024, CyberNewsWire

A rewind of the year across the threat landscape and at Pulsedive.

Threat actors are exploiting a post-authentication remote command injection vulnerability in Four-Faith routers tracked as CVE-2024-12856 to open reverse shells back to the attackers. [...]

VyprVPN is an affordable VPN provider, but is it trustworthy enough to keep your data secure? Read our VyprVPN review to find out.

As cyber adversaries grow more sophisticated in targeting critical industrial infrastructure, the need for robust cybersecurity measures has never been... The post Top 5 Cybersecurity Threats to...

SUMMARY A recent report from the German news outlet Spiegel has revealed a significant security breach impacting hundreds…

Vulnerability CVE-2024-12993 allowing revealing the user’s location has been found in Infinix Mobile com.rlk.weathers application.

From Elon Musk and Donald Trump to state-sponsored hackers and crypto scammers, this was the year the online agents of chaos gained ground.

U.S. telecom giant Verizon says it has secured its network after being targeted by the China-linked Salt Typhoon cyberespionage group. In a statement given to TechCrunch on Sunday, Verizon...

Microsoft is forcing .NET developers to quickly update their apps and developer pipelines so they do not use 'azureedge.net' domains to install .NET components, as the domain will soon be...

For the latest discoveries in cyber research for the week of 30th December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Clop ransomware gang exploited a zero-day...

Insurance firm Markel Direct found that 69% of UK SMEs lack a cybersecurity policy, with a significant lack of basic cybersecurity measures in place across these firms

In December 2023, as cyberattacks surged, the U.S. Securities and Exchange Commission (SEC)began enforcing new cybersecurity disclosure rules. This pushed C-level executives and boards to adopt...

This is a weekly threat intelligence report review from RST Cloud. This week, we analyzed 32 threat intelligence reports and compiled a concise summary of each, along with pertinent metadata that...

SUMMARY: VulnCheck has discovered a critical new vulnerability (CVE-2024-12856) affecting Four-Faith industrial routers (F3x24 and F3x36), with evidence…

AT&T and Verizon confirmed they were breached in a massive Chinese espionage campaign targeting telecom carriers worldwide but said the hackers have now been evicted from their networks. [...]

Researchers found a data exposure issue within Volkswagen’s environment by leveraging tools such as Subfinder, GoBuster, and Spring. Using these tools, they found a Java Spring application...

The "EC2 Grouper" threat actor is a prolific group frequently detected in cloud environments. They are known for using consistent user agents and a specific security group naming convention (e.g.,...

KrebsOnSecurity.com turns 15 years old today! Maybe it's indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024's most engrossing...

A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft. The...