The "EC2 Grouper" threat actor is a prolific group frequently detected in cloud environments. They are known for using consistent user agents and a specific security group naming convention (e.g.,...

KrebsOnSecurity.com turns 15 years old today! Maybe it's indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024's most engrossing...

A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft. The...

IN THIS ARTICLE, YOU WILL LEARN: NFT-focused news website NFTEvening and the NFT market’s data and analytics-based platform…

Patterns, Tools, and Techniques

Two botnets tracked as 'Ficora' and 'Capsaicin' have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions. [...]

Secure Gaming during holidays is essential as cyberattacks rise by 50%. Protect accounts with 2FA, avoid fake promotions,…

Mirai and Keksec botnet variants are exploiting critical vulnerabilities in D-Link routers. Learn about the impact, affected devices, and how to protect yourself from these attacks.

Before you sell or trash your old Android phone, you should properly delete all sensitive information. Here's the best (and simplest) way to do it.

ZAGG Inc. is informing customers that their credit card data has been exposed to unauthorized individuals after hackers compromised a third-party application provided by the company's e-commerce...

A high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE-2024-12856...

Volkswagen's automotive software company, Cariad, exposed data collected from around 800,000 electric cars. The info could be linked to drivers' names and reveal precise vehicle locations. [...]

Seth Larson is a security report triager for CPython, pip and many other open source projects mainly in the Python ecosystem. Recently, they got a large uptick in the amount of bad reports. These...

On 2024-12-28, an incident was reported, involving an unknown actor, gaining initial access via Unknown, to achieve Data exfiltration.

North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview (aka DeceptiveDevelopment)...

The data-loss startup says it was targeted as part of a "wider campaign to target Chrome extension developers." © 2024 TechCrunch. All rights reserved. For personal use only.

In an update Friday, the White House says nine telecom companies were impacted by the Chinese espionage effort. The post White House: Salt Typhoon hacks possible because telecoms lacked basic...

The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024....

A White House official has added a ninth U.S. telecommunications company to the list of telecoms breached in a Chinese hacking campaign that impacted dozens of countries. [...]

From LoanDepot to Evolve Bank and Blue Yonder, these ransomware attacks affect tens of millions of people. © 2024 TechCrunch. All rights reserved. For personal use only.

The Panasonic-owned company said it has no reason to believe recent claims from a cybercrime gang are connected to last month’s ransomware attack, which caused disruptions at Starbucks, BIC and...

Palo Alto Networks has disclosed a high-severity vulnerability impacting PAN-OS software that could cause a denial-of-service (DoS) condition on susceptible devices. The flaw, tracked as...

Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten (aka...

The US Cybersecurity and Infrastructure Security Agency’s 2024 Year in Review marks Jen Easterly’s final report before resignation

The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution...

Palo Alto Networks is warning that hackers are exploiting the CVE-2024-3393 denial of service vulnerability to disable firewall protections by forcing it to reboot. [...]

Smartphones and face recognition are being combined to create new digital travel documents. The paper passport’s days are numbered—despite new privacy risks.

At least five Chrome extensions were compromised in a coordinated attack where a threat actor injected code that steals sensitive information from users. [...]

At least five Chrome extensions were compromised in a coordinated attack where a threat actor injected code that steals sensitive information from users. [...]

The ICS CERT quarterly report covers threat landscape for industrial automation systems in Q3 2024.