Microsoft has revealed that it's pursuing legal action against a "foreign-based threat–actor group" for operating a hacking-as-a-service infrastructure to intentionally get around the safety...
The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman...
The IRS relaunched its Identity Protection Personal Identification Number (IP PIN) program this week and all US taxpayers are encouraged to enroll for added security against identity theft and...
Infoblox cybersecurity researchers investigating the mysterious activities of 'Muddling Meerkat' unexpectedly uncovered widespread use of domain spoofing in malicious spam campaigns.
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. [...]
The vulnerability CVE-2024-50603 was disclosed on 2025-01-07, with a detailed blog and proof-of-concept exploit released by researchers soon after. Evidence of exploitation in cloud environments...
Microsoft has taken legal action against a group the company claims intentionally developed and used tools to bypass the safety guardrails of its cloud AI products. According to a complaint filed...
The DOJ said the men behind Blender.io and Sinbad.io “made it easier for state-sponsored hacking groups” to profit off their crimes. The post Russian nationals charged with operating crypto mixers...
The cyber agency said that surge has fueled “a moderate impact” in CI sectors meeting its cybersecurity performance goals. The post CISA report touts cyber hygiene enrollment surge for critical...
A data breach in November exposed the IDs and passports of people who bought products from STIIIZY, a large marijuana dispensary in California.
Ivanti has issued a critical security advisory addressing two vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateway products.
On January 15, 2025, there will be a highly informative webinar where you’ll gain an in-depth understanding of the risks posed by today’s advanced ransomware. Learn more about other topics that...
The funds are linked to a widespread scheme in which fraudsters promised to pay victims if they opened a cryptocurrency account, deposited funds and reviewed products on fictitious websites...
U.S. intelligence say the Volt, Flax, Salt and Silk Typhoon are among the groups laying the groundwork for future conflict with the United States. © 2024 TechCrunch. All rights reserved. For...
The U.S. announced indictments of three Russian nationals who allegedly ran the cryptocurrency mixers Blender.io and Sinbad.io in support of cybercriminal operations. Two have reportedly been arrested.
Cybersecurity reporting is a critical yet often overlooked opportunity for service providers managing cybersecurity for their clients, and specifically for virtual Chief Information Security...
Cybersecurity researchers have shed light on a nascent artificial intelligence (AI) assisted ransomware family called FunkSec that sprang forth in late 2024, and has claimed more than 85 victims...
Slovakia's agriculture minister said there were “strong indications” the cyberattack originated from Ukraine — adding fuel to a dispute over Kyiv’s suspension of Russian gas transit through...
Three Russian citizens were charged with money laundering for their role in operating Blender.io and Sinbad.io crypto mixing services. © 2024 TechCrunch. All rights reserved. For personal use only.
IT hiring intentions remain strong, though competition for jobs could be fierce.
Network segmentation remains a critical security requirement, yet organizations struggle with traditional approaches that demand extensive hardware investments, complex policy management, and...
Comparitech reported that in 2024, ransomware groups claimed responsibility for 5,461 successful ransomware attacks on organizations worldwide. 1,204... The post Comparitech reveals drop in...
CrowdStrike warned it had observed a phishing campaign impersonating the firm’s recruitment process to lure victims into downloading cryptominer
Data WIRED collected during the 2024 Democratic National Convention strongly suggests the use of a cell-site simulator, a controversial spy device that intercepts sensitive data from every phone...
Despite claims to have attacked dozens of victims in the last month, the group likely consists of inexperienced hackers seeking recognition, researchers said.
Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey's Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity...
Want to bypass geo-restrictions and secure your entire network? Pair the WireGuard protocol with your favorite VPN. I use privacy-oriented Proton to show you how.
Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December...
This article, published as part of the Bellingcat Technical Writing Fellowship, is adapted from a more technically-detailed guide on Agnes Cameron’s blog. Satellite imagery has been used...
The hackers targeting the Treasury are dubbed Silk Typhoon, and previously mass-hacked thousands of corporate email servers. © 2024 TechCrunch. All rights reserved. For personal use only.