As cyber adversaries grow more sophisticated in targeting critical industrial infrastructure, the need for robust cybersecurity measures has never been... The post Top 5 Cybersecurity Threats to...
SUMMARY A recent report from the German news outlet Spiegel has revealed a significant security breach impacting hundreds…
Vulnerability CVE-2024-12993 allowing revealing the user’s location has been found in Infinix Mobile com.rlk.weathers application.
From Elon Musk and Donald Trump to state-sponsored hackers and crypto scammers, this was the year the online agents of chaos gained ground.
U.S. telecom giant Verizon says it has secured its network after being targeted by the China-linked Salt Typhoon cyberespionage group. In a statement given to TechCrunch on Sunday, Verizon...
Microsoft is forcing .NET developers to quickly update their apps and developer pipelines so they do not use 'azureedge.net' domains to install .NET components, as the domain will soon be...
For the latest discoveries in cyber research for the week of 30th December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Clop ransomware gang exploited a zero-day...
Insurance firm Markel Direct found that 69% of UK SMEs lack a cybersecurity policy, with a significant lack of basic cybersecurity measures in place across these firms
In December 2023, as cyberattacks surged, the U.S. Securities and Exchange Commission (SEC)began enforcing new cybersecurity disclosure rules. This pushed C-level executives and boards to adopt...
This is a weekly threat intelligence report review from RST Cloud. This week, we analyzed 32 threat intelligence reports and compiled a concise summary of each, along with pertinent metadata that...
SUMMARY: VulnCheck has discovered a critical new vulnerability (CVE-2024-12856) affecting Four-Faith industrial routers (F3x24 and F3x36), with evidence…
AT&T and Verizon confirmed they were breached in a massive Chinese espionage campaign targeting telecom carriers worldwide but said the hackers have now been evicted from their networks. [...]
Researchers found a data exposure issue within Volkswagen’s environment by leveraging tools such as Subfinder, GoBuster, and Spring. Using these tools, they found a Java Spring application...
The "EC2 Grouper" threat actor is a prolific group frequently detected in cloud environments. They are known for using consistent user agents and a specific security group naming convention (e.g.,...
KrebsOnSecurity.com turns 15 years old today! Maybe it's indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024's most engrossing...
A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft. The...
IN THIS ARTICLE, YOU WILL LEARN: NFT-focused news website NFTEvening and the NFT market’s data and analytics-based platform…
Patterns, Tools, and Techniques
Two botnets tracked as 'Ficora' and 'Capsaicin' have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions. [...]
Secure Gaming during holidays is essential as cyberattacks rise by 50%. Protect accounts with 2FA, avoid fake promotions,…
Mirai and Keksec botnet variants are exploiting critical vulnerabilities in D-Link routers. Learn about the impact, affected devices, and how to protect yourself from these attacks.
Before you sell or trash your old Android phone, you should properly delete all sensitive information. Here's the best (and simplest) way to do it.
ZAGG Inc. is informing customers that their credit card data has been exposed to unauthorized individuals after hackers compromised a third-party application provided by the company's e-commerce...
A high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE-2024-12856...
Volkswagen's automotive software company, Cariad, exposed data collected from around 800,000 electric cars. The info could be linked to drivers' names and reveal precise vehicle locations. [...]
Seth Larson is a security report triager for CPython, pip and many other open source projects mainly in the Python ecosystem. Recently, they got a large uptick in the amount of bad reports. These...
On 2024-12-28, an incident was reported, involving an unknown actor, gaining initial access via Unknown, to achieve Data exfiltration.
North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview (aka DeceptiveDevelopment)...
The data-loss startup says it was targeted as part of a "wider campaign to target Chrome extension developers." © 2024 TechCrunch. All rights reserved. For personal use only.
In an update Friday, the White House says nine telecom companies were impacted by the Chinese espionage effort. The post White House: Salt Typhoon hacks possible because telecoms lacked basic...