Krebs on Security

DECEMBER 3, 2024

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as.shop ,top ,xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds.

Cybercrime 292

Cybercrime Phishing Accountability Internet 292

Krebs on Security

FEBRUARY 14, 2024

The Minnesota-based Internet provider U.S. Internet Corp. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of Securence clients — in plain text out on the Internet and just a click away for anyone with a Web browser. Internet with their email.

Internet 363

Internet Internet Wireless Government 363

Krebs on Security

JULY 9, 2024

The first Microsoft zero-day this month is CVE-2024-38080 , a bug in the Windows Hyper-V component that affects Windows 11 and Windows Server 2022 systems. CVE-2024-38080 allows an attacker to increase their account privileges on a Windows machine. “This requires close access to a target,” Kikta said.

Internet 296

Internet Internet Engineering Software 296

Krebs on Security

AUGUST 13, 2024

CVE-2024-38106 , CVE-2024-38107 and CVE-2024-38193 all allow an attacker to gain SYSTEM level privileges on a vulnerable machine, although the vulnerabilities reside in different parts of the Windows operating system. The final zero-day this month is CVE-2024-38189 , a remote code execution flaw in Microsoft Project.

Internet 314

Internet Internet Malware Software 314

Security Affairs

NOVEMBER 14, 2024

The exploitation of the recently disclosed ‘won’t fix’ issue CVE-2024-10914 in legacy D-Link NAS devices began days after its disclosure. Days after D-Link announced it wouldn’t patch a critical vulnerability, tracked as CVE-2024-10914 (CVSS score of 9.8), in legacy D-Link NAS devices, that threat actors started attempting to exploit.

DNS 115

DNS Internet Internet Hacking 115

Krebs on Security

OCTOBER 8, 2024

One of the zero-day flaws — CVE-2024-43573 — stems from a security weakness in MSHTML , the proprietary engine of Microsoft’s Internet Explorer web browser. If that sounds familiar it’s because this is the fourth MSHTML vulnerability found to be exploited in the wild so far in 2024.

Engineering 266

Engineering Internet Internet System Administration 266

Krebs on Security

MAY 14, 2024

CVE-2024-30051 is an “elevation of privilege” bug in a core Windows library. ” CVE-2024-30040 is a security feature bypass in MSHTML , a component that is deeply tied to the default Web browser on Windows systems. . First, the zero-days.

Social Engineering 284

Social Engineering Backups Malware Software 284

Security Affairs

MARCH 10, 2025

Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. GreyNoise researchers warn of a large-scale exploitation of a critical vulnerability, tracked as CVE-2024-4577 (CVSS 9.8), in PHP. The flaw CVE-2024-4577 (CVSS score: 9.8) Over 1,000 attacks detected globally. is a PHP-CGI OS Command Injection Vulnerability.

DDOS 104

DDOS Security Intelligence Malware Hacking 104

Krebs on Security

JUNE 11, 2024

CVE-2024-30080 is a flaw in the Microsoft Message Queuing (MSMQ) service that can allow attackers to execute code of their choosing. CVE-2024-30080 has been assigned a CVSS vulnerability score of 9.8 (10 CVE-2024-30078 is a remote code execution weakness in the Windows WiFi Driver , which also has a CVSS score of 9.8.

Internet 283

Internet Internet Software Malware 283

Schneier on Security

JULY 17, 2024

In the first quarter of 2024 alone, Cloudflare blocked 4.5 From ZDNet : However, Distributed Denial of Service (DDoS) attacks continue to be cybercriminals’ weapon of choice, making up over 37% of all mitigated traffic. The scale of these attacks is staggering. million unique DDoS attacks.

Internet 334

Internet Internet DDOS Cybercrime 334

Krebs on Security

FEBRUARY 13, 2024

Top of the heap on this Fat Patch Tuesday is CVE-2024-21412 , a “security feature bypass” in the way Windows handles Internet Shortcut Files that Microsoft says is being targeted in active exploits. Microsoft Corp. msi) that in turn unloads a remote access trojan (RAT) onto infected Windows systems.

Engineering 293

Engineering Internet Internet Software 293

SecureList

NOVEMBER 29, 2024

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Quarterly figures In Q3 2024: Kaspersky solutions successfully blocked more than 652 million cyberattacks originating from various online resources. 2 China 0.95 3 Libya 0.68 4 South Korea 0.66

Mobile 106

Mobile Adware Ransomware Malware 106

Krebs on Security

FEBRUARY 28, 2025

BEARHOST prides itself on the ability to evade blocking by Spamhaus , an organization that many Internet service providers around the world rely on to help identify and block sources of malware and spam. effective July 20, 2024. Kaspersky did not respond to repeated requests for comment. Last year, the U.S. Image: cidr-report.org.

Malware 250

Malware Antivirus Software DDOS 250

Krebs on Security

FEBRUARY 11, 2025

Tenable senior staff research engineer Satnam Narang noted that since 2022, there have been nine elevation of privilege vulnerabilities in this same Windows component — three each year — including one in 2024 that was exploited in the wild as a zero day (CVE-2024-38193).

Artificial Intelligence 203

Artificial Intelligence Engineering Software Internet 203

SecureList

NOVEMBER 28, 2024

This is our latest roundup, covering activity we observed during Q3 2024. Earlier in 2024, a secure USB drive was found to be compromised and malicious code was injected into the access management software installed on the USB drive. After that, we did not observe any new activity related to this actor until mid-July 2024.

Malware 118

Malware Government Software Spyware 118

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services. ” reads the update published by the City.

Ransomware 114

Ransomware Identity Theft Data breaches Cyber threats 114

Krebs on Security

AUGUST 27, 2024

Malicious hackers are exploiting a zero-day vulnerability in Versa Director , a software product used by many Internet and IT service providers. 26, Versa urged customers to deploy a patch for the vulnerability ( CVE-2024-39717 ), which the company said is fixed in Versa Director 22.1.4 ISP on June 12, 2024.

Internet 340

Internet Internet Technology Engineering 340

SecureList

MARCH 25, 2025

Key findings Phishing Banks were the most popular lure in 2024, accounting for 42.58% of financial phishing attempts. Amazon Online Shopping was mimicked by 33.19% of all phishing and scam pages targeting online store users in 2024. Cryptocurrency phishing saw an 83.37% year-over-year increase in 2024, with 10.7

Phishing 74

Phishing Banking Scams Mobile 74

Penetration Testing

DECEMBER 1, 2024

North Korean-linked hacking group TA-RedAnt has been implicated in a sophisticated large-scale cyber attack dubbed “Operation Code on Toast,” targeting unsuspecting users through a novel Internet Explorer (IE) vulnerability.

Cyber Attacks 80

Cyber Attacks Internet Internet Hacking 80

Security Affairs

MARCH 9, 2024

Researchers warn that the critical vulnerability CVE-2024-21762 in Fortinet FortiOS could potentially impact 150,000 exposed devices. In February, Fortinet warned that the critical remote code execution vulnerability CVE-2024-21762 (CVSS score 9.6) in FortiOS SSL VPN was actively exploited in attacks in the wild.

Internet 145

Internet Internet VPN Engineering 145

Malwarebytes

DECEMBER 31, 2024

It may sound weird when I say that I would like to remember 2024 as the year of the biggest breaches. Huge increase in numbers As we reported in July , the number of data breach victims went up 1,170% in Q2 2024, compared to Q2 2023 (from 81,958,874 victims to 1,041,312,601). Remember these headlines?

Data breaches 106

Data breaches Healthcare Passwords Banking 106

Lohrman on Security

JUNE 9, 2024

Over the past month, the Verizon Data Breach Investigation Report and the Watchguard Technologies Internet Security Report were released. Here are some highlights.

Data breaches 270

Data breaches Internet Internet Technology 270

Security Affairs

AUGUST 1, 2024

Shadowserver researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited flaw CVE-2024-37085. Researchers at the Shadowserver Foundation reported that approximately 20,000 VMware ESXi servers exposed online appear impacted by the exploited vulnerability CVE-2024-37085.

Internet 141

Internet Internet Ransomware Authentication 141

Trend Micro

JULY 14, 2024

Our threat hunters discovered CVE-2024-38112, which was used as a zero-day by APT group Void Banshee, to access and execute files through the disabled Internet Explorer using MSHTML. We promptly identified and reported this zero-day vulnerability to Microsoft, and it has been patched.

Internet 144

Internet Internet 144

SecureList

DECEMBER 4, 2024

The statistics in this report cover the period from November 2023 through October 2024. Fill the form below to download the “Kaspersky Security Bulletin 2024. Millions of Kaspersky users around the globe assist us in collecting information about malicious activity. Stopped miners from infecting 999,794 unique users.

Mobile 89

Mobile Malware Banking Ransomware 89

Tech Republic Security

AUGUST 15, 2024

ExpressVPN’s overall polish, fast performance and wider server network give it a slight edge over PIA VPN’s feature-rich and affordable package.

VPN 186

VPN Internet Internet 186

Krebs on Security

MARCH 27, 2025

In August 2024, security researcher Artem Tamoian posted on Twitter/X about how he received startlingly different results when he searched for “Freedom of Russia legion” in Russia’s largest domestic search engine Yandex versus Google.com.

Phishing 205

Phishing Government Engineering Internet 205

The Last Watchdog

AUGUST 12, 2024

LAS VEGAS – Here’s what I discovered last week here at Black Hat USA 2024 : GenAI is very much in the mix as a potent X-factor in cybersecurity. After strolling the exhibits floor at Black Hat USA 2024 and speaking with the solution providers, I jotted down two categories of cybersecurity advancements: ‘coding level’ and ‘operational level.’

Software 290

Software Technology Mobile Cybersecurity 290

Security Affairs

MARCH 31, 2025

Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Smart Licensing Utility vulnerability, tracked as CVE-2024-20439 , to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2024-20440 (CVSS score: 9.8) The vulnerability is due to excessive verbosity in a debug log file. reads the advisory.

Software 110

Software Passwords Internet Internet 110

Krebs on Security

NOVEMBER 14, 2024

Nor did he respond to reporting here in January 2024 that he ran an IT company with a 34-year-old Russian man named Aleksandr Ermakov , who was sanctioned by authorities in Australia, the U.K. Mr. Shefel did not respond to requests for comment in advance of that December 2023 profile.

Retail 264

Retail Advertising Cryptocurrency Marketing 264

The Last Watchdog

DECEMBER 13, 2023

We drilled down on a few significant developments expected to play out in 2024 and beyond. DigiCert recently released the DigiCert PQC Playground —a part of DigiCert Labs designed to let security code writers and tech enthusiasts experiment with the NIST-endorsed PQC algorithms which are slated to go into effect in 2024.

Encryption 311

Encryption Technology CISO IoT 311

Krebs on Security

NOVEMBER 5, 2024

On May 2, 2024, Judische claimed on the fraud-focused Telegram channel Star Chat that they had hacked Santander Bank , one of the first known Snowflake victims. In a statement on Moucka’s arrest, Mandiant said UNC5537 aka Alexander ‘Connor’ Moucka has proven to be one of the most consequential threat actors of 2024.

Cybercrime 282

Cybercrime Mobile Media Hacking 282

Security Affairs

DECEMBER 2, 2024

“We are calling on the Tor community and the Internet freedom community to help us scale up WebTunnel bridges. Our goal is to deploy 200 new WebTunnel bridges by the end of this December (2024) to open secure access for users in Russia.” Tunnel bridges have grown from 60 to 143 since early 2024, but they are not enough.

Government 128

Government Internet Internet Hacking 128

Penetration Testing

MAY 23, 2024

Researchers from Tsinghua University have unveiled a potent new method for launching distributed denial-of-service (DDoS) attacks, dubbed DNSBomb (CVE-2024-33655).

DNS 145

DNS DDOS Internet Internet 145

Krebs on Security

APRIL 8, 2025

The last CLFS zero-day was patched in December 2024. For more granular details on today’s Patch Tuesday, check out the SANS Internet Storm Center’s roundup. As ever, please consider backing up your data and or devices prior to updating, which makes it far less complicated to undo a software update gone awry.

Software 169

Software Media Internet Internet 169

Security Affairs

SEPTEMBER 16, 2024

Microsoft warns that a recently patched Windows flaw, tracked as CVE-2024-43461, was actively exploited as a zero-day before July 2024. Microsoft warns that attackers actively exploited the Windows vulnerability CVE-2024-43461 as a zero-day before July 2024. MSHTML is a platform used by Internet Explorer.

Internet 137

Internet Internet Malware Passwords 137

The Last Watchdog

DECEMBER 12, 2023

What should I be most concerned about – and focus on – in 2024? In 2024, we will see more targeted, sophisticated business email compromise (BEC) attacks, including VIP impersonation, vendor email compromise (VEC), and autonomous agents used for malicious purposes. For 2024, it will take a village!

Cybersecurity 258

Cybersecurity Social Engineering Cyber threats Software 258