Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies.

Cybercrime 201

Cybercrime Ransomware Cryptocurrency Government 201

Security Affairs

DECEMBER 4, 2024

BT Group (formerly British Telecom)’s Conferencing division shut down some of its servers following a Black Basta ransomware attack. British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack. “We identified an attempt to compromise our BT Conferencing platform.

Ransomware 132

Ransomware Telecommunications Healthcare Insurance 132

Tech Republic Security

DECEMBER 4, 2024

Datadog's report highlights long-lived credentials as a cloud security Achilles' heel. Discover risks and ways to secure your environment.

Risk 163

Risk Cyber Attacks 163

The Last Watchdog

DECEMBER 4, 2024

Cheltenham, England, Dec. 4, 2024 –A majority of senior cybersecurity professionals at the UK’s largest organisations struggle with feelings of helplessness and professional despair, new research by Green Raven Limited indicates. These negative emotions result from practitioners’ anticipation of eventual, inevitable failure to protect their organisation.

Cybersecurity 130

Cybersecurity Cyber threats Risk CISO 130

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Tech Republic Security

DECEMBER 4, 2024

The caution comes after Chinese-state-affiliated breaches of American telecommunication networks. Organizations with Cisco infrastructure should take particular note.

Telecommunications 149

Telecommunications CISO Mobile 149

WIRED Threat Level

DECEMBER 4, 2024

The mobile device security firm iVerify has been offering a tool since May that makes spyware scanning accessible to anyone—and it's already turning up victims.

Spyware 145

Spyware Mobile Hacking 145

Security Affairs

DECEMBER 4, 2024

Veeam addressed a critical vulnerability in Service Provider Console (VSPC) that could allow remote attackers to execute arbitrary code. Veeam released security updates for a critical vulnerability, tracked as CVE-2024-42448 (CVSS score of 9.9) impacting Service Provider Console. Successful exploitation of the flaw can potentially lead to remote code execution on vulnerable installs.

Backups 120

Backups Ransomware Accountability Hacking 120

The Hacker News

DECEMBER 4, 2024

Europol on Tuesday announced the takedown of an invite-only encrypted messaging service called MATRIX that's created by criminals for criminal purposes.

Encryption 137

Encryption 137

Trend Micro

DECEMBER 4, 2024

Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.

Surveillance 134

Surveillance Cyber threats 134

Security Boulevard

DECEMBER 4, 2024

National Public Data, the data broker whose systems were breached and 2.9 billion files holding sensitive data from 170 million this year, has shut down following the attack and after a judge dismissed parent company Jerico Pictures' bankruptcy filing. The post National Public Data Shuts Down Months After Massive Breach appeared first on Security Boulevard.

Data privacy 124

Data privacy Data breaches Mobile Cybersecurity 124

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Malwarebytes

DECEMBER 4, 2024

With the value of cryptocurrencies going to the roof, you can expect several attempts to get defrauded if you even show the slightest interest in the topic or not. Since most cybercriminals lack creativity and are notoriously lazy, we expect to see only slight variations of old tricks. So, we figured if we showed you some old examples, you would know what to expect and hopefully that will assist you in avoiding them.

Scams 132

Scams Cryptocurrency Accountability Password Management 132

The Hacker News

DECEMBER 4, 2024

The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022.

Hacking 132

Hacking 132

Security Affairs

DECEMBER 4, 2024

Germany’s largest crime marketplace, Crimenetwork, has been shut down, and an administrator has been arrested. German authorities announced the takedown of Crimenetwork, the largest German-speaking underground marketplace. Since 2012, Crimenetwork facilitated the sale of illegal goods and services, including drugs, forged documents, hacking tools, and stolen data.

Cybercrime 121

Cybercrime Cryptocurrency Hacking Internet 121

The Hacker News

DECEMBER 4, 2024

The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024. The aim of the campaign is to deliver backdoors known as NOOPDOOR (aka HiddenFace) and ANEL (aka UPPERCUT), Trend Micro said in a technical analysis.

Phishing 128

Phishing 128

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

WIRED Threat Level

DECEMBER 4, 2024

Western authorities say they’ve identified a network that found a new way to clean drug gangs’ dirty cash. WIRED gained exclusive access to the investigation.

128

128

The Hacker News

DECEMBER 4, 2024

Many organizations struggle with password policies that look strong on paper but fail in practice because they're too rigid to follow, too vague to enforce, or disconnected from real security needs. Some are so tedious and complex that employees post passwords on sticky notes under keyboards, monitors, or desk drawers. Others set rules so loose they may as well not exist.

Passwords 127

Passwords 127

Security Boulevard

DECEMBER 4, 2024

Hell froze over: FBI and NSA recommend you use strong encryption. The post China is Still Inside US Networks — It’s Been SIX Months appeared first on Security Boulevard.

Encryption 129

Encryption Cyber Attacks Data privacy IoT 129

The Hacker News

DECEMBER 4, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-51378 (CVSS score: 10.

Cybersecurity 125

Cybersecurity 125

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Zero Day

DECEMBER 4, 2024

There are several ways to improve your Android's battery life, and I've sifted through them all to spotlight the most effective options - plus an obvious bonus.

119

119

The Hacker News

DECEMBER 4, 2024

The U.K. National Crime Agency (NCA) on Wednesday announced that it led an international investigation to disrupt Russian money laundering networks that were found to facilitate serious and organized crime across the U.K., the Middle East, Russia, and South America.

124

124

SecureWorld News

DECEMBER 4, 2024

Darktrace today revealed a surge in retail cyberattacks at the opening of the 2024 holiday shopping season. Analysis from Darktrace's threat intelligence team using data from across the Darktrace customer fleet shows that during Black Friday week (November 25-29), attempted Christmas-themed phishing attacks leapt 327% [1] around the world, while Black Friday themed phishing attacks jumped 692% compared to the beginning of November (4-9) [2] , as bad actors seek to take advantage of consumers and

Retail 97

Retail Scams Phishing Cyber threats 97

The Hacker News

DECEMBER 4, 2024

Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud's flexibility, scalability, and efficiency come with significant risk — an expanded attack surface.

Risk 119

Risk 119

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Zero Day

DECEMBER 4, 2024

The company continues to push the limits of the smart glasses form factor, and its latest innovations are available now in the Xreal One Series.

117

117

WIRED Threat Level

DECEMBER 4, 2024

In a letter to the Department of Defense, senators Ron Wyden and Eric Schmitt are calling for an investigation into fallout from the Salt Typhoon espionage campaign.

Hacking 114

Hacking 114

Zero Day

DECEMBER 4, 2024

Amazon's new Kindle Scribe lets you mark up and jot down notes on all your favorite e-books, while offering AI to a host of note-taking features.

116

116

Cisco Security

DECEMBER 4, 2024

The Cisco and AWS integration is a radically new approach to ensuring the availability of modern apps today's multicloud, hybrid environments.

114

114

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Penetration Testing

DECEMBER 4, 2024

Veeam Software, a prominent provider of backup, recovery, and data management solutions, has released a security update to address multiple vulnerabilities in its Veeam Backup & Replication software. These vulnerabilities... The post Veeam Backup & Replication Vulnerabilities Exposed: High-Severity Flaws Put Data at Risk appeared first on Cybersecurity News.

Backups 113

Backups Risk Software Cybersecurity 113

Security Boulevard

DECEMBER 4, 2024

With IoT connectivity expanding, organizations across the industry must grapple with the complexities of securing this vast network of internet-connected “things.” The post Why Technology Interoperability is the Key to a Safer Internet of Things (IoT) appeared first on Security Boulevard.

IoT 119

IoT Internet Internet Technology 119

Zero Day

DECEMBER 4, 2024

From glued-in batteries to software lockouts, you're paying more than ever for gadgets that won't last. Here's why and what can do done about it.

Software 111

Software 111

Security Boulevard

DECEMBER 4, 2024

China's growing presence in the global market for LiDAR, a remote sensing technology widely used in defense and commercial system, presents a national security risk for the United States, which already is dealing with intrusions into critical infrastructure networks by China-backed threat groups, according to a reporte. The post Chinese-Made LiDAR Systems a National Security Risk, Think Tank Says appeared first on Security Boulevard.

Risk 113

Risk Marketing Technology Malware 113

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity