Krebs on Security

APRIL 11, 2023

On April 7, Apple issued emergency security updates to fix two weaknesses that are being actively exploited, including CVE-2023-28206 , which can be exploited by apps to seize control over a device. CVE-2023-28205 can be used by a malicious or hacked website to install code. Both vulnerabilities are addressed in iOS/iPadOS 16.4.1,

Social Engineering 306

Social Engineering Ransomware Internet Internet 306

Krebs on Security

DECEMBER 3, 2024

A study on phishing data released by Interisle Consulting finds that new gTLDs introduced in the last few years command just 11 percent of the market for new domains, but accounted for roughly 37 percent of cybercrime domains reported between September 2023 and August 2024. The top 5 new gTLDs, ranked by cybercrime domains reported.

Cybercrime 302

Cybercrime Phishing Accountability Internet 302

Krebs on Security

OCTOBER 10, 2023

The patch fixes CVE-2023-42724 , which attackers have been using in targeted attacks to elevate their access on a local device. Apple said it also patched CVE-2023-5217 , which is not listed as a zero-day bug. ” Microsoft also patched zero-day bugs in Skype for Business ( CVE-2023-41763 ) and Wordpad ( CVE-2023-36563 ).

Engineering 302

Engineering DDOS Software Authentication 302

Krebs on Security

MAY 9, 2023

First up in May’s zero-day flaws is CVE-2023-29336 , which is an “elevation of privilege” weakness in Windows which has a low attack complexity, requires low privileges, and no user interaction. However, as the SANS Internet Storm Center points out , the attack vector for this bug is local.

Malware 298

Malware Software Internet Internet 298

Krebs on Security

JANUARY 10, 2023

Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. Of particular concern for organizations running Microsoft SharePoint Server is CVE-2023-21743. Microsoft says this flaw is “more likely to be exploited” at some point.

Software 314

Software Encryption Engineering Internet 314

SecureList

NOVEMBER 13, 2024

Internet-exposed GNSS receivers and attacks on them In 2023, at least two black hat groups conducted multiple attacks against GNSS receivers. In mid-2023, the group targeted devices belonging to multiple entities in the U.S. , Another group attacking satellite receivers in 2023 was GhostSec.

Internet 115

Internet Internet Mobile Telecommunications 115

Krebs on Security

JUNE 13, 2023

” Top of the list on that front is CVE-2023-29357 , which is a “critical” bug in Microsoft SharePoint Server that can be exploited by an unauthenticated attacker on the same network. This SharePoint flaw earned a CVSS rating of 9.8 is the most dangerous).

Social Engineering 273

Social Engineering System Administration Authentication Internet 273

Schneier on Security

JULY 17, 2024

According to Google, Google Cloud was slammed by more RPS in two minutes than Wikipedia saw traffic during September 2023. Google Cloud reported the same attack peaked at an astonishing 398 million RPS. So, how big is that number?

Internet 336

Internet Internet DDOS Cybercrime 336

Krebs on Security

MARCH 15, 2023

The Outlook vulnerability ( CVE-2023-23397 ) affects all versions of Microsoft Outlook from 2013 to the newest. While CVE-2023-23397 is labeled as an “Elevation of Privilege” vulnerability, that label doesn’t accurately reflect its severity, said Kevin Breen , director of cyber threat research at Immersive Labs. .”

Passwords 283

Passwords Cyber threats Authentication Internet 283

Krebs on Security

MAY 29, 2025

The FBI has released a technical writeup (PDF) of the infrastructure used to manage the malicious Funnull domains between October 2023 and April 2025. A graphic from the FBI explaining how Funnull generated a slew of new domains on a regular basis and mapped them to Internet addresses on U.S. cloud providers.

Scams 227

Scams Internet Internet Cybercrime 227

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. According to an August 2023 report (PDF) from the U.S.

Hacking 252

Hacking Cybercrime Advertising Data breaches 252

Schneier on Security

OCTOBER 14, 2024

It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua Security said. Aqua Security researchers have also observed the malware serving as a backdoor to install other families of malware.

Malware 259

Malware Cryptocurrency Internet Internet 259

Krebs on Security

NOVEMBER 1, 2024

According to the market share website statista.com , booking.com is by far the Internet’s busiest travel service, with nearly 550 million visits in September. In November 2023, the security firm SecureWorks detailed how scammers targeted booking.com hospitality partners with data-stealing malware.

Phishing 278

Phishing Accountability Artificial Intelligence Cybercrime 278

Krebs on Security

AUGUST 8, 2023

They were assigned a single placeholder designation of CVE-2023-36884. Satnam Narang , senior staff research engineer at Tenable, said the August patch batch addresses CVE-2023-36884 , which involves bypassing the Windows Search Security feature. out of a possible 10, even though Microsoft rates it as an important flaw, not critical.

Accountability 242

Accountability Engineering Passwords Software 242

Krebs on Security

JULY 11, 2023

They include CVE-2023-32049 , which is a hole in Windows SmartScreen that lets malware bypass security warning prompts; and CVE-2023-35311 allows attackers to bypass security features in Microsoft Outlook. CVE-2023-36874 is an elevation of privilege bug in the Windows Error Reporting Service.

Software 255

Software Malware Antivirus Ransomware 255

Krebs on Security

NOVEMBER 21, 2024

technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. According to several SIM-swapping channels on Telegram where Tylerb was known to frequent, rival SIM-swappers hired thugs to invade his home in February 2023. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft 271

Identity Theft Phishing Cryptocurrency Accountability 271

Tech Republic Security

OCTOBER 9, 2023

When it comes to privacy and security, PIA VPN is among the best. Discover its features, performance, pricing and more with this in-depth review.

VPN 189

VPN Internet Internet 189

Krebs on Security

OCTOBER 18, 2024

Additional reporting revealed National Public Data had inadvertently published its own passwords on the Internet. In a lengthy September 2023 interview with databreaches.net , USDoD told the publication he was a man in his mid-30s who was born in South America and who holds dual citizenship in Brazil and Portugal.

Social Engineering 281

Social Engineering Passwords Cybercrime Mobile 281

Krebs on Security

APRIL 30, 2025

“tylerb”) fled the United Kingdom in February 2023, after a rival cybercrime gang hired thugs to invade his home, assault his mother, and threaten to burn him with a blowtorch unless he gave up the keys to his cryptocurrency wallet. Tyler Buchanan, being escorted by Spanish police at the airport in Palma de Mallorca in June 2024.

Identity Theft 197

Identity Theft Phishing Cryptocurrency Cybercrime 197

Krebs on Security

MAY 15, 2025

In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick , a.k.a. Image: Ke-la.com.

Healthcare 221

Healthcare Insurance Data breaches Government 221

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Mr. Shefel did not respond to requests for comment in advance of that December 2023 profile.

Retail 277

Retail Advertising Cryptocurrency Cybercrime 277

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. What should I be most concerned about – and focus on – in 2024?

Cybersecurity 258

Cybersecurity Social Engineering Cyber threats Software 258

Krebs on Security

MAY 20, 2025

The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching crippling digital assaults that few web destinations can withstand. us , one of the domains seized in the FBI’s 2023 crackdown. On May 8, 2023, the U.S. ” A graph depicting the 6.5

DDOS 296

DDOS IoT Internet Internet 296

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. In March 2023, Lumen Black Lotus Labs researchers uncovered a sophisticated campaign called HiatusRAT that infected over 100 edge networking devices globally. ” reads the PIN report.

Architecture 110

Architecture Internet Internet Malware 110

Krebs on Security

JANUARY 16, 2025

In October 2023, KrebsOnSecurity wrote about a massive uptick in SMS phishing scams targeting U.S. The FBI asks that before you bin the missives, consider filing a complaint with the agency’s Internet Crime Complaint Center (IC3), including the phone number where the text originated, and the website listed within the text.

Phishing 302

Phishing Scams Mobile Passwords 302

The Last Watchdog

APRIL 30, 2023

The theme of RSA Conference 2023 — ‘stronger together’ — was certainly well chosen. Here are four evolving themes reverberating from RSAC 2023 that struck me: Password enabled access will endure for the foreseeable future. Related: Demystifying ‘DSPM’ This was my nineteenth RSAC.

Mobile 238

Mobile Cloud Migration Penetration Testing Authentication 238

Krebs on Security

SEPTEMBER 12, 2023

Apple says the iOS flaw ( CVE-2023-41064 ) does not seem to work against devices that have its ultra-paranoid “ Lockdown Mode ” enabled. Tracked as CVE-2023-36761 , it is flagged as an “information disclosure” vulnerability. ” The other Windows zero-day fixed this month is CVE-2023-36802.

Spyware 318

Spyware Software Surveillance Authentication 318

Security Affairs

JANUARY 21, 2025

The research combined hardware interfaces and software to communicate with the vehicle via Diagnostic Over Internet Protocol (DoIP). The experts used a diagnostic software to analyze the vehicle architecture, scan the Electronic Control Unit (ECU), identify its version, and test diagnostic functions.

Software 137

Software Architecture Media Engineering 137

Krebs on Security

AUGUST 27, 2024

Malicious hackers are exploiting a zero-day vulnerability in Versa Director , a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon , a Chinese cyber espionage group focused on infiltrating critical U.S. In a security advisory published Aug. victims and one non-U.S.

Internet 343

Internet Internet Technology Engineering 343

The Last Watchdog

APRIL 28, 2023

“Stronger together” was the theme of RSA Conference 2023 , which returned to its pre-Covid grandeur under the California sunshine last week at San Francisco’s Moscone Center. Here are three evolving themes reverberating from RSAC 2023 that struck me: Getting a grip on identities Password enabled access will endure for the foreseeable future.

Mobile 211

Mobile Cloud Migration Penetration Testing Authentication 211

Krebs on Security

DECEMBER 4, 2024

“It’s possible this is a shakedown by Kaliningrad authorities of a local internet thug who has tens of millions of dollars in cryptocurrency,” Intel 471 wrote in an analysis published Dec. “The country’s ingrained, institutional corruption dictates that if dues aren’t paid, trouble will come knocking.

Cybercrime 254

Cybercrime Ransomware Cryptocurrency Government 254

Security Affairs

MAY 28, 2025

The threat intelligence firm uncovered a stealth campaign on March 18, 2025, where attackers gained persistent access to thousands of internet-exposed ASUS routers. GreyNoise also found a payload exploiting the authenticated command injection flaw CVE-2023-39780 in ASUS RT-AX55 v3.0.0.4.386.51598 to execute arbitrary system commands.

Firmware 137

Firmware Internet Internet Hacking 137

Security Affairs

APRIL 13, 2025

The company founded in 2001 offers prepaid and postpaid mobile plans, data bundles and internet services, fiber broadband, roaming and international calling, SIM-only plans and device deals. In 2023, Loretto Hospital experienced another data security incident. The footage was removed after the incident was discovered.

Data breaches 133

Data breaches Unstructured Data Identity Theft Healthcare 133

Security Affairs

NOVEMBER 18, 2024

internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” China has long targeted global internet service providers and recent attacks are aligned with past operations linked to Beijing. Hackers linked to the Chinese government have broken into a handful of U.S.

Mobile 118

Mobile Telecommunications Data breaches Hacking 118

Security Affairs

DECEMBER 21, 2024

The bot conducts ad fraud by accessing websites in the background and operates as a residential proxy, sharing the users internet connection for criminal activities, which can link the users IP address illegal activities. BadBox can also download additional payloads, amplifying the risks for the users.

Firmware 144

Firmware Malware Internet Internet 144

Security Affairs

DECEMBER 19, 2024

Fortinet warned of a now-patched Wireless LAN Manager (FortiWLM) vulnerability, tracked as CVE-2023-34990 (CVSS score of 9.6), that could lead to admin access and sensitive information disclosure. The researcher also noticed that the vulnerability CVE-2023-34990 can be chained with CVE-2023-48782 (CVSS score of 8.8) through 8.6.5

Wireless 107

Wireless Authentication Healthcare Education 107

Krebs on Security

FEBRUARY 13, 2024

Top of the heap on this Fat Patch Tuesday is CVE-2024-21412 , a “security feature bypass” in the way Windows handles Internet Shortcut Files that Microsoft says is being targeted in active exploits. Microsoft Corp. It’s also smart to back up your data and/or image your Windows drive before applying new updates.

Engineering 305

Engineering Internet Internet Software 305