Security Affairs

FEBRUARY 24, 2025

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. SecurityScorecard researchers discovered a botnet of over 130,000 devices that is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide. ” concludes the report.

Passwords 133

Passwords Accountability Authentication Malware 133

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. ” Device code phishing attacks exploit authentication flows to steal tokens, granting attackers access to accounts and data. . ” continues the report.

Phishing 129

Phishing Authentication Telecommunications Accountability 129

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

SecureList

MARCH 3, 2025

The statistics for previous years may differ from earlier publications due to a data and methodology revision implemented in 2024. The year in figures According to Kaspersky Security Network, in 2024: A total of 33.3 Adware, the most common mobile threat, accounted for 35% of total detections. A total of 1.1 A total of 1.1

Mobile 117

Mobile Malware Adware Banking 117

Penetration Testing

MAY 25, 2025

A recently disclosed vulnerability in WSO2 products, identified as CVE-2024-6914, poses a severe security threat to organizations using The post Critical WSO2 Flaw: Unauthenticated Account Takeover Risk (CVSS 9.8) appeared first on Daily CyberSecurity.

Accountability 83

Accountability Risk Cybersecurity 83

SecureList

NOVEMBER 29, 2024

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Quarterly figures In Q3 2024: Kaspersky solutions successfully blocked more than 652 million cyberattacks originating from various online resources. 2 China 0.95 3 Libya 0.68 4 South Korea 0.66

Mobile 107

Mobile Adware Ransomware Malware 107

Krebs on Security

NOVEMBER 1, 2024

.” “That said, the phishing attacks stem from partners’ machines being compromised with malware, which has enabled them to also gain access to the partners’ accounts and to send the messages that your reader has flagged,” they continued. Snowflake responded by making 2FA mandatory for all new customers.

Phishing 278

Phishing Accountability Artificial Intelligence Cybercrime 278

SecureList

NOVEMBER 28, 2024

This is our latest roundup, covering activity we observed during Q3 2024. Earlier in 2024, a secure USB drive was found to be compromised and malicious code was injected into the access management software installed on the USB drive. After that, we did not observe any new activity related to this actor until mid-July 2024.

Malware 120

Malware Government Software Spyware 120

Krebs on Security

NOVEMBER 21, 2024

That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina. In September 2024, KrebsOnSecurity reported that a 17-year-old from the United Kingdom was arrested last year by U.K.

Identity Theft 271

Identity Theft Phishing Cryptocurrency Accountability 271

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services.

Ransomware 129

Ransomware Identity Theft Data breaches Cyber threats 129

SecureList

FEBRUARY 20, 2025

Security incident statistics for 2024 In 2024, the MDR infrastructure received and processed on average 15,000 telemetry events per host every day, generating security alerts as a result. Human-driven targeted attacks accounted for 43% of high-severity incidents 74% more than in 2023 and 43% more than in 2022. in IT, 18.3%

Social Engineering 101

Social Engineering Phishing Government Threat Detection 101

Adam Shostack

JANUARY 2, 2025

In late 2024, people are being offered a choice of features versus security. We didnt take into account tradeoffs when user interfaces change or functionality goes away. This week, Synology released a security patch (for Synology Photos, a default part of some of their products) without telling anyone.

Media 130

Media Accountability 130

SecureList

NOVEMBER 29, 2024

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics Quarterly figures According to Kaspersky Security Network, in Q3 2024: As many as 6.7 Adware was the most common mobile threat, accounting for 36% of all detected threats.

Mobile 103

Mobile Adware Banking Malware 103

SecureList

MARCH 25, 2025

Key findings Phishing Banks were the most popular lure in 2024, accounting for 42.58% of financial phishing attempts. Amazon Online Shopping was mimicked by 33.19% of all phishing and scam pages targeting online store users in 2024. Cryptocurrency phishing saw an 83.37% year-over-year increase in 2024, with 10.7

Phishing 80

Phishing Banking Scams Mobile 80

SecureList

NOVEMBER 29, 2024

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations.

Energy and Utilities 106

Energy and Utilities Ransomware Malware Government 106

Krebs on Security

DECEMBER 29, 2024

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. In case you missed any of them, here’s a recap of 2024’s most-read stories.

Scams 244

Scams Cybercrime Cryptocurrency Social Engineering 244

Krebs on Security

MARCH 14, 2025

In November 2024, KrebsOnSecurity reported that hundreds of hotels that use booking.com had been subject to targeted phishing attacks. Some of those lures worked, and allowed thieves to gain control over booking.com accounts. An alert (PDF) released in October 2024 by the U.S.

Phishing 287

Phishing Malware Scams Passwords 287

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 139

Backups VPN Ransomware Authentication 139

Security Affairs

NOVEMBER 9, 2024

A critical flaw, tracked as CVE-2024-40711, in Veeam Backup & Replication (VBR) was also recently exploited to deploy Frag ransomware. In mid-October, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 140

Backups Ransomware VPN Accountability 140

Security Affairs

NOVEMBER 7, 2024

Google as usual did not share details about the attacks exploiting the above vulnerability, however, it added that another issue, tracked as CVE-2024-43047, is actively exploited in the wild. CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Versions up to 2.3.6 and unpatched 2.3.7

Firewall 137

Firewall Authentication Accountability Risk 137

Krebs on Security

FEBRUARY 26, 2025

At the end of 2023, malicious hackers learned that many companies had uploaded sensitive customer records to accounts at the cloud data storage service Snowflake that were protected with little more than a username and password (no multi-factor authentication needed).

Hacking 263

Hacking Government Identity Theft Accountability 263

Security Affairs

MAY 27, 2025

A new Russia-linked APT group, tracked as Laundry Bear, has been linked to a Dutch police security breach in September 2024. In October 2024, the Dutch police blamed a state actor for the recent data breach that exposed officers contact details, the justice minister told lawmakers.

Data breaches 89

Data breaches Government Hacking Manufacturing 89

Security Affairs

DECEMBER 7, 2024

The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. The ransomware gang claims to have stolen sensitive data including accounting info and contracts. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware 136

Ransomware Hacking Accountability Cyber Attacks 136

Heimadal Security

MARCH 20, 2025

In early 2024, background checking service National Public Data was hit by a massive cyberattack that potentially compromised the sensitive, personal information of millions, or possibly even billions, of people around the world, including U.S. residents. A year later, new security threats have gained traction.

Data breaches 103

Data breaches Artificial Intelligence Accountability Cybersecurity 103

Krebs on Security

DECEMBER 11, 2024

wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work The site Verif dot work, which processes payments through Cryptomus, sells financial accounts, including debit and credit cards. work and kopeechka[.]store store ; -anonymity or “proxy” providers like crazyrdp[.]com

Cryptocurrency 288

Cryptocurrency Banking Cybercrime Advertising 288

SecureList

DECEMBER 27, 2024

Statistics across all threats In the third quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 1.5 The percentage of ICS computers on which malicious objects were blocked during the third quarter of 2024 was highest in July and September, and lowest inAugust. Regions and the world.

Malware 105

Malware Spyware Internet Internet 105

Malwarebytes

FEBRUARY 14, 2025

In October 2024, we found data reported to belong to Zacks containing 8,441 records which includes email addresses, physical addresses, phone numbers, and full names, and potentially other compromised user details. Protecting yourself after a data breach Losing data related to a financial account can have severe consequences.

Accountability 82

Accountability Data breaches Passwords Phishing 82

Security Affairs

DECEMBER 4, 2024

Veeam released security updates for a critical vulnerability, tracked as CVE-2024-42448 (CVSS score of 9.9) Veeam also addressed a vulnerability, tracked as CVE-2024-42449 (CVSS score 7.1) that could be exploited to leak an NTLM hash of the VSPC server service account and delete files on the VSPC server machine.

Backups 128

Backups Ransomware Accountability Hacking 128

BH Consulting

NOVEMBER 22, 2024

Microsoft moves to lock down admin accounts against exploits Microsoft is introducing a new security feature for Windows 11 called Admin Protection, designed to make admin accounts more secure during privileged or sensitive actions. Sign up here The post Security Roundup November 2024 appeared first on BH Consulting.

Accountability 72

Accountability Data privacy Scams Cybersecurity 72

Security Affairs

APRIL 15, 2025

Hertz Corporation disclosed a data breach after customer data was stolen via Cleo zero-day exploits in late 2024, affecting Hertz, Thrifty, and Dollar brands. Threat actors gained access to customer data via Cleo zero-day exploits in late 2024. In December 2024, the U.S.

Data breaches 80

Data breaches Ransomware Software Hacking 80

Security Affairs

MAY 28, 2025

Apple blocked over $9B in fraud in 5 years, including $2B in 2024, stopping scams from deceptive apps to fake payment schemes on the App Store. In the past five years alone, Apple says it has blocked over $9 billion in fraudulent transactions, more than $2 billion of that in 2024, highlighting its ongoing efforts to keep users safe.

Scams 75

Scams Accountability Hacking Mobile 75

Security Affairs

OCTOBER 23, 2024

For instance, organizations can leverage DSPM to detect and catalog personally identifiable information (PII) spread across the organization’s data stores, SaaS services, or multi-cloud accounts. Similarly, GDPR also places great emphasis on implementing measures to prevent unauthorized access or sensitive data exposure.

Data privacy 137

Data privacy Unstructured Data Risk Data breaches 137

Security Affairs

FEBRUARY 3, 2025

The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104 , which is actively exploited in attacks in the wild. “There are indications that CVE-2024-53104 may be under limited, targeted exploitation.” ” reads Google’s bulletin.

Media 129

Media Authentication Hacking Accountability 129

SecureWorld News

MAY 14, 2025

The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. In 2024, law enforcement in India conducted multiple call center raids, disruptions, seizures, and arrests of the individuals alleged to be involved in perpetrating these crimes. billion in losses.

Cybercrime 73

Cybercrime Scams Internet Internet 73

Security Affairs

OCTOBER 22, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the ScienceLogic SL1 flaw CVE-2024-9537 (CVSS v4 score: 9.3) ” On September 24, 2024, cloud hosting provider Rackspace reported an issue with its ScienceLogic EM7 monitoring tool. CISA orders federal agencies to fix this vulnerability by November 11, 2024.

Encryption 135

Encryption Hacking Accountability Cybersecurity 135

Security Affairs

OCTOBER 14, 2024

The data breach occurred on August 17, 2024 and was discovered two days later, on August 19, 2024. “Between August 17 and August 19, a third party accessed and obtained certain information without authorization using two customer accounts that they had recently established.

Data breaches 140

Data breaches Financial Services Accountability Hacking 140

Krebs on Security

APRIL 30, 2025

Tyler Buchanan, being escorted by Spanish police at the airport in Palma de Mallorca in June 2024. Buchanan was arrested in June 2024 at the airport in Palma de Mallorca while trying to board a flight to Italy. As first reported by KrebsOnSecurity, Buchanan (a.k.a. ” U.S.

Identity Theft 197

Identity Theft Phishing Cryptocurrency Cybercrime 197