Krebs on Security

MAY 28, 2024

911 built its proxy network mainly by offering “free” virtual private networking (VPN) services. 911’s VPN performed largely as advertised for the user — allowing them to surf the web anonymously — but it also quietly turned the user’s computer into a traffic relay for paying 911 S5 customers.

VPN 301

VPN Banking Cybercrime Internet 301

Malwarebytes

FEBRUARY 19, 2025

And in 2024, one malicious program in particular is responsible for the lions share of info stealer activityracking up 70% of known info stealer detections on Mac. By January 2024, AMOS had increased its price to $3,000 a month. But in the world of cybercrime, malware features only mean so much.

Malware 135

Malware Software Passwords Cryptocurrency 135

SecureList

NOVEMBER 23, 2023

As we look to 2024, we believe that the consumer threat landscape will be heavily influenced by political, cultural, and technological events and trends. Unfortunately, this ambiguity sets the stage for an anticipated increase in charity-related scams in 2024. In Canada, a similar ban on the WeChat messenger was introduced in October.

VPN 133

VPN Scams Education Internet 133

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 71

Cybercrime Artificial Intelligence Hacking VPN 71

Troy Hunt

FEBRUARY 25, 2025

This is just one of many channels involved in cybercrime, but it's noteworthy due to the huge amount of freely accessible data. It was reproducible too: when I saw "something went wrong", but the path began with "mx", I VPN'd into Mexico City and Netflix happily confirmed the reset email was sent.

Passwords 362

Passwords Accountability VPN Malware 362

Security Affairs

OCTOBER 11, 2024

Sophos researchers warn that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software.

Backups 130

Backups Ransomware VPN Authentication 130

Digital Shadows

NOVEMBER 26, 2024

Key Points Phishing incidents rose during the reporting period (August 1 to October 31, 2024), accounting for 46% of all customer incidents. The proliferation of cybercrime guides on forums and a 7% rise in insider threat content, driven by significant financial incentives, highlight the growing complexity of cybersecurity challenges.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

Security Affairs

APRIL 7, 2025

Microsoft credited controversial actor EncryptHub, a lone actor with ties to cybercrime, for reporting two Windows flaws. In 2024, he shifted to cybercrime, starting with low-level roles in vishing and ransomware, later moving into malware and vulnerability research that drew wide attention.

Cybercrime 71

Cybercrime Malware Hacking VPN 71

Security Affairs

MARCH 14, 2025

The threat actor exploited CVE-2024-55591 and CVE-2025-24472 in FortiOS and FortiProxy to gain super-admin access on vulnerable Fortinet appliances. “CVE-2024-55591 and CVE-2025-24472 allow unauthenticated attackers to gain super_admin privileges on vulnerable FortiOS devices (<7.0.16) with exposed management interfaces.”

Firewall 66

Firewall Ransomware VPN Encryption 66

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware 70

Spyware Data breaches DNS Artificial Intelligence 70

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. The growing risks to your data During the third quarter of 2024, data breaches exposed more than 422 million records worldwide.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Security Affairs

DECEMBER 1, 2024

CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog Thai police arrested Chinese hackers involved in SMS blaster attacks Zyxel firewalls targeted in recent ransomware attacks Malware campaign abused flawed Avast Anti-Rootkit driver Russia-linked APT TAG-110 uses targets Europe and Asia Russia-linked threat (..)

Cybercrime 71

Cybercrime Firewall Social Engineering Ransomware 71

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 131

VPN Cybercrime Ransomware Hacking 131

Security Affairs

JUNE 6, 2025

In October 2024, the Dutch police announced it has dismantled the infrastructure used by RedLine and Meta infostealers as part of an international law enforcement operation led by Eurojust that was code-named Operation Magnus. Consider extra security layers : Use additional protection like a VPN for safer online activity.

Malware 81

Malware Passwords Identity Theft Accountability 81

Security Affairs

JULY 2, 2024

“The man, 42, is expected to appear in Perth Magistrates Court today (28 June, 2024) to face nine charges for alleged cybercrime offences.” The man was charged in May 2024 following an investigation launched in April 2024 after an airline reported a suspicious WiFi network during a domestic flight.

Cybercrime 128

Cybercrime Wireless Banking VPN 128

Zero Day

JUNE 6, 2025

The data in question was posted on a Russian cybercrime forum on May 15 and then uploaded again on June 3, apparently garnering attention from other cybercriminals and potential buyers. The records are being linked to the same ones compromised by cybercriminals in a data breach that AT&T announced in July of 2024.

Password Management 98

Password Management Passwords Artificial Intelligence Software 98

Krebs on Security

MAY 23, 2024

PROXY WARS Security experts say that not long after the war started, Stark began hosting dozens of proxy services and free virtual private networking (VPN) services, which are designed to help users shield their Internet usage and location from prying eyes. is a company that tracks VPNs and proxy services worldwide.

DDOS 335

DDOS Internet Internet Government 335

Security Affairs

AUGUST 28, 2024

Cisco Talos observed the BlackByte ransomware group exploiting the recently patched security flaw CVE-2024-37085 in VMware ESXi hypervisors in recent attacks. The flaw CVE-2024-37085 (CVSS score of 6.8) BlackByte ransomware operators are exploiting a recently patched VMware ESXi hypervisors vulnerability in recent attacks.

Ransomware 127

Ransomware Authentication Encryption Manufacturing 127

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN 140

VPN Accountability Firewall Data breaches 140

Security Affairs

JUNE 6, 2025

Threat intelligence firm PRODAFT warned that Qilin ransomware (aka Phantom Mantis) group targeted multiple organizations between May and June 2025 by exploiting multiple FortiGate vulnerabilities, including CVE-2024-21762 , and CVE-2024-55591. in FortiOS SSL VPN was actively exploited in attacks in the wild. through 7.0.16

Ransomware 52

Ransomware Authentication VPN Healthcare 52

Security Affairs

JUNE 2, 2024

Ticketmaster confirms data breach impacting 560 million customers Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin ShinyHunters is selling data of 30 million Santander customers Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours LilacSquid APT (..)

Data breaches 124

Data breaches VPN Cloud Migration Cybercrime 124

Security Affairs

JULY 14, 2024

roads, collecting detailed data with cameras and lasers Shopify denies it was hacked, links stolen data to third-party app The July 2024 Security Update Review Can AI be Meaningfully Regulated, or is Regulation a Deceitful Fudge? Patch it now! million miles on U.S.

Data breaches 118

Data breaches VPN Malware Banking 118

Security Affairs

FEBRUARY 15, 2025

CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs Hacking Attackers exploit a new zero-day to hijack Fortinet firewalls Security OpenSSL patched high-severity flaw CVE-2024-12797 Progress Software fixed multiple high-severity (..)

Spyware 70

Spyware Firewall Artificial Intelligence Malware 70

Security Affairs

JANUARY 21, 2024

million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 Patch it now!

Artificial Intelligence 129

Artificial Intelligence Hacking VPN Firewall 129

Security Boulevard

JANUARY 2, 2024

Let's delve into the rewind of 2023, exploring five influential trends and threats that molded the cyberthreat landscape and are poised to resonate throughout enterprises in 2024. In fact, 2023 saw an increase in VPN vulnerabilities and, accordingly, nearly 1 in 2 organizations reported that they experienced VPN-related attacks.

CISO 104

CISO Social Engineering Architecture Ransomware 104

Security Affairs

AUGUST 23, 2024

The Qilin ransomware group has been active since at least 2022 but gained attention in June 2024 for attacking Synnovis , a UK governmental service provider for healthcare. The attackers breached the organization via compromised credentials for a VPN portal that lacked multi-factor authentication (MFA).

Ransomware 135

Ransomware Cybercrime Passwords VPN 135

Security Affairs

FEBRUARY 11, 2024

Cybersecurity Announcement of a Visa Restriction Policy to Promote Accountability for the Misuse of Commercial Spyware Critical Security Issue Affecting TeamCity On-Premises (CVE-2024-23917) – Update to 2023.11.3

Spyware 125

Spyware Surveillance DDOS Identity Theft 125

Security Affairs

APRIL 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 130

Data breaches Hacking Small Business Malware 130

Security Affairs

FEBRUARY 4, 2024

Ransomware Revenue Down As More Victims Refuse to Pay Energy giant Schneider Electric hit by Cactus ransomware attack Hundreds Of Network Operators’ Credentials Found Circulating In Dark Web Fla.

Identity Theft 123

Identity Theft VPN Malware Ransomware 123

Security Affairs

APRIL 21, 2024

PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)

Data breaches 131

Data breaches Ransomware Phishing Malware 131

Security Affairs

AUGUST 8, 2024

FBI and CISA published a joint advisory on the BlackSuit Ransomware group, the document provides TTPs and IOCs as recently as July 2024. August 7, 2024: The advisory was updated to notify network defenders of the rebrand of “Royal” ransomware actors to “BlackSuit.”

Ransomware 131

Ransomware Manufacturing VPN Healthcare 131

Security Affairs

MAY 12, 2024

Ohio Lottery data breach impacted over 538,000 individuals Notorius threat actor IntelBroker claims the hack of the Europol A cyberattack hit the US healthcare giant Ascension Google fixes fifth actively exploited Chrome zero-day this year Russia-linked APT28 targets government Polish institutions Citrix warns customers to update PuTTY version installed (..)

Data breaches 116

Data breaches VPN Hacking Banking 116

The Last Watchdog

SEPTEMBER 18, 2024

18, 2024, CyberNewsWire — SpyCloud , the leader in Cybercrime Analytics, today announced new cybersecurity research highlighting the growing and alarming threat of infostealers – a type of malware designed to exfiltrate digital identity data, login credentials, and session cookies from infected devices. Austin, TX, Sept.

Ransomware 113

Ransomware Malware Cybercrime Authentication 113

SecureWorld News

AUGUST 28, 2024

The vulnerability, CVE-2024-39717 , affects Versa Director versions 21.2.3, Researchers at Lumen's Black Lotus Labs discovered the exploit on June 17, 2024, after analyzing a suspicious file uploaded to VirusTotal. Further investigation revealed that Volt Typhoon had exploited this vulnerability since June 12, 2024. and 22.1.3.

VPN 109

VPN Firewall Accountability Internet 109

Security Affairs

JANUARY 12, 2025

CISA adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog Threat actors breached the Argentinas airport security police (PSA) payroll Moxa router flaws pose serious risks to industrial environmets US adds Tencent to the list of companies supporting Chinese military Eagerbee backdoor targets govt entities (..)

Data breaches 61

Data breaches Phishing Social Engineering Engineering 61

Security Affairs

MARCH 11, 2024

The group focuses on internet-facing services, in at least one instance the group exploited the vulnerability CVE-2024-21887 in Ivanti Connect Secure VPN. A financially motivated threat actor named Magnet Goblin made the headlines for rapidly adopting and exploiting 1-day vulnerabilities, CheckPoint warned.

Malware 133

Malware VPN Encryption Hacking 133

Webroot

OCTOBER 1, 2024

Keeping technology up to date Another simple weapon in the war on cybercrime – keeping your devices, software and apps up to date. Use a VPN A virtual private network (VPN) protects your online privacy and helps keep your information safe. October is the perfect time to make sure you don’t get spooked by cybercrime.

Security Awareness 115

Security Awareness Backups Passwords Password Management 115