Graham Cluley

OCTOBER 17, 2024

Read more in my article on the Tripwire State of Security blog. And boy do we need some good news - amid reports that 389 US-based healthcare institutions were hit by ransomware last year - more than one every single day.

Ransomware 138

Ransomware Encryption Healthcare Data breaches 138

Trend Micro

JUNE 16, 2025

This blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet, enabling threat actors to achieve full system compromise, initiate DDoS attacks, and potentially exfiltrate sensitive data.

DDOS 120

DDOS 120

Malwarebytes

MARCH 26, 2025

Through an automated attack disguised as a notice from Hunts chosen newsletter provider Mailchimp, scammers stole roughly 16,000 records belonging to current and past subscribers of Hunts blog. The email claimed that Mailchimp was temporarily cutting service to Hunt because his blog had allegedly received a spam complaint. Hunt wrote.

Phishing 127

Phishing Data breaches Scams Password Management 127

Troy Hunt

JULY 2, 2025

I alluded to Truyu being an excellent example of a potential partner in the aforementioned blog post, so their inclusion in this program should come as no surprise, but let me embellish further. If that happens as a result of the Qantas breach, at least I'm going to know about it early.

192

192

Schneier on Security

AUGUST 28, 2024

Matthew Green wrote a really good blog post on what Telegram’s encryption is and is not.

Encryption 325

Encryption 325

Troy Hunt

MARCH 30, 2025

On that note, stay tuned for the promised "Passkeys for Normal People" blog post, I hope to be talking about that in next week's video (travel schedule permitting). I've no doubt whatsoever this is a net-positive event that will do way more good than harm.

Phishing 243

Phishing Data breaches Scams 243

Graham Cluley

OCTOBER 24, 2024

Read more in my article on the Tripwire State of Security blog. And the recent discovery of a new malware strain emphasises that the threat - even if much smaller than on Windows - remains real.

Ransomware 140

Ransomware Malware 140

Trend Micro

JUNE 17, 2025

This blog breaks down the attack chain. A recent attack campaign took advantage of exposed Docker Remote APIs and used the Tor network to deploy a stealthy cryptocurrency miner.

Cryptocurrency 125

Cryptocurrency Malware 125

Graham Cluley

JUNE 28, 2025

Read more in my article on the Hot for Security blog. Suspected high-ranking members of one of the world's largest online marketplaces for leaked data have been arrested by French police.

Cybercrime 106

Cybercrime Data breaches 106

Troy Hunt

MARCH 3, 2025

But the confusing nature of stealer logs coupled with an overtly long blog post explaining them and the conflation of which services needed a subscription versus which were easily accessible by anyone made for a very intense last 6 days. That was a bit intense, as is usually the way after any large incident goes into HIBP.

Passwords 257

Passwords Accountability Malware 257

Krebs on Security

MARCH 14, 2025

. “This campaign delivers multiple families of commodity malware, including XWorm, Lumma stealer, VenomRAT, AsyncRAT, Danabot, and NetSupport RAT,” Microsoft wrote in a blog post on Thursday. “Depending on the specific payload, the specific code launched through mshta.exe varies.

Phishing 292

Phishing Scams Malware Passwords 292

Schneier on Security

JULY 19, 2024

He’s written a blog post about what he’s learned and what comes next. Brett Solomon is retiring from AccessNow after fifteen years as its Executive Director.

302

302

Krebs on Security

MARCH 11, 2025

. “Garantex has been used in sanctions evasion by Russian elites, as well as to launder proceeds of crime including ransomware, darknet market trade and thefts attributed to North Koreas Lazarus Group,” Elliptic wrote in a blog post.

Ransomware 287

Ransomware Cryptocurrency Marketing Government 287

Schneier on Security

JUNE 25, 2025

I’ll quote the last section, “User Interaction Metadata”, in full because it includes some interesting specific technical notes: [Blog editor note: The list below has been reformatted for as a numbered list for readability.] Topics were discussed between June 2024 and October 2024. User is currently in United States.

Architecture 328

Architecture Surveillance Accountability VPN 328

Graham Cluley

JUNE 25, 2025

Read more in my article on the Hot for Security blog. A new INTERPOL report has sounded the alarm over a dramatic increase in cybercrime across Africa, with digital crime now accounting for a significant proportional of all criminal activity across the continent.

Cybercrime 98

Cybercrime Accountability Phishing Ransomware 98

Graham Cluley

JUNE 27, 2025

Find out how it is different from other ransomware, and read more in my article on the Fortra blog. SafePay is a relatively new ransomware that is making a big impact.

Ransomware 114

Ransomware Malware 114

Security Boulevard

DECEMBER 9, 2024

This blog post explores how maintaining USB security mitigates insider threats and fosters a secure workplace environment. The post The Role of USB Security in Combating Insider Threats appeared first on Security Boulevard.

Software 132

Software Security Awareness Cybersecurity 132

Krebs on Security

JANUARY 7, 2025

The image that Lookout used in its blog post for Crypto Chameleon can be seen in the lower right hooded figure. That latter domain was created and deployed shortly after Lookout published its blog post on Crypto Chameleon. com and two other related control domains — thebackendserver[.]com com and lookoutsucks[.]com.

Phishing 343

Phishing Cryptocurrency Accountability Social Engineering 343

Cisco Security

JUNE 16, 2025

Learn what sets Cisco XDR apart in our blog. Cisco has been named a Leader and Fast Mover in GigaOm's Radar for Extended Detection and Response (XDR).

110

110

Krebs on Security

OCTOBER 17, 2024

. “Where their potential impact becomes really significant is when they then acquire access to thousands of other machines — typically misconfigured web servers — through which almost anyone can funnel attack traffic,” Amazon explained in a blog post.

DDOS 279

DDOS Government Internet Internet 279

Graham Cluley

JUNE 12, 2025

Read more in my article on the Hot for Security blog. The spate of cyber attacks impacting the retail industry continues, with the latest victim being United Natural Foods (UNFI), which supplies organic produce to Whole Foods, Amazon, Target, and Walmart, amongst many others.

Cyber Attacks 110

Cyber Attacks Retail Ransomware Malware 110

Graham Cluley

JUNE 20, 2025

Read more in my article on the Hot for Security blog. Krispy Kreme, the dispenser of delectable doughnuts, has revealed that an astonishingly wide range of personal information belonging to past and present employees, as well as members of their families, was accessed by hackers during a cyber attack last year.

Hacking 100

Hacking Cyber Attacks Data breaches 100

Penetration Testing

NOVEMBER 5, 2024

A recent blog by security researcher Hossam Ehab has detailed an advanced technique for process injection through manipulation of the Kernel Callback Table within the Process Environment Block (PEB) on... The post Stealthy Process Injection: New Kernel Callback Table Technique Exposed appeared first on Cybersecurity News.

Cybersecurity 113

Cybersecurity Malware 113

Krebs on Security

JANUARY 14, 2025

Further reading on today’s patches from Microsoft: Tenable blog SANS Internet Storm Center Ask Woody And if you run into any problems installing this month’s patch batch, drop a line in the comments below, please.

Artificial Intelligence 298

Artificial Intelligence Social Engineering Encryption Internet 298

Schneier on Security

SEPTEMBER 17, 2024

On this blog, let’s stick to the tech and the security ramifications of the threat. And it seems to be a large detonation for an overloaded battery. This reminds me of the 1996 assassination of Yahya Ayyash using a booby trapped cellphone. EDITED TO ADD: I am deleting political comments.

69

69

Adam Shostack

JANUARY 2, 2025

That the White House is involved should not be a shocker to readers of this blog, and it represents a fascinating state of the evolution of the conversation around memory safety that it would reach that level. Blog overview or direct link.) Regulation The White House released a report on memory safe languages.

Software 130

Software Advertising Hacking 130

Graham Cluley

JULY 1, 2025

Read more in my article on the Hot for Security blog. French police have arrested a business student interning at the bank Société Générale who is accused of helping SIM-swapping scammers to defraud 50 of its clients.

Banking 91

Banking Mobile 91

Heimadal Security

NOVEMBER 1, 2024

The same threat actors breached the tech giant earlier this week and are responsible for the notorious SolarWinds supply chain attack […] The post Microsoft Warns: Midnight Blizzard’s Ongoing Spear-Phishing Campaign with RDP Files appeared first on Heimdal Security Blog.

Phishing 98

Phishing Cybersecurity 98

Graham Cluley

MAY 16, 2025

Read more in my article on the Fortra blog. Ascension, one of the largest private healthcare companies in the United States, has confirmed that the personal data of some 437,329 patients has been exposed following an attack by cybercriminals.

Healthcare 98

Healthcare Data breaches 98

Schneier on Security

MARCH 21, 2025

The UK’s National Computer Security Center (part of GCHQ) released a timeline —also see their blog post —for migration to quantum-computer-resistant cryptography. It even made The Guardian.

249

249

Schneier on Security

AUGUST 12, 2024

Through this analysis, we illuminate key and novel patterns in misuse during this time period, including potential motivations, strategies, and how attackers leverage and abuse system capabilities across modalities (e.g. image, text, audio, video) in the wild. Note the graphic mapping goals with strategies.

Artificial Intelligence 321

Artificial Intelligence Risk 321

Heimadal Security

NOVEMBER 22, 2024

The same agencies issued a joint advisory in May that warned about BianLian’s shifting tactics, which […] The post CISA: BianLian Ransomware Focus Switches to Data Theft appeared first on Heimdal Security Blog.

Ransomware 104

Ransomware Cybersecurity 104

Heimadal Security

JANUARY 16, 2025

This article outlines the crucial steps for aligning with NIS2 standards, drawn from our comprehensive NIS2 […] The post Your Ultimate Guide to NIS2 Compliance: Key Steps and Insights appeared first on Heimdal Security Blog.

Cyber Risk 111

Cyber Risk Risk Cybersecurity 111

Krebs on Security

MAY 22, 2025

Further reading: Danabot: Analyzing a Fallen Empire ZScaler blog: DanaBot Launches DDoS Attack Against the Ukrainian Ministry of Defense Flashpoint: Operation Endgame DanaBot Malware March 2022 criminal complaint v. Separately, Microsoft filed a civil lawsuit to seize control over 2,300 domain names used by Lumma Stealer and its affiliates.

Malware 260

Malware Cybercrime Government Banking 260

Adam Shostack

FEBRUARY 18, 2025

If youve read my recent blog post on Hoarding, Debt and Threat Modeling , youll hear me reiterate how people often try to model everything at once and get overwhelmed in the process. I wanted to share some key themes we explored. One of the core messages I emphasized is how we can make threat modeling more accessible.

130

130

Troy Hunt

MARCH 11, 2025

Part of that is this blog post heralding what's to come, and part of it is also open sourcing the ux-rebuild repository. I'm really stoked with the work the guys I've mentioned in this blog post have done, but there will be other great ideas that none of us have thought of yet.

Passwords 351

Passwords Internet Internet 351

Krebs on Security

OCTOBER 30, 2024

“Affected insurance providers can contact us to prevent leaking of their own data and [remove it] from the sale,” RansomHub’s victim shaming blog announced on April 16. A few days after BlackCat imploded, the same stolen healthcare data was offered for sale by a competing ransomware affiliate group called RansomHub.

Healthcare 306

Healthcare Insurance Computers and Electronics Data breaches 306