Remove Cryptocurrency Remove Cybercrime Remove Surveillance
article thumbnail

Happy 15th Anniversary, KrebsOnSecurity!

Krebs on Security

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. A surveillance photo of Connor Riley Moucka, a.k.a. Image: Shutterstock, Dreamansions.

Scams 247
article thumbnail

New PumaBot targets Linux IoT surveillance devices

Security Affairs

Darktrace researchers discovered a new botnet called PumaBot targets Linux-based IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and mine cryptocurrency. PumaBot skips broad internet scans and instead pulls a list of targets from its C2 server to brute-force SSH logins. ” states the report.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. Samy Tarazi is a sergeant with the Santa Clara County Sheriff’s office and a REACT supervisor.

Mobile 277
article thumbnail

Security Affairs newsletter Round 447 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

North Korea-linked APT Diamond Sleet supply chain attack relies on CyberLink software New InfectedSlurs Mirai-based botnet exploits two zero-days SiegedSec hacktivist group hacked Idaho National Laboratory (INL) CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog Enterprise software provider TmaxSoft leaks 2TB of data (..)

article thumbnail

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Security Affairs

Camera Access: Starts front camera streaming for potential identity theft or surveillance. “Already observed targeting banks in Spain and Turkey and popular cryptocurrency wallets, Crocodilus is clearly engineered to go after high-value assets.” Data Theft: Captures Google Authenticator screen content to steal OTP codes.

Banking 68
article thumbnail

Security Affairs newsletter Round 507 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

CISA adds Fortinet FortiOS flaw to its Known Exploited Vulnerabilities catalog Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket CVE-2024-44243 macOS flaw allows persistent malware installation FBI deleted China-linked PlugX malware from over 4,200 US computers Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware (..)

Spyware 70
article thumbnail

Spyware, ransomware and Nation-state hacking: Q&A from a recent interview

Security Affairs

Spyware are powerful weapons in the arsenal of governments and cybercrime gangs. Pegasus is probably the most popular surveillance software on the market, it has been developed by the Israeli NSO Group. The surveillance business is growing in the dark and is becoming very dangerous. Is the Pegasus spyware as a game-changer?

Spyware 98