Security Affairs

OCTOBER 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog Three new Ivanti CSA zero-day actively exploited in attacks Ukrainian national pleads guilty in U.S.

Data breaches

The Last Watchdog

DECEMBER 18, 2024

Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. Promoting continuous learning in privacy tech, AI governance, and Zero Trust, alongside partnerships with educational institutions, helps build a skilled workforce to meet evolving regulatory demands.

Risk

Security Affairs

NOVEMBER 19, 2024

Affiliates paid fees to administrators like Ptitsyn for decryption keys, with payments routed via unique cryptocurrency wallets from 2021–2024. The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors.

Cybercrime

SecureWorld News

MAY 14, 2025

The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. Other critical sectors, including manufacturing and government facilities, also faced significant threats. The report highlights a staggering $16.6 billion in losses. Since 2022, the U.S.

Cybercrime

Security Affairs

JULY 18, 2025

Based on information from open sources, government experts linked multiple Phobos ransomware variants to Phobos intrusions due to observed similarities in Tactics, Techniques, and Procedures (TTPs). Affiliates paid fees to administrators like Ptitsyn for decryption keys, with payments routed via unique cryptocurrency wallets from 2021–2024.

Ransomware

Security Affairs

JUNE 22, 2025

Iran confirmed it shut down internet to protect the country against cyberattacks Godfather Android trojan uses virtualization to hijack banking and crypto apps Cloudflare blocked record-breaking 7.3 Every week, the best security articles from Security Affairs are free in your email box.

Data breaches

Zero Day

JUNE 17, 2025

"The company and its founder have worked with government spy agencies and surveillance industry contractors to surveil mobile phones and track user location," Bloomberg reported. In this instance, the messages passed through a controversial Swiss outfit named Fink Telecom Services.

Authentication

Malwarebytes

MAY 1, 2025

The hackers hijacked the channels to spread cryptocurrency scams, while deleting some of the groups old videos in the process. The attack was largely reminiscent of a 2022 YouTube account hack that repurposed a 2018 interview with Apple CEO Tim Cook to fool viewers into following a separate cryptocurrency scam.

Small Business

SecureList

APRIL 23, 2025

We immediately took action by communicating meaningful information to the Korea Internet & Security Agency (KrCERT/CC) for rapid action upon detection, and we have now confirmed that the software exploited in this campaign has all been updated to patched versions. The software has since been updated with patched versions.

Malware

SecureList

MAY 28, 2025

2022: From zero to threat Zanubis was first observed in the wild around August 2022, initially targeting financial institutions and cryptocurrency exchange users in Peru. The once-broad range of targets, including cryptocurrency wallets, has been abandoned.

Banking

Cisco Security

JULY 7, 2025

In terms of technology, the Internet of Things (IoT) was still getting off the ground, and AI was largely still science fiction. And, the advent of Bitcoin and other cryptocurrencies has provided a relatively safe channel for ransom, extortion and other illicit payments. Endpoint security still meant antivirus agents.

Cyber Risk

Penetration Testing

JUNE 9, 2025

The most notable discovery in SentinelLABS’ investigation was that threat actors carried out reconnaissance against SentinelOne’s Internet-facing servers in October 2024, and even compromised a third-party IT logistics firm responsible for handling employee hardware.

Penetration Testing

Krebs on Security

NOVEMBER 5, 2024

government agencies and first responders. The IntelSecrets nickname corresponds to an individual who has claimed responsibility for modifying the source code for the Mirai “Internet of Things” botnet to create a variant known as “ Satori ,” and supplying it to others who used it for criminal gain and were later caught and prosecuted.

Cybercrime

Security Affairs

JUNE 21, 2025

Iran confirmed an Internet shutdown to counter Israeli cyberattacks, citing threats to critical infrastructure, and interfere with drone control. Iran experienced a near-total internet blackout on Wednesday as tensions with Israel escalated into the first week of conflict. ” Government spokeswoman Fatemeh Mohajerani added.

Internet

Hacker's King

JULY 3, 2025

Ethereum ranks among the most recognized cryptocurrencies in the world, only behind Bitcoin. In addition, it possesses a cryptocurrency called Ether (ETH). What Distinguishes Ethereum from Other Cryptocurrencies? As a cryptocurrency, Ethereum has features that distinguish it from others. Why Should You Consider Ethereum?

Cryptocurrency

Schneier on Security

MAY 14, 2021

Modern ransomware has two dimensions: pay to get your data back, and pay not to have your data dumped on the Internet. Ransomware in big business, made possible by insecure networks that allow criminals to gain access to networks in the first place, and cryptocurrencies that allow for payments that governments cannot interdict.

Ransomware

Krebs on Security

JANUARY 10, 2024

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. Dellone says the crooks then used his phone number to break into his account at Coinbase and siphon roughly $100,000 worth of cryptocurrencies.

Cryptocurrency

Krebs on Security

MAY 29, 2024

” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. government.

VPN

Security Affairs

FEBRUARY 19, 2024

Resecurity has identified an increasing trend of cryptocurrency counterfeiting, the experts found several tokens impersonating major brands, government organizations and national fiat currencies. Resecurity has identified an increasing trend of cryptocurrency counterfeiting.

Cryptocurrency

Security Affairs

NOVEMBER 8, 2021

The FBI warns of an increase of fraudulent schemes leveraging cryptocurrency ATMs and QR Codes to facilitate payment. The FBI Internet Crime Complaint Center (IC3) published an alert to warn the public of fraudulent schemes leveraging cryptocurrency ATMs and Quick Response (QR) codes to complete payment transactions.

Cryptocurrency

Schneier on Security

MARCH 17, 2021

Many who buy cryptocurrencies like Bitcoin and Ethereum don’t bother using the ledger to verify their purchase. But none of this, so far, appears to seriously threaten those in power in governments and corporations. Imagine someone using this idea to evade government censorship. Most Bitcoin mining happens in China.

Cryptocurrency

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. government has used court orders to remotely disinfect systems compromised with malware. Today’s operation is not the first time the U.S.

Hacking

Krebs on Security

JULY 21, 2022

“It’s run by a fraud ring of cryptocurrency scammers who mine dating apps and other social media for victims and the scam is becoming alarmingly popular.” Many of these platforms include extensive study materials and tutorials on cryptocurrency investing. com, a scam cryptocurrency platform tied to a pig butchering scheme.

Scams

Security Affairs

AUGUST 29, 2022

FBI warns investors that crooks are increasingly exploiting security issues in Decentralized Finance (DeFi) platforms to steal cryptocurrency. Threat actors are exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal investors’ cryptocurrency. Follow me on Twitter: @securityaffairs and Facebook.

Cryptocurrency

Krebs on Security

DECEMBER 20, 2018

They accept payment via PayPal, Google Wallet, and/or cryptocurrencies, and subscriptions can range in price from just a few dollars to several hundred per month. ” For one thing, the booter services targeted in this takedown advertised the ability to “resolve” or determine the true Internet address of a target.

DNS

Krebs on Security

JUNE 15, 2021

According to the government, that database contained a large number of credit card numbers and stolen credentials from the Trickbot botnet, as well as information about infected machines available as bots. “Many in the gang not only knew her gender but her name too,” Holden wrote.

Cybercrime

SC Magazine

JUNE 28, 2021

A technician inspects the backside of a cryptocurrency mining farm in Saint Hyacinthe, Quebec. Cryptocurrency is famously anonymous, but evading capture is not the only reason cryptocurrency is the go-to payment solution for ransomware. First, understanding the role of cryptocurrency in ransomware. Would it work?

Cryptocurrency

Schneier on Security

MAY 3, 2019

Pervasive surveillance capitalism­ -- as practiced by the Internet companies that are already spying on everyone -- ­matters. This isn't sustainable, either for this issue or any of the other policy issues surrounding Internet security. We need staff positions throughout the government: executive, legislative, and judiciary branches.

Cybersecurity

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. 9, 2024, U.S. On July 28 and again on Aug.

Social Engineering

Schneier on Security

MARCH 5, 2019

Pervasive surveillance capitalism -- ­as practiced by the Internet companies that are already spying on everyone­ -- matters. This isn't sustainable, either for this issue or any of the other policy issues surrounding Internet security. We need staff positions throughout the government: executive, legislative, and judiciary branches.

Cybersecurity

CSO Magazine

MAY 10, 2023

Security experts and scientists predict that quantum computers will one day be able to break commonly used encryption methods rendering email, secure banking, cryptocurrencies, and communications systems vulnerable to significant cybersecurity threats. To read this article in full, please click here

Government

Krebs on Security

MAY 13, 2024

The government alleges Khoroshev created, sold and used the LockBit ransomware strain to personally extort more than $100 million from hundreds of victim organizations, and that LockBit as a group extorted roughly half a billion dollars over four years. That’s what the government believes. Dmitry Yuryevich Khoroshev.

Cybercrime

Krebs on Security

MAY 9, 2023

They accept payment via PayPal, Google Wallet, and/or cryptocurrencies, and subscriptions can range in price from just a few dollars to several hundred per month. Booter services are advertised through a variety of methods, including Dark Web forums, chat platforms and even youtube.com. org and exoticbooter[.]com

DDOS

Security Boulevard

JUNE 18, 2025

The Iranian government has sharply restricted internet access in the country following almost a week of Israeli airstrikes and a cyberattacks on an Iranian bank and cryptocurrency exchange by a pro-Israeli hacker group called Predatory Sparrow.

Internet

Krebs on Security

DECEMBER 27, 2019

-based Synoptek is a managed service provider that maintains a variety of cloud-based services for more than 1,100 customers across a broad spectrum of industries , including state and local governments, financial services, healthcare, manufacturing, media, retail and software. When the site was first set up on Dec.

Ransomware

Schneier on Security

FEBRUARY 1, 2019

It's obvious in the debates on encryption and vulnerability disclosure, but it's also part of the policy discussions about the Internet of Things, cryptocurrencies, artificial intelligence, social media platforms, and pretty much everything else related to IT. Government Needs You. Government needs technologists at all levels.

Artificial Intelligence

SC Magazine

JUNE 28, 2021

A technician inspects the backside of a cryptocurrency mining farm in Saint Hyacinthe, Quebec. Cryptocurrency is famously anonymous, but evading capture is not the only reason cryptocurrency is the go-to payment solution for ransomware. First, understanding the role of cryptocurrency in ransomware. Would it work?

Cryptocurrency