A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices. [...]
Eleven11bot infects webcams and video recorders, with a large concentration in the US.
Microsoft Threat Intelligence exposes a malvertising campaign exploiting GitHub, Discord, and Dropbox. Discover the multi-stage attack chain, the…
From DeepSeek adoption to impact on security and governance.
A Memphis man was arrested and charged with stealing DVDs and Blu-ray discs of unreleased movies and sharing ripped digital copies online before their release. [...]
AI-driven cyberattacks are rapidly escalating, with a vast majority of security professionals reporting encounters and anticipating a surge, while struggling with detection
Abuse of Active Directory Certificate Services (AD CS) has become a staple of our internal network assessment methodology. In fact, I can’t recall an internal I’ve done in the past two or more...
Safe{Wallet} has revealed that the cybersecurity incident that led to the Bybit $1.5 billion crypto heist is a "highly sophisticated, state-sponsored attack," stating the North Korean threat...
We identified multiple vulnerabilities in ICONICS Suite, SCADA software used in numerous OT applications. This article offers a technical analysis of our findings. The post Multiple...
2025-02-27 • SC Media • SC Staff Open article on Malpedia
2025-02-28 • Palo Alto Networks Unit 42 • Margaret Kelley Open article on Malpedia
The administrators of the Russian Garantex crypto-exchange have been charged in the United States with facilitating money laundering for criminal organizations and violating sanctions. [...]
2025-02-27 • AhnLab • ASEC Open article on Malpedia
The FBI is warning that scammers are impersonating the BianLian ransomware gang using fake ransom notes sent to U.S. corporate executives. The fake ransom notes, first reported by U.S....
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. "The attacker has exploited the vulnerability...
The Federal Bureau of Investigation (FBI) has alerted businesses about a disturbing new data extortion scam targeting corporate executives. The scheme, which is being orchestrated by criminals...
Symantec found that Medusa has listed almost 400 victims on its data leaks site since early 2023, demanding ransom payments as high as $15m
Check out best practices for shoring up data security and reducing cyber risk. Plus, get tips on how to improve job satisfaction among tech staff. Meanwhile, find out why Congress wants federal...
Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident. [...]
The U.S. National Institute of Standards and Technology (NIST) released an initial public draft of a Cybersecurity White... The post NIST releases draft cybersecurity white paper on crypto...
Recent findings from Symantec indicate a significant rise in Medusa ransomware activity, which is reportedly being operated as... The post Symantec reports Medusa ransomware surges 42%, as...
The U.S. House Committee on Homeland Security held a full committee hearing on Wednesday to examine threats posed... The post US House Committee warns of homeland security threats from CCP...
Elastic has released a critical security update to address a vulnerability in Kibana, a widely used data visualization and analysis tool for Elasticsearch. This Kibana vulnerability, identified as...
Microsoft says a North Korean hacking group tracked as Moonstone Sleet has deployed Qilin ransomware payloads in a limited number of attacks. [...]
On this week's episode,we explore some updates to familiar AI tools like Suno, some new models like Wan2.0, and talk about Perry's upcoming Offensive Cyber Deception class this summer! Perry...
In an alert on Thursday, the FBI said scammers are mailing letters to corporate executives claiming that they stole sensitive data and will publish it unless a demand is paid in Bitcoin.
At 49, Branden Spikes isn't just one of the oldest technologists who has been involved in Elon Musk's Department of Government Efficiency (DOGE). As the current director of information technology...
Wherever you are - airport, hotel, doctor's office - this top-rated password manager can now surface the passwords most relevant to your location.
Microcode is code that runs during instruction execution. Much of this is in hardware, but some is small RISC instructions stored in some small storage on the chip itself. This makes bugs in the...
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-03-07, 2 days ago. The vendor is given until...