The FBI says it was authorized to mass-remove “PlugX” malware from more than 4,000 compromised machines in the United States © 2024 TechCrunch. All rights reserved. For personal use only.

Wiz named as a Customers’ Choice for Cloud Native Application Protection Platforms (CNAPP)

A new Interim Final Rule on Artificial Intelligence Diffusion issued in the US strengthens security, streamlines chip sales and prevents misuse of AI technology

Texas Attorney General Ken Paxton has filed a lawsuit against Allstate and its data subsidiary Arity for unlawfully collecting, using, and selling driving data from over 45 million Americans. [...]

2024-12-26 • Weixin • 360 Threat Intelligence Center • win.comebacker Open article on Malpedia

A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. [...]

Tennessee-based Mortgage Investors Group (MIG) did not outline how many customers were impacted by the attack but said they have hired a vendor to identify the affected individuals. The company...

The government of West Haven, a Connecticut city of more than 50,000 people, says it's investigating an incident that forced it to shut down its IT systems recently.

What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place...

​North Korean state-backed hacking groups have stolen over $659 million worth of cryptocurrency in multiple crypto-heists, according to a joint statement issued by the United States, South Korea,...

Fortinet patched a zero day authentication bypass vulnerability in FortiOS and FortiProxy that has been actively exploited in the wild as a zero-day since November 2024.BackgroundOn January 14,...

Browser-based cyber-threats surged in 2024, with credential abuse and infostealers on the rise

The following is the information on Yara and Snort rules (week 3, January 2025) collected and shared by the AhnLab TIP service. 5 YARA Rules Detection name Description Source...

The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the...

Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. "The campaign involved...

Russia-linked threat actors have been attributed to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin's efforts to gather economic and political intelligence in...

In a recent Telegram statement, Roseltorg disclosed that it had been targeted by "an external attempt to destroy data and the entire infrastructure of electronic trading."

Microsoft has released the KB5049981 cumulative update for Windows 10 22H2 and Windows 10 21H2, which contains an updated Kernel driver blocklist to prevent Bring Your Own Vulnerable Driver...

It won’t solve all of your privacy problems, but a virtual private network can make you a less tempting target for hackers.

Today is Microsoft's January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks. [...]

In the world of malware, common ransomware schemes aim to take the data within databases (considered the "gold" in the vault of any organization) and hold them hostage, promising data recovery...

Written by: Josh Triplett Executive Summary Backscatter is a tool developed by the Mandiant FLARE team that aims to automatically extract malware configurations. It relies on static signatures and...

10Critical147Important0Moderate0LowMicrosoft addresses 157 CVEs in the first Patch Tuesday release of 2025 and the largest Patch Tuesday update ever with three CVEs exploited in the wild, and five...

Microsoft has released the Windows 11 KB5050009 and KB5050021 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. [...]

A joint international statement provides the first official confirmation that North Korea was behind the $235M hack of WazirX, India's largest cryptocurrency exchange. © 2024 TechCrunch. All...

The Home Office has proposed a 'targeted ban' on ransom payments following a wave a cyberattacks targeting the UK © 2024 TechCrunch. All rights reserved. For personal use only.

Cybercriminals exploit fake YouTube links to redirect users to phishing pages, stealing login credentials via URI manipulation and…

Verizon Communications, an American telecommunications company, said that it has successfully contained the cyber incident, a fact confirmed... The post Verizon provides update on Salt Typhoon...

We evaluate the features, performance, security, and pricing of Windscribe VPN to help you determine if it's a reliable VPN service for your needs.

The World Economic Forum published Monday its Global Cybersecurity Outlook 2025 report that recognizes escalating geopolitical tensions and... The post WEF Global Cybersecurity Outlook 2025 report...