-
Volcano Demon ransomware group rings its victims to extort money
Security researchers have warned that a new ransomware group has taken an unusual twist on the traditional method of extorting money from its corporate victims. Read more in my article on the Tripwire State of Security blog. Read More
-
Over $1bn in Cryptocurrency Lost to Web3 Cyber Incidents in 2024
Certik observed the loss of $1.1bn worth of cryptocurrency across Web3 platforms in the first half of 2024, with phishing the most common vector Read More
-
Gamers’ Data Exposed in RPG Platform Roll20 Breach
Roll20 confirmed its administrative website account was accessed by a “bad actor,” leaving its users’ personal information exposed Read More
-
New Ransomware Group Phones Execs to Extort Payment
Researchers claim the Volcano Demon ransomware group personally phone victims to pressure them into paying Read More
-
UK’s NCA Leads Major Cobalt Strike Takedown
Global law enforcers have share intelligence leading to the takedown of hundreds of IP addresses hosting Cobalt Strike Read More
-
Smashing Security podcast #379: Private nights, evil twins, and crypto home invasions
Apps can let you spy on strangers in bars, a gang of cryptocurrency thieves turns to kidnap and assault, and have you joined the mile-high evil twin club? All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this…
-
The Not-So-Secret Network Access Broker x999xx
Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain old-school Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring out who they are in real life. A case study in this phenomenon is “x999xx,”…
-
WordPress Plugins at Risk From Polyfill Library Compromise
The attack exploits the polyfill.io domain, which was recently acquired by Funnull, a China-based entity Read More
-
Microsoft Uncovers Major Flaws in Rockwell PanelView Plus
The vulnerabilities stem from manipulable custom classes in PanelView Plus Read More
-
New Open SSH Vulnerability
It’s a serious one: The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents a significant security risk. This race condition affects sshd in its default configuration. […] This vulnerability, if exploited, could lead to full system compromise…