Lumma infostealer infected about 10 million systems before global disruption
Cybercriminals used the prolific malware to target individuals and businesses, including Fortune 500 companies, according to the FBI.
Advertisement
Showing 10 of 79 results
-
(Photo by STEFANI REYNOLDS/AFP via Getty Images) Cybercrime -
(Scoop News Group graphic) Cybersecurity A house full of open windows: Why telecoms may never purge their networks of Salt Typhoon
Experts tell CyberScoop that the U.S. telecom system is just too technologically fragmented to gather a clear picture of threats, and too big to ever fully eject all espionage efforts.
-
Signage at the headquarters of SAP AG, Germany’s largest software company on January 8, 2013 in Walldorf, Germany. (Photo by Thomas Lohnes/Getty Images) Ransomware SAP cyberattack widens, drawing Salt Typhoon and Volt Typhoon comparisons
Multiple firms are tracking the zero-day attacks on Europe’s top software firm.
-
Students participate in a commemorative march near the Arch of Triumph in Pyongyang on April 25, 2025, to mark the 93rd anniversary of the Korean People’s Revolutionary Army. (Photo by KIM Won Jin / AFP) Geopolitics North Korea’s ‘state-run syndicate’ looks at cyber operations as a survival mechanism
A new report from DTEX Systems is the deepest look at how North Korea’s remote IT workforce schemes are the tip of the iceberg when it comes to its cyber operations.
-
Andriy Onufriyenko, via Getty Images Cybersecurity String of defects in popular Kubernetes component puts 40% of cloud environments at risk
Researchers aren’t aware of active exploitation in the wild, but they warn the risk for publicly exposed and unpatched Ingress Nginx controllers is extremely high.
-
(Getty) Threats Silk Typhoon shifted to specifically targeting IT management companies
The Chinese state-backed espionage group started targeting third-party IT services in late 2024, Microsoft researchers said.
-
Sponsored Sponsored Content Managing the risks of local administrator privileges in a zero-trust world
ThreatLocker CEO Danny Jenkins emphasizes the importance of limiting local administrator privileges. He also advocates for Enterprise Privilege Management (EPM) solutions and effective user communication to balance security with productivity.
-
On Dec. 27, VulnCheck detailed the vulnerability, tracked as CVE-2024-12856, wherein an attacker can leverage default credentials in Four-Faith F3x24 and F3x36 routers to remotely inject commands into the operating system. (Getty Images) Research Thousands of industrial routers vulnerable to command injection flaw
The vulnerability, found in versions of Four-Faith routers, appears to have been exploited in the wild and has been connected to attempted infections of Mirai.
-
(Getty Images) Threats FBI joint operation takes down massive Chinese botnet, Wray says
Flax Typhoon targeted critical infrastructure in the U.S. and abroad, and Black Lotus Labs researchers observed a “large scanning effort” targeting U.S. military and government.
-
OAKLAND, CALIFORNIA – MARCH 20: In an aerial view, pools of water are visible at the East Bay Municipal Utility District Wastewater Treatment Plant on March 20, 2024 in Oakland, California. The Biden administration and the Environmental Protection Agency (EPA) are warning states of possible cyberattacks on water systems after recents attacks including one by the Cyber Av3ngers, a group linked to the Iran’s Islamic Revolutionary Guard Corps, that targeted internet-facing programmable logic controllers at Pennsylvania’s Municipal Water Authority of Aliquippa. (Photo by Justin Sullivan/Getty Images) Government EPA ‘urgently’ needs to step up cybersecurity assistance for the water sector, GAO says
The watchdog said the agency lacks “cybersecurity-related goals, objectives, activities, and performance measures.”