News

Beyond the kill chain: What cybercriminals do with their money (Part 3)

Bys s May 15, 2025

In the third of our five-part series, Sophos X-Ops explores the more legally and ethically dubious business interests of financially motivated threat actors

News

With his criminal trial looming, the hacker known as “DR32” pleaded guilty in federal court
Bys s January 29, 2025

With only two weeks until his trial was scheduled to start, Australian national David Kee Crees informed a federal court in Colorado that he wanted to change his plea to guilty. On January 15, he pleaded guilty to 14 out of 22 counts. Background Crees, a 26 year-old Australian, was known online as Abdilo, DR32,…

Read More With his criminal trial looming, the hacker known as “DR32” pleaded guilty in federal court
News

Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year
Bys s January 7, 2025

It’s time once again to pay our respects to the once-famous cybersecurity solutions whose usefulness died in the past year. The cybercriminal world collectively mourns the loss of these solutions and the easy access they provide to victim organizations. These solutions, though celebrated in their prime, succumbed to the twin forces of time and advancing…

Read More Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year
News

CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog
Bys s June 10, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two critical security flaws impacting Erlang/Open Telecom Platform (OTP) SSH and Roundcube to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below – CVE-2025-32433 (CVSS score: 10.0) – A missing authentication for a critical

Read More CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog
News

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download
Bys s April 18, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-24054 (CVSS score: 6.5), is a Windows New Technology LAN Manager (NTLM) hash disclosure

Read More CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download
News

GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities
Bys s January 27, 2025

A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities. The campaign has been attributed to a threat cluster dubbed GamaCopy, which is assessed to share overlaps with another hacking group named Core Werewolf, also tracked as Awaken Likho and…

Read More GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities
News

2025 NDAA Provides $3 Billion Funding for FCC’s Rip-and-Replace Program
By December 24, 2024

The 2025 National Defense Authorization Act (NDAA) has been signed into law and it authorizes several cyber-related initiatives. The post 2025 NDAA Provides $3 Billion Funding for FCC’s Rip-and-Replace Program appeared first on SecurityWeek.

Read More 2025 NDAA Provides $3 Billion Funding for FCC’s Rip-and-Replace Program

Similar Posts