Closing the Door on Net-NTLMv1: Releasing Rainbow Tables to Accelerate Protocol Deprecation
Written by: Nic Losby Introduction Mandiant is publicly releasing a comprehensive dataset of Net-NTLMv1 rainbow tables to underscore the urgency of migrating away from this outdated protocol. Despite Net-NTLMv1 being deprecated and known to be insecure for over two decades—with
Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’
A prolific cybercriminal group that calls itself "Scattered LAPSUS$ Hunters" made headlines regularly this year by stealing data from and publicly mass extorting dozens of major corporations. But the tables seem to have turned somewhat for "Rey," the moniker chosen by the technic
Drones to Diplomas: How Russia’s Largest Private University is Linked to a $25M Essay Mill
A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious connections to a Kremlin-connected oligarch whose Russian university builds drones for Russia's war against Ukraine.
Most Parked Domains Now Serving Malicious Content
Direct navigation -- the act of visiting a website by manually typing a domain name in a web browser -- has never been riskier: A new study finds the vast majority of "parked" domains -- mostly expired or dormant domain names, or common misspellings of popular websites -- are now
Happy 16th Birthday, KrebsOnSecurity.com!
KrebsOnSecurity.com celebrates its 16th anniversary today! A huge "thank you" to all of our readers -- newcomers, long-timers and drive-by critics alike. Your engagement this past year here has been tremendous and truly a salve on a handful of dark days. Happily, comeuppance was
When the Cloud Rains on Everyone's IoT Parade
What happens to all of those always-connected devices when the cloud goes down? Disruptions to sleep, school, and smart homes, just to name a few issues.
CTO New Year's Resolutions for a More Secure 2026
From securing supply chain defenses and MCPs across AI workflows to formal AI and quantum governance, experts share their wish lists for cyber safety in 2026.
Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats
Cybersecurity experts discuss 2026 predictions, highlighting the rise of AI-driven threats, the shift to resilience over prevention, and the urgent need for advanced security measures to combat evolving risks.
CISOs Face a Tighter Insurance Market in 2026
Insured entities are becoming more sophisticated in their views on how cyber policies fit into their broader risk management plans.
Advisor360 Gets a Handle on Shadow AI via Automation
With employees looking for the benefits of artificial intelligence, a fintech company stepped up controls with automation.
_designer491_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Startup Trends Shaking Up Browsers, SOC Automation, AppSec
These startups reimagined browser security, pioneered application security for AI-generated code, and are building consensus on agentic vs. human costs.
Scattered Lapsus$ Hunters Snared in Cyber Researcher Honeypot
Scattered Lapsus$ Hunters, also known as ShinyHunters, were drawn in using a realistic, yet mostly fake, dataset.