[Krebs on Security] 911 Proxy Service Implodes After Disclosing Breach

Krebs on Security has posted a new item. 911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations. The abrupt closure comes ten… Continue reading [Krebs on Security] 911 Proxy Service Implodes After Disclosing Breach

Published
Categorized as Security

[Krebs on Security] Breach Exposes Users of Microleaves Proxy Service

Krebs on Security has posted a new item. Microleaves, a ten-year-old proxy service that lets customers route their web traffic through millions of Microsoft Windows computers, exposed their entire user database and the location of tens of millions of PCs running the proxy software. Microleaves claims its proxy software is installed with user consent. But… Continue reading [Krebs on Security] Breach Exposes Users of Microleaves Proxy Service

Published
Categorized as Security

[Krebs on Security] A Retrospective on the 2015 Ashley Madison Breach

Krebs on Security has posted a new item. It’s been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. The leak led to the public shaming and extortion of many AshleyMadison users, and to at least two suicides. To date, little is publicly known about… Continue reading [Krebs on Security] A Retrospective on the 2015 Ashley Madison Breach

Published
Categorized as Security

[Krebs on Security] Massive Losses Define Epidemic of ‘Pig Butchering’

Krebs on Security has posted a new item. U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of dollars in connection with a complex investment scam known as “pig butchering,” wherein people are lured by flirtatious strangers online into investing in cryptocurrency trading platforms that… Continue reading [Krebs on Security] Massive Losses Define Epidemic of ‘Pig Butchering’

Published
Categorized as Security

[Krebs on Security] A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security has posted a new item. For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route malicious traffic through PCs in virtually any country or city around the globe — but predominantly in the United States.… Continue reading [Krebs on Security] A Deep Dive Into the Residential Proxy Service ‘911’

Published
Categorized as Security

[Krebs on Security] Why 8kun Went Offline During the January 6 Hearings

Krebs on Security has posted a new item. The latest Jan. 6 committee hearing on Tuesday examined the role of conspiracy theory communities like 8kun[.]top and TheDonald[.]win in helping to organize and galvanize supporters who responded to former President Trump’s invitation to “be wild” in Washington, D.C. on that chaotic day. At the same time… Continue reading [Krebs on Security] Why 8kun Went Offline During the January 6 Hearings

Published
Categorized as Security

[Krebs on Security] Microsoft Patch Tuesday, July 2022 Edition

Krebs on Security has posted a new item. Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft warns is actively being exploited. The software giant also has made a controversial decision to put the… Continue reading [Krebs on Security] Microsoft Patch Tuesday, July 2022 Edition

Published
Categorized as Security

[Krebs on Security] Experian, You Have Some Explaining to Do

Krebs on Security has posted a new item. Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts.… Continue reading [Krebs on Security] Experian, You Have Some Explaining to Do

Published
Categorized as Security

[Krebs on Security] The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security has posted a new item. On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy — a 14-year-old anonymity service that rents hacked PCs… Continue reading [Krebs on Security] The Link Between AWM Proxy & the Glupteba Botnet

Published
Categorized as Security

[Krebs on Security] Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security has posted a new item. Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the “RSOCKS” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. While the… Continue reading [Krebs on Security] Meet the Administrators of the RSOCKS Proxy Botnet

Published
Categorized as Security

[Krebs on Security] Why Paper Receipts are Money at the Drive-Thru

Krebs on Security has posted a new item. Check out the handmade sign posted to the front door of a shuttered Jimmy John’s sandwich chain shop in Missouri last week. See if you can tell from the store owner’s message what happened. krebsonsecurity.com/2022/06/why-paper-receipts-are-money-at-the-drive-thru/ Please use the link above to continue reading this posting. * *… Continue reading [Krebs on Security] Why Paper Receipts are Money at the Drive-Thru

Published
Categorized as Security

[Krebs on Security] Microsoft Patch Tuesday, June 2022 Edition

Krebs on Security has posted a new item. Microsoft on Tuesday released software updates to fix 60 security vulnerabilities in its Windows operating systems and other software, including a zero-day flaw in all supported Microsoft Office versions on all flavors of Windows that’s seen active exploitation for at least two months now. On a lighter… Continue reading [Krebs on Security] Microsoft Patch Tuesday, June 2022 Edition

Published
Categorized as Security

[Krebs on Security] Ransomware Group Debuts Searchable Victim Data

Krebs on Security has posted a new item. Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim… Continue reading [Krebs on Security] Ransomware Group Debuts Searchable Victim Data

Published
Categorized as Security

[Krebs on Security] "Downthem" DDoS-for-Hire Boss Gets 2 Years in Prison

Krebs on Security has posted a new item. A 33-year-old Illinois man was sentenced to two years in prison today following his conviction last year for operating services that allowed paying customers to launch powerful distributed denial-of-service (DDoS) attacks against hundreds of thousands of Internet users and websites. krebsonsecurity.com/2022/06/downthem-ddos-for-hire-boss-gets-2-years-in-prison/ Please use the link above to… Continue reading [Krebs on Security] "Downthem" DDoS-for-Hire Boss Gets 2 Years in Prison

Published
Categorized as Security

[Krebs on Security] Adconion Execs Plead Guilty in Federal Anti-Spam Case

Krebs on Security has posted a new item. On the eve of their federal criminal trial for allegedly stealing vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct have agreed to plead guilty to lesser misdemeanor charges of fraud and misrepresentation… Continue reading [Krebs on Security] Adconion Execs Plead Guilty in Federal Anti-Spam Case

Published
Categorized as Security

[Krebs on Security] KrebsOnSecurity in New Netflix Series on Cybercrime

Krebs on Security has posted a new item. Netflix has a new documentary series airing next week — “Web of Make Believe: Death, Lies & the Internet” — in which Yours Truly apparently has a decent amount of screen time. The debut episode explores the far-too-common harassment tactic of “swatting” — wherein fake bomb threats… Continue reading [Krebs on Security] KrebsOnSecurity in New Netflix Series on Cybercrime

Published
Categorized as Security

[Krebs on Security] What Counts as "Good Faith Security Research?"

Krebs on Security has posted a new item. The U.S. Department of Justice (DOJ) recently revised its policy on charging violations of the Computer Fraud and Abuse Act (CFAA), a 1986 law that remains the primary statute by which federal prosecutors pursue cybercrime cases. The new guidelines state that prosecutors should avoid charging security researchers… Continue reading [Krebs on Security] What Counts as "Good Faith Security Research?"

Published
Categorized as Security

[Krebs on Security] Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Krebs on Security has posted a new item. Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware… Continue reading [Krebs on Security] Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Published
Categorized as Security

[Krebs on Security] Senators Urge FTC to Probe ID.me Over Selfie Data

Krebs on Security has posted a new item. Some of more tech-savvy Democrats in the U.S. Senate are asking the Federal Trade Commission (FTC) to investigate identity-proofing company ID.me for “deceptive statements” the company and its founder allegedly made over how they handle facial recognition data collected on behalf of the Internal Revenue Service, which… Continue reading [Krebs on Security] Senators Urge FTC to Probe ID.me Over Selfie Data

Published
Categorized as Security

[Krebs on Security] When Your Smart ID Card Reader Comes With Malware

Krebs on Security has posted a new item. Millions of U.S. government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder’s appropriate security level. But many government employees aren’t issued an approved… Continue reading [Krebs on Security] When Your Smart ID Card Reader Comes With Malware

Published
Categorized as Security

[Krebs on Security] DEA Investigating Breach of Law Enforcement Data Portal

Krebs on Security has posted a new item. The U.S. Drug Enforcement Administration (DEA) says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases. KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates… Continue reading [Krebs on Security] DEA Investigating Breach of Law Enforcement Data Portal

Published
Categorized as Security

[Krebs on Security] Microsoft Patch Tuesday, May 2022 Edition

Krebs on Security has posted a new item. Microsoft today released updates to fix at least 74 separate security problems in its Windows operating systems and related software. This month’s patch batch includes fixes for seven “critical” flaws, as well as a zero-day vulnerability that affects all supported versions of Windows. krebsonsecurity.com/2022/05/microsoft-patch-tuesday-may-2022-edition/ Please use the… Continue reading [Krebs on Security] Microsoft Patch Tuesday, May 2022 Edition

Published
Categorized as Security

[Krebs on Security] Your Phone May Soon Replace Many of Your Passwords

Krebs on Security has posted a new item. Apple, Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. Experts say the changes should help defeat many types of phishing… Continue reading [Krebs on Security] Your Phone May Soon Replace Many of Your Passwords

Published
Categorized as Security

[Krebs on Security] Russia to Rent Tech-Savvy Prisoners to Corporate IT?

Krebs on Security has posted a new item. Faced with a brain drain of smart people fleeing the country following its invasion of Ukraine, the Russian Federation is floating a new strategy to address a worsening shortage of qualified information technology experts: Forcing tech-savvy people within the nation’s prison population to perform low-cost IT work… Continue reading [Krebs on Security] Russia to Rent Tech-Savvy Prisoners to Corporate IT?

Published
Categorized as Security

[Krebs on Security] You Can Now Ask Google to Remove Your Phone Number, Email or Address from Search Results

Krebs on Security has posted a new item. Google said this week it is expanding the types of data people can ask to have removed from search results, to include personal contact information like your phone number, email address or physical address. The move comes just months after Google rolled out a new policy enabling… Continue reading [Krebs on Security] You Can Now Ask Google to Remove Your Phone Number, Email or Address from Search Results

Published
Categorized as Security

[Krebs on Security] Fighting Fake EDRs With ‘Credit Ratings’ for Police

Krebs on Security has posted a new item. When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former… Continue reading [Krebs on Security] Fighting Fake EDRs With ‘Credit Ratings’ for Police

Published
Categorized as Security

[Krebs on Security] Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

Krebs on Security has posted a new item. KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a… Continue reading [Krebs on Security] Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

Published
Categorized as Security

[Krebs on Security] Conti’s Ransomware Toll on the Healthcare Industry

Krebs on Security has posted a new item. Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than… Continue reading [Krebs on Security] Conti’s Ransomware Toll on the Healthcare Industry

Published
Categorized as Security

[Krebs on Security] Microsoft Patch Tuesday, April 2022 Edition

Krebs on Security has posted a new item. Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, according to a report from the U.S. National Security… Continue reading [Krebs on Security] Microsoft Patch Tuesday, April 2022 Edition

Published
Categorized as Security

[Krebs on Security] RaidForums Get Raided, Alleged Admin Arrested

Krebs on Security has posted a new item. The U.S. Department of Justice (DOJ) said today it seized the website and user database for RaidForums, an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015. The DOJ also… Continue reading [Krebs on Security] RaidForums Get Raided, Alleged Admin Arrested

Published
Categorized as Security

[Krebs on Security] Double-Your-Crypto Scams Share Crypto Scam Host

Krebs on Security has posted a new item. Online scams that try to separate the unwary from their cryptocurrency are a dime a dozen, but a great many seemingly disparate crypto scam websites tend to rely on the same dodgy infrastructure providers to remain online in the face of massive fraud and abuse complaints from… Continue reading [Krebs on Security] Double-Your-Crypto Scams Share Crypto Scam Host

Published
Categorized as Security

[Krebs on Security] Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security has posted a new item. The U.S. Federal Bureau of Investigation (FBI) says it has disrupted a giant botnet built and operated by a Russian government intelligence unit known for launching destructive cyberattacks against energy infrastructure in the United States and Ukraine. Separately, law enforcement agencies in the U.S. and Germany moved… Continue reading [Krebs on Security] Actions Target Russian Govt. Botnet, Hydra Dark Market

Published
Categorized as Security

[Krebs on Security] The Original APT: Advanced Persistent Teenagers

Krebs on Security has posted a new item. Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to… Continue reading [Krebs on Security] The Original APT: Advanced Persistent Teenagers

Published
Categorized as Security

[Krebs on Security] Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Krebs on Security has posted a new item. On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S. Senate’s most tech-savvy lawmakers said he was troubled by the report and is… Continue reading [Krebs on Security] Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Published
Categorized as Security

[Krebs on Security] Hackers Gaining Power of Subpoena Via Fake "Emergency Data Requests"

Krebs on Security has posted a new item. There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized… Continue reading [Krebs on Security] Hackers Gaining Power of Subpoena Via Fake "Emergency Data Requests"

Published
Categorized as Security

[Krebs on Security] Estonian Tied to 13 Ransomware Attacks Gets 66 Months in Prison

Krebs on Security has posted a new item. An Estonian man was sentenced today to more than five years in a U.S. prison for his role in at least 13 ransomware attacks that caused losses of approximately $53 million. Prosecutors say the accused also enjoyed a lengthy career of “cashing out” access to hacked bank… Continue reading [Krebs on Security] Estonian Tied to 13 Ransomware Attacks Gets 66 Months in Prison

Published
Categorized as Security

[Krebs on Security] A Closer Look at the LAPSUS$ Data Extortion Group

Krebs on Security has posted a new item. Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand is paid. Here’s a closer look at LAPSUS$, and some of… Continue reading [Krebs on Security] A Closer Look at the LAPSUS$ Data Extortion Group

Published
Categorized as Security

[Krebs on Security] ‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Krebs on Security has posted a new item. Pavel Vrublevsky, founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book “Spam Nation,” was arrested in Moscow this month and charged with fraud. Russian authorities allege Vrublevsky operated several fraudulent SMS-based payment schemes, and facilitated money laundering for Hydra, the largest… Continue reading [Krebs on Security] ‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Published
Categorized as Security

[Krebs on Security] Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

Krebs on Security has posted a new item. Researchers are tracking a number of open-source “protestware” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase… Continue reading [Krebs on Security] Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

Published
Categorized as Security

[Krebs on Security] Lawmakers Probe Early Release of Top RU Cybercrook

Krebs on Security has posted a new item. Aleksei Burkov, a cybercriminal who long operated two of Russia’s most exclusive underground hacking forums, was arrested in 2015 by Israeli authorities. The Russian government fought Burkov’s extradition to the U.S. for four years — even arresting and jailing an Israeli woman to force a prisoner swap.… Continue reading [Krebs on Security] Lawmakers Probe Early Release of Top RU Cybercrook

Published
Categorized as Security

[Krebs on Security] Report: Recent 10x Increase in Cyberattacks on Ukraine

Krebs on Security has posted a new item. As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians. krebsonsecurity.com/2022/03/report-recent-10x-increase-in-cyberattacks-on-ukraine/ Please use the link… Continue reading [Krebs on Security] Report: Recent 10x Increase in Cyberattacks on Ukraine

Published
Categorized as Security

[Krebs on Security] Microsoft Patch Tuesday, March 2022 Edition

Krebs on Security has posted a new item. Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users (that we know of), and relatively few “critical” fixes. And yet… Continue reading [Krebs on Security] Microsoft Patch Tuesday, March 2022 Edition

Published
Categorized as Security

[Krebs on Security] Internet Backbone Giant Lumen Shuns .RU

Krebs on Security has posted a new item. Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the world’s Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumen’s decision comes just days after a similar exit by backbone provider… Continue reading [Krebs on Security] Internet Backbone Giant Lumen Shuns .RU

Published
Categorized as Security

[Krebs on Security] Conti Ransomware Group Diaries, Part IV: Cryptocrime

Krebs on Security has posted a new item. Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages revealed how Conti evaded law enforcement and intelligence agencies, what it was like on a typical… Continue reading [Krebs on Security] Conti Ransomware Group Diaries, Part IV: Cryptocrime

Published
Categorized as Security

[Krebs on Security] Conti Ransomware Group Diaries, Part III: Weaponry

Krebs on Security has posted a new item. Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it’s like to be an employee of Conti’s sprawling organization. Today’s Part III looks at how Conti abused… Continue reading [Krebs on Security] Conti Ransomware Group Diaries, Part III: Weaponry

Published
Categorized as Security

[Krebs on Security] Conti Ransomware Group Diaries, Part II: The Office

Krebs on Security has posted a new item. Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday’s story examined how Conti dealt with its own internal breaches and attacks from private security firms… Continue reading [Krebs on Security] Conti Ransomware Group Diaries, Part II: The Office

Published
Categorized as Security

[Krebs on Security] Conti Ransomware Group Diaries, Part I: Evasion

Krebs on Security has posted a new item. A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer… Continue reading [Krebs on Security] Conti Ransomware Group Diaries, Part I: Evasion

Published
Categorized as Security

[Krebs on Security] Russia Sanctions May Spark Escalating Cyber Conflict

Krebs on Security has posted a new item. President Biden joined European leaders this week in enacting economic sanctions against Russia in response its military invasion of Ukraine. The West has promised tougher sanctions are coming, but experts warn these will almost certainly trigger a Russian retaliation against America and its allies, which could escalate… Continue reading [Krebs on Security] Russia Sanctions May Spark Escalating Cyber Conflict

Published
Categorized as Security

[Krebs on Security] IRS: Selfies Now Optional, Biometric Data to Be Deleted

Krebs on Security has posted a new item. The U.S. Internal Revenue Service (IRS) said Monday that taxpayers are no longer required to provide facial scans to create an account online at irs.gov. In lieu of providing biometric data, taxpayers can now opt for a live video interview with ID.me, the privately-held Virginia company that… Continue reading [Krebs on Security] IRS: Selfies Now Optional, Biometric Data to Be Deleted

[Krebs on Security] Report: Missouri Governor’s Office Responsible for Teacher Data Leak

Krebs on Security has posted a new item. Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more than 100,000 teachers. But Missouri prosecutors now say they will not pursue charges following revelations that… Continue reading [Krebs on Security] Report: Missouri Governor’s Office Responsible for Teacher Data Leak

[Krebs on Security] Red Cross Hack Linked to Iranian Influence Operation?

Krebs on Security has posted a new item. A network intrusion at the International Committee for the Red Cross (ICRC) in January led to the theft of personal information on more than 500,000 people receiving assistance from the group. KrebsOnSecurity has learned that the email address used by a cybercriminal actor who offered to sell… Continue reading [Krebs on Security] Red Cross Hack Linked to Iranian Influence Operation?

Published
Categorized as Security

[Krebs on Security] Wazawaka Goes Waka Waka

Krebs on Security has posted a new item. In January, KrebsOnSecurity examined clues left behind by “Wazawaka,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since “lost his mind” according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private… Continue reading [Krebs on Security] Wazawaka Goes Waka Waka

Published
Categorized as Security

[Krebs on Security] Russian Govt. Continues Carding Shop Crackdown

Krebs on Security has posted a new item. Russian authorities have arrested six men accused of operating some of the most active online bazaars for selling stolen payment card data. The crackdown — the second closure of major card fraud shops by Russian authorities in as many weeks — comes closely behind Russia’s arrest of… Continue reading [Krebs on Security] Russian Govt. Continues Carding Shop Crackdown

Published
Categorized as Security

[Krebs on Security] Microsoft Patch Tuesday, February 2022 Edition

Krebs on Security has posted a new item. Microsoft today released software updates to plug security holes in its Windows operating systems and related software. This month’s relatively light patch batch is refreshingly bereft of any zero-day threats, or even scary critical vulnerabilities. But it does fix four dozen flaws, including several that Microsoft says… Continue reading [Krebs on Security] Microsoft Patch Tuesday, February 2022 Edition

Published
Categorized as Security

[Krebs on Security] IRS To Ditch Biometric Requirement for Online Access

Krebs on Security has posted a new item. The Internal Revenue Service (IRS) said today it will be transitioning away from requiring biometric data from taxpayers who wish to access their records at the agency’s website. The reversal comes as privacy experts and lawmakers have been pushing the IRS and other federal agencies to find… Continue reading [Krebs on Security] IRS To Ditch Biometric Requirement for Online Access

Published
Categorized as Security

[Krebs on Security] How Phishers Are Slinking Their Links Into LinkedIn

Krebs on Security has posted a new item. If you received a link to LinkedIn.com via email, SMS or instant message, would you click it? Spammers, phishers and other ne’er-do-wells are hoping you will, because they’ve long taken advantage of a marketing feature on the business networking site which lets them create a LinkedIn.com link… Continue reading [Krebs on Security] How Phishers Are Slinking Their Links Into LinkedIn

Published
Categorized as Security

[Krebs on Security] Fake Investor John Bernard Sinks Norwegian Green Shipping Dreams

Krebs on Security has posted a new item. Several articles here have delved into the history of John Bernard, the pseudonym used by a fake billionaire technology investor who’s tricked dozens of start-ups into giving him tens of millions of dollars. Bernard’s latest victim — a Norwegian startup hoping to build a fleet of environmentally… Continue reading [Krebs on Security] Fake Investor John Bernard Sinks Norwegian Green Shipping Dreams

Published
Categorized as Security

[Krebs on Security] Who Wrote the ALPHV/BlackCat Ransomware Strain?

Krebs on Security has posted a new item. In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat”), considered to be the first professional cybercrime group to create and use a ransomware strain in the Rust programming language. In this post, we’ll explore some of the clues left behind by the developer who… Continue reading [Krebs on Security] Who Wrote the ALPHV/BlackCat Ransomware Strain?

Published
Categorized as Security

[Krebs on Security] Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security has posted a new item. What’s worse than finding out that identity thieves took out a 546 percent interest payday loan in your name? How about a 900 percent interest loan? Or how about not learning of the fraudulent loan until it gets handed off to collection agents? One reader’s nightmare experience… Continue reading [Krebs on Security] Scary Fraud Ensues When ID Theft & Usury Collide

Published
Categorized as Security