Tag: Krebs on Security

This article has been indexed from Krebs on Security Faced with a brain drain of smart people fleeing the country following its invasion of Ukraine, the Russian Federation is floating a new strategy to address a worsening shortage of qualified…

Read more →

This article has been indexed from Krebs on Security Google said this week it is expanding the types of data people can ask to have removed from search results, to include personal contact information like your phone number, email address…

Read more →

This article has been indexed from Krebs on Security When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security…

Read more →

This article has been indexed from Krebs on Security KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last…

Read more →

This article has been indexed from Krebs on Security Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware…

Read more →

This article has been indexed from Krebs on Security On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one…

Read more →

This article has been indexed from Krebs on Security There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves…

Read more →

This article has been indexed from Krebs on Security An Estonian man was sentenced today to more than five years in a U.S. prison for his role in at least 13 ransomware attacks that caused losses of approximately $53 million.…

Read more →

This article has been indexed from Krebs on Security Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the…

Read more →

This article has been indexed from Krebs on Security Pavel Vrublevsky, founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book “Spam Nation,” was arrested in Moscow this month and charged with fraud. Russian authorities…

Read more →

This article has been indexed from Krebs on Security Pavel Vrublevsky, founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book “Spam Nation,” was arrested in Moscow this month and charged with fraud. Russian authorities…

Read more →

This article has been indexed from Krebs on Security Researchers are tracking a number of open-source “protestware” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage…

Read more →

This article has been indexed from Krebs on Security Aleksei Burkov, a cybercriminal who long operated two of Russia’s most exclusive underground hacking forums, was arrested in 2015 by Israeli authorities. The Russian government fought Burkov’s extradition to the U.S.…

Read more →

This article has been indexed from Krebs on Security As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten…

Read more →

This article has been indexed from Krebs on Security Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day…

Read more →

This article has been indexed from Krebs on Security Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the world’s Internet traffic, said today it will stop routing traffic for…

Read more →

This article has been indexed from Krebs on Security Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages…

Read more →

This article has been indexed from Krebs on Security Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it’s like…

Read more →

This article has been indexed from Krebs on Security Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday’s…

Read more →

This article has been indexed from Krebs on Security A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying…

Read more →

This article has been indexed from Krebs on Security President Biden joined European leaders this week in enacting economic sanctions against Russia in response its military invasion of Ukraine. The West has promised tougher sanctions are coming, but experts warn…

Read more →

This article has been indexed from Krebs on Security The U.S. Internal Revenue Service (IRS) said Monday that taxpayers are no longer required to provide facial scans to create an account online at irs.gov. In lieu of providing biometric data,…

Read more →

This article has been indexed from Krebs on Security Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more…

Read more →

This article has been indexed from Krebs on Security A network intrusion at the International Committee for the Red Cross (ICRC) in January led to the theft of personal information on more than 500,000 people receiving assistance from the group.…

Read more →

This article has been indexed from Krebs on Security In January, KrebsOnSecurity examined clues left behind by “Wazawaka,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since “lost his mind” according to…

Read more →

This article has been indexed from Krebs on Security Russian authorities have arrested six men accused of operating some of the most active online bazaars for selling stolen payment card data. The crackdown — the second closure of major card…

Read more →

This article has been indexed from Krebs on Security Microsoft today released software updates to plug security holes in its Windows operating systems and related software. This month’s relatively light patch batch is refreshingly bereft of any zero-day threats, or…

Read more →

This article has been indexed from Krebs on Security The Internal Revenue Service (IRS) said today it will be transitioning away from requiring biometric data from taxpayers who wish to access their records at the agency’s website. The reversal comes…

Read more →

This article has been indexed from Krebs on Security If you received a link to LinkedIn.com via email, SMS or instant message, would you click it? Spammers, phishers and other ne’er-do-wells are hoping you will, because they’ve long taken advantage…

Read more →

This article has been indexed from Krebs on Security Several articles here have delved into the history of John Bernard, the pseudonym used by a fake billionaire technology investor who’s tricked dozens of start-ups into giving him tens of millions…

Read more →

This article has been indexed from Krebs on Security In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat”), considered to be the first professional cybercrime group to create and use a ransomware strain in the Rust programming…

Read more →

This article has been indexed from Krebs on Security What’s worse than finding out that identity thieves took out a 546 percent interest payday loan in your name? How about a 900 percent interest loan? Or how about not learning…

Read more →

This article has been indexed from Krebs on Security Up for the “Most Meta Cybercrime Offering” award this year is Accountz Club, a new cybercrime store that sells access to purloined accounts at services built for cybercriminals, including shops peddling…

Read more →

This article has been indexed from Krebs on Security If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says…

Read more →

This article has been indexed from Krebs on Security The Russian government said today it arrested 14 people accused of working for “REvil,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The…

Read more →

This article has been indexed from Krebs on Security In a great many ransomware attacks, the criminals who pillage the victim’s network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected…

Read more →

This article has been indexed from Krebs on Security In a great many ransomware attacks, the criminals who pillage the victim’s network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected…

Read more →

This article has been indexed from Krebs on Security Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring…

Read more →

This article has been indexed from Krebs on Security Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. But Norton 360 isn’t…

Read more →

This article has been indexed from Krebs on Security Norton 360, one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. Norton’s parent firm says the cloud-based service that…

Read more →

This article has been indexed from Krebs on Security KrebsOnSecurity.com celebrates its 12th anniversary today! Maybe “celebrate” is too indelicate a word for a year wracked by the global pandemics of COVID-19 and ransomware. Especially since stories about both have…

Read more →

This article has been indexed from Krebs on Security A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud.…

Read more →

This article has been indexed from Krebs on Security Microsoft, Adobe, and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that that is already being actively exploited. But…

Read more →

This article has been indexed from Krebs on Security The accounting firm PricewatersCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two…

Read more →

This article has been indexed from Krebs on Security A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Canadian…

Read more →

This article has been indexed from Krebs on Security Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in stealing remote access…

Read more →

This article has been indexed from Krebs on Security In January 2021, technology vendor Ubiquiti Inc. [NYSE:UI] disclosed that a breach at a third party cloud provider had exposed customer account credentials. In March, a Ubiquiti employee warned that the…

Read more →

This article has been indexed from Krebs on Security Imagine being able to disconnect or redirect Internet traffic destined for some of the world’s largest companies — just by spoofing an email. This is the nature of a threat vector…

Read more →

This article has been indexed from Krebs on Security In August, KrebsOnSecurity warned that scammers were contacting people and asking them to unleash ransomware inside their employer’s network, in exchange for a percentage of any ransom amount paid by the…

Read more →

This article has been indexed from Krebs on Security One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle, a “peer-to-peer” (P2P) payment service used by many financial institutions that…

Read more →

This article has been indexed from Krebs on Security The CEO of a South Carolina technology firm has pleaded guilty to 20 counts of wire fraud in connection with an elaborate network of phony companies set up to obtain more…

Read more →

This article has been indexed from Krebs on Security The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to…

Read more →

This article has been indexed from Krebs on Security Most of us have probably heard the term “smishing” — which is a portmanteau for traditional phishing scams sent through SMS text messages. Smishing messages usually include a link to a…

Read more →

This article has been indexed from Krebs on Security Microsoft Corp. today released updates to quash at least 55 security bugs in its Windows operating systems and other software. Two of the patches address vulnerabilities that are already being used…

Read more →

This article has been indexed from Krebs on Security The U.S. Department of Justice said today it arrested a Ukrainian man who deployed ransomware on behalf of the REvil ransomware gang, a Russian cybercriminal collective that has extorted hundreds of…

Read more →

This article has been indexed from Krebs on Security The holiday shopping season always means big business for phishers, who tend to find increased success this time of year with a time-honored lure about a wayward package that needs redelivery.…

Read more →

This article has been indexed from Krebs on Security A number of publications in September warned about the emergence of “Groove,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It…

Read more →

This article has been indexed from Krebs on Security Virtually all compilers — programs that transform human-readable source code into computer-executable machine code — are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any…

Read more →

This article has been indexed from Krebs on Security In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the order information for all of their online customers. This week, Signet…

Read more →

This article has been indexed from Krebs on Security U.S. federal investigators today raided the U.S. offices of PAX Technology, a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. KrebsOnSecurity has learned the raid is…

Read more →

This article has been indexed from Krebs on Security The Conti ransomware affiliate program appears to have altered its business plan recently. Organizations infected with Conti’s malware who refuse to negotiate a ransom payment are added to Conti’s victim shaming…

Read more →

This article has been indexed from Krebs on Security On Wednesday, the St. Louis Post-Dispatch ran a story about how its staff discovered and reported a security vulnerability in a Missouri state education website that exposed the Social Security numbers…

Read more →

This article has been indexed from Krebs on Security A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phishers are attempting to…

Read more →

This article has been indexed from Krebs on Security Microsoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including one vulnerability that is already being exploited in active attacks. This…

Read more →

This article has been indexed from Krebs on Security Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages. We don’t yet know why this happened, but the how is clear: Earlier this morning, something inside…

Read more →

This article has been indexed from Krebs on Security The U.S. Federal Communications Commission (FCC) is asking for feedback on new proposed rules to crack down on SIM swapping and number port-out fraud, increasingly prevalent scams in which identity thieves…

Read more →

This article has been indexed from Krebs on Security In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. That…

Read more →

This article has been indexed from Krebs on Security The new $30 Airtag tracking device from Apple has a feature that allows anyone who finds one of these tiny location beacons to scan it with a mobile phone and discover…

Read more →

This article has been indexed from Krebs on Security The new $30 Airtag tracking device from Apple has a feature that allows anyone who finds one of these tiny location beacons to scan it with a mobile phone and discover…

Read more →

This article has been indexed from Krebs on Security In October 2016, media outlets reported that data collected by some of the world’s most renowned cybersecurity experts had identified frequent and unexplained communications between an email server used by the…

Read more →

This article has been indexed from Krebs on Security It happens all the time: Organizations get hacked because there isn’t an obvious way for security researchers to let them know about security vulnerabilities or data leaks. Or maybe it isn’t…

Read more →

This article has been indexed from Krebs on Security A jury in California today reached a guilty verdict in the trial of Matthew Gatrel, a St. Charles, Ill. man charged in 2018 with operating two online services that allowed paying…

Read more →

This article has been indexed from Krebs on Security TTEC, [NASDAQ: TTEC], a company used by some of the world’s largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a…

Read more →

This article has been indexed from Krebs on Security TTEC, [NASDAQ: TTEC], a company used by some of the world’s largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a…

Read more →

This article has been indexed from Krebs on Security Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued…

Read more →

This article has been indexed from Krebs on Security On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. The assault came from “Meris,” the same new “Internet of Things” (IoT) botnet…

Read more →

This article has been indexed from Krebs on Security Microsoft Corp. warned Tuesday that attackers are exploiting a previously unknown vulnerability in Windows 10 and many Windows Server versions to seize control over PCs when users open a malicious document…

Read more →

This article has been indexed from Krebs on Security In May 2015, KrebsOnSecurity briefly profiled “The Manipulaters,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services…

Read more →

This article has been indexed from Krebs on Security Some of the most successful and lucrative online scams employ a “low-and-slow” approach — avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from…

Read more →

This article has been indexed from Krebs on Security Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems.…

Read more →

This article has been indexed from Krebs on Security In 2018, Andrew Schober was digitally mugged for approximately $1 million worth of bitcoin. After several years of working with investigators, Schober says he’s confident he has located two young men…

Read more →

This article has been indexed from Krebs on Security Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. Apparently now that includes emailing employees directly and asking them…

Read more →

This article has been indexed from Krebs on Security T-Mobile warned Monday that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers.…

Read more →

This article has been indexed from Krebs on Security Communications giant T-Mobile said today it is investigating the extent of a data breach that hackers claim has exposed sensitive personal data on 100 million T-Mobile USA customers, in many cases…

Read more →

This article has been indexed from Krebs on Security Two new dark web services are marketing to cybercriminals who are curious to see how their various cryptocurrency holdings and transactions may be linked to known criminal activity. Dubbed “Antinalysis” and…

Read more →

This article has been indexed from Krebs on Security Microsoft today released software updates to plug at least 44 security vulnerabilities in its Windows operating systems and related products. The software giant warned that attackers already are pouncing on one…

Read more →

This article has been indexed from Krebs on Security I was preparing to knock off work on a recent Friday evening when a curious and annoying email came in via the contact form on this site: “Hello I go by…

Read more →

This article has been indexed from Krebs on Security It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. We hang on to these occasional victories because history tells us that…

Read more →

This article has been indexed from Krebs on Security Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim…

Read more →

This article has been indexed from Krebs on Security One day after last summer’s mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” O’Connor appeared to have been involved in the incident. When the Justice Department last week…

Read more →

This article has been indexed from Krebs on Security A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that lead to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months…

Read more →

This article has been indexed from Krebs on Security A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov, a prolific purveyor of malicious and junk email, and the creator of…

Read more →

This article has been indexed from Krebs on Security Browse the comments on virtually any story about a ransomware attack and you will almost surely encounter the view that the victim organization could have avoided paying their extortionists if only…

Read more →

This article has been indexed from Krebs on Security Microsoft today released updates to patch at least 116 security holes in its Windows operating systems and related software. A half of dozen of the vulnerabilities addressed today are under active…

Read more →

This article has been indexed from Krebs on Security Last summer, financial institutions throughout Texas started reporting a sudden increase in attacks involving well-orchestrated teams that would show up at night, use stolen trucks and heavy chains to rip Automated…

Read more →

This article has been indexed from Krebs on Security Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company…

Read more →

This article has been indexed from Krebs on Security Microsoft on Tuesday issued an emergency software update to quash a security bug that’s been dubbed “PrintNightmare,” a critical vulnerability in all supported versions of Windows that is actively being exploited.…

Read more →

This article has been indexed from Krebs on Security Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015,…

Read more →

This article has been indexed from Krebs on Security Financial services giant Intuit this week informed 1.4 million small businesses using its QuickBooks Online Payroll and Intuit Online Payroll products that their payroll information will be shared with big-three consumer…

Read more →

This article has been indexed from Krebs on Security Imagine waking up each morning knowing the identities of thousands of people who are about to be mugged for thousands of dollars each. You know exactly when and where each of…

Read more →