Krebs on Security

FEBRUARY 4, 2021

Facebook, Instagram , TikTok , and Twitter this week all took steps to crack down on users involved in trafficking hijacked user accounts across their platforms. Facebook said it targeted a number of accounts tied to key sellers on OGUsers, as well as those who advertise the ability to broker stolen account sales. THE MIDDLEMEN.

Accountability 337

Accountability Hacking Media Mobile 337

Schneier on Security

FEBRUARY 7, 2020

Ten years ago, I wrote an essay : "Security in 2020." Well, it's finally 2020. That's IT in 2020 -- it's not under your control, it's doing things without your knowledge and consent, and it's not necessarily acting in your best interests. I think I did pretty well. Security can only be defined in relation to something else.

Advertising 275

Advertising Internet Internet Artificial Intelligence 275

Krebs on Security

DECEMBER 2, 2021

NYSE:UI] disclosed that a breach at a third party cloud provider had exposed customer account credentials. 24, he reportedly maintained his innocence and told agents someone else must have used his Paypal account to purchase the Surfshark VPN subscription. In January 2021, technology vendor Ubiquiti Inc.

VPN 257

VPN Internet Internet Accountability 257

Krebs on Security

JUNE 6, 2023

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. The service in question — kopeechka[.]store ” “Are you working on large volumes and are costs constantly growing? The service in question — kopeechka[.]store

Accountability 232

Accountability Scams Cryptocurrency Advertising 232

Krebs on Security

APRIL 6, 2021

Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. To my mind, this just reinforces the need to remove mobile phone numbers from all of your online accounts wherever feasible. billion active monthly users. According to a Jan. Image: @UnderTheBreach.

Mobile 360

Mobile Accountability Passwords Authentication 360

Schneier on Security

JANUARY 24, 2022

Crowdstrike is reporting that malware targeting Linux has increased considerably in 2021: Malware targeting Linux systems increased by 35% in 2021 compared to 2020. XorDDoS, Mirai and Mozi malware families accounted for over 22% of Linux-targeted threats observed by CrowdStrike in 2021. Lots of details in the report.

Malware 315

Malware Accountability 315

Schneier on Security

JANUARY 6, 2021

This is bad : More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel. […]. aN_fXp” password.

Firewall 317

Firewall VPN Passwords Accountability 317

Krebs on Security

DECEMBER 14, 2020

released between March 2020 and June 2020.” From there, the attackers would be able to forge single sign-on tokens that impersonate any of the organization’s existing users and accounts, including highly privileged accounts on the network. accounting firms. HF 5 through 2020.2.1, Fortune 500.

Hacking 364

Hacking Antivirus Software Accountability 364

Krebs on Security

MAY 5, 2021

Also, the apps will persist in a user’s Office 365 account indefinitely until removed, and will survive even after an account password reset. “Now, they’re compromising accounts in credible tenants first,” Proofpoint explains. A cybercriminal service advertising the sale of access to hacked Office365 accounts.

Accountability 354

Accountability Advertising Passwords Phishing 354

Troy Hunt

JUNE 1, 2020

closed or ia idk | BLM (@pjnkmin) May 31, 2020 Just to be clear: there's not necessarily a direct link between whoever put the video above together and the data now doing the rounds and attribution is tricky once you get a bunch of different people under different accounts and pseudonyms all flying the "Anonymous" banner.

Hacking 364

Hacking Passwords Data breaches Accountability 364

Krebs on Security

FEBRUARY 26, 2023

But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. GoDaddy described the incident at the time in general terms as a social engineering attack, but one of its customers affected by that March 2020 breach actually spoke to one of the hackers involved.

Hacking 309

Hacking Social Engineering Phishing Scams 309

Krebs on Security

JULY 14, 2020

Top of the heap this month in terms of outright scariness is CVE-2020-1350 , which concerns a remotely exploitable bug in more or less all versions of Windows Server that attackers could use to install malicious software simply by sending a specially crafted DNS request. .”

DNS 300

DNS Backups Software System Administration 300

The Hacker News

MAY 10, 2023

national has pleaded guilty in connection with the July 2020 Twitter attack affecting numerous high-profile accounts and defrauding other users of the platform. Department of

Hacking 131

Hacking Accountability 131

Krebs on Security

NOVEMBER 10, 2021

KrebsOnSecurity recently heard from a reader who said his daughter received an SMS that said it was from her bank, and inquired whether she’d authorized a $5,000 payment from her account. Since this seemed like a reasonable and simple request — and she indeed had an account at the bank in question — she responded, “NO.”

Banking 362

Banking Phishing Scams Accountability 362

Krebs on Security

SEPTEMBER 16, 2020

Prosecutors say the men then laundered the stolen funds through an array of intermediary cryptocurrency accounts — including compromised and fictitiously created accounts — on the targeted cryptocurrency exchange platforms. million from 158 Poloniex users, and $1.17 million from 42 Gemini customers.

Cryptocurrency 356

Cryptocurrency Phishing Accountability Cybercrime 356

Malwarebytes

NOVEMBER 7, 2023

After 1Password, BeyondTrust, and Cloudflare detected unauthorized log-in attempts to their in-house Okta administrator accounts, they reported the incidents to Okta who started an investigation. To gain access to that service account, the attacker compromised an Okta employee. Take your time.

Accountability 141

Accountability Passwords Data breaches Phishing 141

SecureList

OCTOBER 6, 2022

PoS terminals are attacked just as often: few people give a thought to the fact that these machines need protection, as they hold the key to the bank accounts of hundreds of customers. We observed the threat landscape of ATM/PoS malware attacks and how it changed in 2020-2022. Methodology. Key findings.

Malware 143

Malware Banking Software Cybercrime 143

Troy Hunt

OCTOBER 2, 2020

And then there's Scott's Grindr account. 22% of breaches begin with phishing (DBIR 2020). This week there's a lot of connected things: connected shoes, connected garage camera and connected GoPro. This week there's all the above and, on a more personal note, my relationship with Charlotte. Sponsored by: Tines.

Firmware 320

Firmware Phishing Accountability 320

Krebs on Security

MARCH 17, 2021

In November 2020, KrebsOnSecurity heard from security researcher Abraham Vegh , who noticed something odd while inspecting an email from his financial institution. The messages from Netspend all were to confirm the email address tied to a new account, and concerned “me-to-me transfers” set up through its service.

Banking 338

Banking Accountability Software Mobile 338

Krebs on Security

FEBRUARY 19, 2020

The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords. 10, 2020, Citrix disclosed additional details about the incident. But in a letter sent to affected individuals dated Feb. 13, 2018 and Mar.

VPN 360

VPN Passwords Software Telecommunications 360

Krebs on Security

JUNE 27, 2023

Joseph James “PlugwalkJoe” O’Connor , a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter , has been sentenced to five years in a U.S. 02, 2020, pitching O’Connor as a cryptocurrency expert and advisor.

Cryptocurrency 252

Cryptocurrency Accountability Mobile Hacking 252

Krebs on Security

NOVEMBER 21, 2020

And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 2019 that wasn’t discovered until April 2020. “This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. .

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Krebs on Security

JULY 26, 2021

02, 2020, pitching him as a trustworthy cryptocurrency expert and advisor. All of those come into play in the case of the Snapchat account of actor Bella Thorne , who was allegedly targeted by PlugwalkJoe and associates in June 2019. In this case, the SIM swap was done to wrest control over Thorne’s Snapchat account.

Media 349

Media Hacking Accountability Scams 349

Krebs on Security

JULY 10, 2022

Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts.

Accountability 347

Accountability Passwords Authentication Password Management 347

Krebs on Security

JANUARY 19, 2021

The release was granted in part due to Ferizi’s 2018 diagnosis if asthma, as well as a COVID outbreak at the facility where he was housed in 2020. ” [Side note: It may be little more than a coincidence, but my PayPal account was hacked in Dec. military members and government employees.

Identity Theft 343

Identity Theft Government Social Engineering Accountability 343

Schneier on Security

APRIL 21, 2023

This a good example of a security feature that can sometimes harm security: Apple introduced the optional recovery key in 2020 to protect users from online hackers. Apple’s policy gives users virtually no way back into their accounts without that recovery key. For now, a stolen iPhone could mean devastating personal losses.

Passwords 283

Passwords Accountability Banking 283

Krebs on Security

SEPTEMBER 2, 2024

Scammers who had already stolen someone’s bank account credentials could enter the target’s phone number and name, and the service would initiate an automated phone call to the target that warned them about unauthorized activity on their account. The NCA said it began investigating the service in June 2020.

Accountability 267

Accountability Banking Passwords Scams 267

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. ” reads trhe announcement published by DKWOC. “Activities using CVE-2023-23397 were first discovered by CERT-UA[2] and publicly described by Microsoft[3].

Accountability 136

Accountability Government Phishing Passwords 136

Krebs on Security

DECEMBER 3, 2021

Since the beginning of 2020, Babam has set up numerous auctions on the Russian-language cybercrime forum Exploit , mainly selling virtual private networking (VPN) credentials stolen from various companies. The username associated with that account was “ bo3dom.” com back in 2011, and sanjulianhotels[.]com com (2017).

Ransomware 324

Ransomware Passwords Accountability Cybercrime 324

Troy Hunt

OCTOBER 29, 2020

I had come to the realisation that I simply had too many accounts across too many systems to ever have any chance of creating decent unique passwords I could remember. Almost a decade ago now, I wrote what would become one of my most career-defining blog posts: The Only Secure Password is the One You Can't Remember.

Password Management 346

Password Management Passwords Software Accountability 346

Adam Levin

DECEMBER 16, 2020

If 2020 taught us anything, it’s to expect the unexpected–and do the best we can in a rapidly changing world. Don’t re-use passwords: Yes, keeping track of passwords for all of your accounts can be a chore, but using the same password means that one breached account can be used to others that use the same user credentials.

VPN 245

VPN Antivirus Passwords Backups 245

Krebs on Security

APRIL 26, 2021

who put a freeze on his credit files last year at Experian, Equifax and TransUnion after thieves tried to open multiple new payment accounts in his name using an address in Washington state that was tied to a vacant home for sale. Dune Thomas is a software engineer from Sacramento, Calif. and $24.99 and $24.99

Authentication 350

Authentication Accountability Identity Theft Account Security 350

Krebs on Security

JANUARY 29, 2021

The unprecedented volume of unemployment insurance fraud witnessed in 2020 hasn’t abated, although news coverage of the issue has largely been pushed off the front pages by other events. The scammers typically use stolen identity data to claim benefits, and then have the funds credited to an online account that they control.

Insurance 340

Insurance Identity Theft Accountability Mobile 340

The Last Watchdog

JULY 7, 2021

The video game industry saw massive growth in 2020; nothing like a global pandemic to drive people to spend more time than ever gaming. The video game industry withstood nearly 11 billion credential stuffing attacks in 2020, a 224 percent spike over 2019. Usually the path looks like this: •Someone compromises the account (ATO).

Accountability 257

Accountability Mobile Passwords Authentication 257

Krebs on Security

FEBRUARY 1, 2021

“smishing”) service for the mass sending of text messages designed to phish account credentials for different popular websites and steal personal and financial data for resale. One of SMS Bandits’ key offerings: An “auto-shop” web panel for selling stolen account credentials. Image: osint.fans.

Phishing 348

Phishing Telecommunications Advertising Mobile 348

Krebs on Security

DECEMBER 18, 2020

7, 2020, the NSA said “Russian state-sponsored malicious cyber actors are exploiting a vulnerability in VMware Access and VMware Identity Manager products, allowing the actors access to protected data and abusing federated authentication.” National Security Agency (NSA) warned on Dec.

Software 362

Software Authentication Hacking Government 362

Krebs on Security

APRIL 28, 2020

But you probably didn’t know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on your account — data that can then be abused to make their phone scams more believable and expose you to additional forms of identity theft.

Scams 363

Scams Banking Accountability Financial Services 363