Krebs on Security

JANUARY 11, 2022

By all accounts, the most severe flaw addressed today is CVE-2022-21907, a critical, remote code execution flaw in the “ HTTP Protocol Stack.” ” Microsoft says the flaw affects Windows 10 and Windows 11 , as well as Server 2019 and Server 2022. “Test and deploy this patch quickly.”

Social Engineering 281

Social Engineering Backups Malware Engineering 281

Krebs on Security

JULY 12, 2022

The company said it would roll out the changes in stages between April and June 2022. The zero-day Windows vulnerability already seeing active attacks is CVE-2022-22047 , which is an elevation of privilege vulnerability in all supported versions of Windows.

Internet 254

Internet Internet Cyber threats Software 254

Krebs on Security

FEBRUARY 28, 2023

Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. But by the time we got to claims made in the middle of May 2022, completing the rest of the year’s timeline seemed unnecessary.

Mobile 346

Mobile Phishing Authentication Advertising 346

Krebs on Security

JUNE 15, 2022

On top of the critical heap this month is CVE-2022-30190 , a vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows. ” Kevin Beaumont , the researcher who gave Follina its name, penned a fairly damning account and timeline of Microsoft’s response to being alerted about the weakness.

Architecture 275

Architecture Internet Internet Software 275

Krebs on Security

JUNE 6, 2023

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. The service in question — kopeechka[.]store ” “Are you working on large volumes and are costs constantly growing? The service in question — kopeechka[.]store

Accountability 232

Accountability Scams Cryptocurrency Advertising 232

The Last Watchdog

DECEMBER 16, 2021

In 2022 we expect to see more aggressive and complex ransomware efforts. If 2021 was the year that Zero Trust security reached mainstream IT — and it was — then 2022 will become the realization that it cannot be done without identity first. Central importance of identity.

CISO 262

CISO Ransomware Risk Authentication 262

Krebs on Security

NOVEMBER 11, 2023

In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address.

Accountability 333

Accountability Authentication Passwords Identity Theft 333

Security Affairs

JUNE 5, 2024

A vulnerability in the popular video-sharing platform TikTok allowed threat actors to take over the accounts of celebrities. Threat actors exploited a zero-day vulnerability in the video-sharing platform TikTok to hijack high-profile accounts. The compromised accounts did not post content, and the extent of the impact is unclear.

Accountability 139

Accountability Hacking Malware Information Security 139

Krebs on Security

JUNE 15, 2024

. “He stands accused of hacking into corporate accounts and stealing critical information, which allegedly enabled the group to access multi-million-dollar funds,” Murcia Today wrote. ” The cybercrime-focused Twitter/X account vx-underground said the U.K.

Hacking 311

Hacking Phishing Cybercrime Passwords 311

Schneier on Security

MAY 17, 2024

The seizure messages include ways to contact the FBI about the seizure, including an email, a Telegram account, a TOX account, and a dedicated page hosted on the FBI’s Internet Crime Complaint Center (IC3). co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. .”

Hacking 285

Hacking Accountability Ransomware Internet 285

Krebs on Security

OCTOBER 31, 2022

KrebsOnSecurity has learned that the defendant was busted in March 2022, after fleeing mandatory military service in Ukraine in the weeks following the Russian invasion. For example, the indictment includes a photo that investigators subpoenaed from Sokolovsky’s iCloud account that shows him posing with several stacks of bundled cash.

Malware 329

Malware Identity Theft Cybercrime Accountability 329

Krebs on Security

JULY 10, 2022

Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts.

Accountability 347

Accountability Passwords Authentication Password Management 347

Tech Republic Security

JULY 12, 2024

Businesses and individuals with AT&T accounts from May 1, 2022 to October 31, 2022 and on January 2, 2023 will be notified if their data was affected.

Hacking 198

Hacking Accountability Big data Telecommunications 198

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. “If you have my seed phrase, you can copy and paste that into your wallet, and then you can see all my accounts.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

Schneier on Security

JANUARY 24, 2022

XorDDoS, Mirai and Mozi malware families accounted for over 22% of Linux-targeted threats observed by CrowdStrike in 2021. This programming, and by extension, targeting trend, has already been confirmed in early 2022 cases and is likely to continue unabated. Ten times more Mozi malware samples were observed in 2021 compared to 2020.

Malware 315

Malware Accountability 315

Troy Hunt

AUGUST 30, 2023

Data accumulated by the malicious activity spanned from October 2022 until just last week.

Phishing 335

Phishing Password Management Passwords Banking 335

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering 340

Social Engineering Mobile Passwords Cybercrime 340

Krebs on Security

MAY 29, 2024

” From 2015 to July 2022, 911 S5 sold access to hundreds of thousands of Microsoft Windows computers daily, as “proxies” that allowed customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. The prices page for 911 S5, circa July 2022. $28

VPN 317

VPN Government Cybercrime Internet 317

Krebs on Security

MAY 28, 2024

KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later. The 911 S5 botnet-powered proxy service, circa July 2022. dollars using over-the-counter vendors who wired and deposited funds into bank accounts held by Liu.

VPN 259

VPN Banking Cybercrime Internet 259

Krebs on Security

MARCH 26, 2024

Assuming the user manages not to fat-finger the wrong button on the umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user’s account is under attack and that Apple support needs to “verify” a one-time code. ” Ken said.

Passwords 362

Passwords Accountability Engineering Phishing 362

Krebs on Security

JANUARY 9, 2023

But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. 27, 2022, Experian’s PR team acknowledged receipt of my Dec. It’s also worth mentioning that reports of hijacked Experian.com accounts persisted into late 2022.

Identity Theft 358

Identity Theft Accountability Authentication Web Fraud 358

Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.” A U2F device made by Yubikey.

Hacking 309

Hacking Social Engineering Phishing Scams 309

Joseph Steinberg

JANUARY 2, 2023

2022 was a particularly difficult year for me; in addition to enduring two significant and long cases of COVID-19, I faced various family-related challenges, which, together, lessened the time that I could spend on writing, and forced me to refrain from publishing my previously-weekly newsletter.

Artificial Intelligence 312

Artificial Intelligence Accountability Cybersecurity 312

Krebs on Security

SEPTEMBER 22, 2023

But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass. KrebsOnSecurity last month interviewed a victim who recently saw more than three million dollars worth of cryptocurrency siphoned from his account.

Passwords 304

Passwords Encryption Password Management Cryptocurrency 304

Krebs on Security

NOVEMBER 4, 2022

Responding to a recent surge in AI-generated bot accounts, LinkedIn is rolling out new features that it hopes will help users make more informed decisions about with whom they choose to connect. For example, on October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc.

Scams 270

Scams Artificial Intelligence Cryptocurrency Accountability 270

Schneier on Security

APRIL 9, 2024

The board was established in early 2022, modeled in spirit after the National Transportation Safety Board. The report includes a bunch of recommendations. It’s worth reading in its entirety. This is their third report. Here are a few news articles.

Hacking 306

Hacking Government Accountability Technology 306

Krebs on Security

OCTOBER 20, 2023

BeyondTrust’s security team detected that someone was trying to use an Okta account assigned to one of their engineers to create an all-powerful administrator account within their Okta environment. He said that on Oct 2., But she said that by Oct.

Social Engineering 329

Social Engineering Engineering Accountability Hacking 329

Krebs on Security

AUGUST 30, 2022

In mid-June 2022, a flood of SMS phishing messages began targeting employees at commercial staffing firms that provide customer support and outsourcing to thousands of companies. In a blog post earlier this month, Cloudflare said it detected the account takeovers and that no Cloudflare systems were compromised. Image: Cloudflare.com.

Mobile 329

Mobile Phishing Authentication Accountability 329

Troy Hunt

DECEMBER 30, 2021

Harsh, but fair and I shall keep this 3D-printed reminder handy and hope I don't end up needing to print a 2022 version! 2021 Dumpster fire? So many times throughout this week's video I came back to that theme.

Accountability 249

Accountability Malware 249

Krebs on Security

SEPTEMBER 30, 2024

The government says that in March 2022, three men showed up at E.Z.’s The FBI later obtained a copy of a search warrant executed by LASD deputies in January 2022 for GPS location information on a phone belonging to E.Z., One of many self portraits published on the Instagram account of Enzo Zelocchi. We know what E.Z.

Cryptocurrency 290

Cryptocurrency Government Internet Internet 290

Krebs on Security

AUGUST 2, 2022

account for a slew of other “iboss” themed email addresses, one of which is tied to a LinkedIn profile for an Oleg Iskhusnyh , who describes himself as a senior web developer living in Nur-Sultan, Kazakhstan. The various “iboss” email accounts appear to have been shared by multiple parties. is no longer active.

Malware 298

Malware Cybercrime Internet Internet 298

Troy Hunt

SEPTEMBER 15, 2022

wasn't (why is this still getting media attention?!)

Media 261

Media Accountability 261

Krebs on Security

JULY 12, 2024

Securities and Exchange Commission today, AT&T said cyber intruders accessed an AT&T workspace on a third-party cloud platform in April, downloading files containing customer call and text interactions between May 1 and October 31, 2022, as well as on January 2, 2023. million current AT&T account holders and roughly 65.4

Data breaches 336

Data breaches Passwords Authentication Accountability 336

Krebs on Security

DECEMBER 19, 2022

conspired to hack into Yahoo email accounts belonging to victims in the United States. From there, the two allegedly would check how many of those Yahoo accounts were associated with Ring accounts, and then target people who used the same password for both accounts. . “ChumLul,” 22, of Racine, Wisc.,

Hacking 328

Hacking Media Passwords Accountability 328

Krebs on Security

FEBRUARY 24, 2023

BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. The account didn’t resume posting on the forum until April 2014. Reached via LinkedIn, Mr. Shotliff said he sold his BHProxies account to another Black Hat World forum user from Egypt back in 2014.

Accountability 269

Accountability Advertising Marketing Malware 269

Krebs on Security

JANUARY 25, 2024

And by most accounts, the threat from bad ads leading to backdoored software has subsided significantly compared to a year ago. “We’ve reviewed the ads in question, removed those that violated our policies, and suspended the associated accounts. billion ads in 2022, and restricted more than 4.3 million advertiser accounts.

Software 301

Software Advertising Malware Accountability 301

Troy Hunt

APRIL 14, 2022

— pḧÿzömë (@phyzome) April 4, 2022 On a hunch that this wasn't going to be an easy process, I started recording and kicked off my usual disclosure process. No passwords, so I'm guessing they're hashed. Here's the whole thing: The Avvo data breach is now searchable in HIBP.

Data breaches 315

Data breaches Scams Passwords Accountability 315