Krebs on Security

JANUARY 11, 2022

By all accounts, the most severe flaw addressed today is CVE-2022-21907, a critical, remote code execution flaw in the “ HTTP Protocol Stack.” ” Microsoft says the flaw affects Windows 10 and Windows 11 , as well as Server 2019 and Server 2022. “Test and deploy this patch quickly.”

Social Engineering 289

Social Engineering Backups Malware Engineering 289

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.

Phishing 334

Phishing Cryptocurrency Accountability Social Engineering 334

Krebs on Security

OCTOBER 7, 2022

consumers have their online bank accounts hijacked and plundered by hackers, U.S. But new data released this week suggests that for some of the nation’s largest banks, reimbursing account takeover victims has become more the exception than the rule. The findings came in a report released by Sen. Elizabeth Warren (D-Mass.),

Banking 285

Banking Accountability Scams Passwords 285

Krebs on Security

JUNE 15, 2022

On top of the critical heap this month is CVE-2022-30190 , a vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows. ” Kevin Beaumont , the researcher who gave Follina its name, penned a fairly damning account and timeline of Microsoft’s response to being alerted about the weakness.

Architecture 289

Architecture Internet Internet Software 289

Krebs on Security

NOVEMBER 21, 2024

In August 2022, multiple security firms gained access to the server that was receiving data from that Telegram bot, which on several occasions leaked the Telegram ID and handle of its developer, who used the nickname “ Joeleoli.”

Identity Theft 250

Identity Theft Phishing Cryptocurrency Accountability 250

Krebs on Security

JUNE 6, 2023

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. The service in question — kopeechka[.]store ” “Are you working on large volumes and are costs constantly growing? The service in question — kopeechka[.]store

Accountability 253

Accountability Scams Cryptocurrency Advertising 253

Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The men were among 14 suspected REvil members rounded up by Russia in the weeks before Russia invaded Ukraine in 2022.

Cybercrime 230

Cybercrime Ransomware Cryptocurrency Government 230

Krebs on Security

MARCH 11, 2025

government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Treasury Office of Foreign Assets Control in April 2022 for receiving hundreds of millions in criminal proceeds, including funds used to facilitate hacking, ransomware, terrorism and drug trafficking.

Ransomware 259

Ransomware Cryptocurrency Marketing Government 259

Krebs on Security

DECEMBER 19, 2024

A search in the threat intelligence platform Intel 471 shows a user by the name Araneida promoted the scanner on two cybercrime forums since 2022, including Breached and Nulled. In 2022, Araneida told fellow Breached members they could be reached on Discord at the username “ Ornie#9811.” 2023 on the forum Cracked.

Hacking 230

Hacking Cybercrime Advertising Data breaches 230

Malwarebytes

NOVEMBER 14, 2024

Employees of these companies were tricked into clicking malicious attachments and links and filling in their email account login information on fake sites. From calendar years 2020 to 2022, there was a 27% increase in victim reports to the Internet Crime Complaint Center (IC3) of BECs with a real estate nexus.

Accountability 142

Accountability Banking Internet Internet 142

The Last Watchdog

DECEMBER 16, 2021

In 2022 we expect to see more aggressive and complex ransomware efforts. If 2021 was the year that Zero Trust security reached mainstream IT — and it was — then 2022 will become the realization that it cannot be done without identity first. Central importance of identity.

CISO 262

CISO Ransomware Risk Authentication 262

Schneier on Security

MAY 17, 2024

The seizure messages include ways to contact the FBI about the seizure, including an email, a Telegram account, a TOX account, and a dedicated page hosted on the FBI’s Internet Crime Complaint Center (IC3). co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. .”

Hacking 320

Hacking Accountability Ransomware Internet 320

Krebs on Security

FEBRUARY 4, 2025

According to the cyber intelligence firm Intel 471 , a user named Finndev registered on multiple cybercrime forums, including Raidforums [ seized by the FBI in 2022 ], Void[.]to The email address used for those accounts was f.grimpe@gmail.com. lol and nulled[.]it.

eCommerce 200

eCommerce Cybercrime Accountability Passwords 200

Krebs on Security

NOVEMBER 11, 2023

In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address.

Accountability 335

Accountability Authentication Passwords Identity Theft 335

Krebs on Security

JUNE 15, 2024

. “He stands accused of hacking into corporate accounts and stealing critical information, which allegedly enabled the group to access multi-million-dollar funds,” Murcia Today wrote. ” The cybercrime-focused Twitter/X account vx-underground said the U.K.

Hacking 331

Hacking Cybercrime Phishing Passwords 331

Security Affairs

JUNE 5, 2024

A vulnerability in the popular video-sharing platform TikTok allowed threat actors to take over the accounts of celebrities. Threat actors exploited a zero-day vulnerability in the video-sharing platform TikTok to hijack high-profile accounts. The compromised accounts did not post content, and the extent of the impact is unclear.

Accountability 133

Accountability Hacking Malware Information Security 133

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint.

Password Management 84

Password Management Cryptocurrency Passwords Data breaches 84

Security Affairs

APRIL 9, 2025

The US Office of the Comptroller of the Currency (OCC) disclosed a major email breach compromising 100 accounts, undetected for over a year. The cybersecurity incident involved unauthorized access to emails via a compromised admin account. Affected accounts were disabled. The breach was confirmed on Feb. OCC on Feb.

Accountability 122

Accountability Banking Information Security Hacking 122

Schneier on Security

JANUARY 24, 2022

XorDDoS, Mirai and Mozi malware families accounted for over 22% of Linux-targeted threats observed by CrowdStrike in 2021. This programming, and by extension, targeting trend, has already been confirmed in early 2022 cases and is likely to continue unabated. Ten times more Mozi malware samples were observed in 2021 compared to 2020.

Malware 348

Malware Accountability 348

Krebs on Security

DECEMBER 11, 2024

wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work The site Verif dot work, which processes payments through Cryptomus, sells financial accounts, including debit and credit cards. work and kopeechka[.]store store ; -anonymity or “proxy” providers like crazyrdp[.]com

Cryptocurrency 280

Cryptocurrency Banking Cybercrime Advertising 280

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. This threat hunt identifies accounts at risk of this attack vector. Rated CVSS 9.8,

VPN 133

VPN Authentication Ransomware Risk 133

Troy Hunt

AUGUST 30, 2023

Data accumulated by the malicious activity spanned from October 2022 until just last week.

Phishing 361

Phishing Password Management Passwords Banking 361

Krebs on Security

OCTOBER 31, 2022

KrebsOnSecurity has learned that the defendant was busted in March 2022, after fleeing mandatory military service in Ukraine in the weeks following the Russian invasion. For example, the indictment includes a photo that investigators subpoenaed from Sokolovsky’s iCloud account that shows him posing with several stacks of bundled cash.

Malware 336

Malware Identity Theft Cybercrime Accountability 336

Krebs on Security

NOVEMBER 14, 2024

Izvestia reports that Peter Vrublevsky is currently living in Switzerland, where he reportedly fled in 2022 after being “arrested in absentia” in Russia on charges of running a violent group that could be hired via Telegram to conduct a range of physical attacks in real life, including firebombings and muggings.

Retail 253

Retail Advertising Cryptocurrency Cybercrime 253

Krebs on Security

MAY 29, 2024

” From 2015 to July 2022, 911 S5 sold access to hundreds of thousands of Microsoft Windows computers daily, as “proxies” that allowed customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. The prices page for 911 S5, circa July 2022. $28

VPN 344

VPN Government Cybercrime Internet 344

Tech Republic Security

JULY 12, 2024

Businesses and individuals with AT&T accounts from May 1, 2022 to October 31, 2022 and on January 2, 2023 will be notified if their data was affected.

Hacking 198

Hacking Accountability Big data Telecommunications 198

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. “If you have my seed phrase, you can copy and paste that into your wallet, and then you can see all my accounts.

Cryptocurrency 360

Cryptocurrency Passwords Encryption Accountability 360

Troy Hunt

DECEMBER 30, 2021

Harsh, but fair and I shall keep this 3D-printed reminder handy and hope I don't end up needing to print a 2022 version! 2021 Dumpster fire? So many times throughout this week's video I came back to that theme.

Accountability 293

Accountability Malware 293

Krebs on Security

MAY 28, 2024

KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later. The 911 S5 botnet-powered proxy service, circa July 2022. dollars using over-the-counter vendors who wired and deposited funds into bank accounts held by Liu.

VPN 274

VPN Banking Cybercrime Internet 274

Krebs on Security

JULY 10, 2022

Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts.

Accountability 335

Accountability Passwords Authentication Password Management 335

Security Affairs

JANUARY 25, 2025

Subaru Starlink flaw exposed vehicles and customer accounts in the US, Canada, and Japan to remote attacks. The experts explained that they exploited the flaw to gain unrestricted targeted access to all vehicles and customer accounts in the above countries. ” wrote Curry. ” added Curry. I sent the unlock command.

Hacking 125

Hacking Accountability Passwords Authentication 125

Troy Hunt

SEPTEMBER 15, 2022

wasn't (why is this still getting media attention?!)

Media 307

Media Accountability 307

Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.” A U2F device made by Yubikey.

Hacking 322

Hacking Social Engineering Phishing Scams 322

eSecurity Planet

FEBRUARY 10, 2025

Since early 2022, there has been a 49 percent rise in phishing attempts capable of evading filters, with AI-generated threats accounting for nearly 5 percent of these attacks. Compromising a single Gmail account can grant access to an extensive personal and corporate data treasure trove.

Phishing 113

Phishing Artificial Intelligence Password Management Accountability 113

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering 355

Social Engineering Mobile Passwords Cybercrime 355

Krebs on Security

SEPTEMBER 22, 2023

But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass. KrebsOnSecurity last month interviewed a victim who recently saw more than three million dollars worth of cryptocurrency siphoned from his account.

Passwords 317

Passwords Encryption Password Management Cryptocurrency 317

Krebs on Security

NOVEMBER 4, 2022

Responding to a recent surge in AI-generated bot accounts, LinkedIn is rolling out new features that it hopes will help users make more informed decisions about with whom they choose to connect. For example, on October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc.

Scams 287

Scams Artificial Intelligence Cryptocurrency Accountability 287