Krebs on Security

JUNE 15, 2022

On a lighter note, Microsoft is officially retiring its Internet Explorer (IE) web browser, which turns 27 years old this year. On top of the critical heap this month is CVE-2022-30190 , a vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows. that earned a CVSS score of 9.8 (10

Architecture 289

Architecture Internet Internet Software 289

Krebs on Security

JANUARY 11, 2022

By all accounts, the most severe flaw addressed today is CVE-2022-21907, a critical, remote code execution flaw in the “ HTTP Protocol Stack.” ” Microsoft says the flaw affects Windows 10 and Windows 11 , as well as Server 2019 and Server 2022. “Test and deploy this patch quickly.” ” Quickly indeed.

Social Engineering 289

Social Engineering Backups Malware Engineering 289

Krebs on Security

MARCH 9, 2022

Those include remote code execution bugs CVE-2022-24512 , affecting.NET and Visual Studio , and CVE-2022-21990 , affecting Remote Desktop Client. CVE-2022-24459 is a vulnerability in the Windows Fax and Scan service. All three publicly disclosed vulnerabilities are rated “ Important ” by Microsoft.

Authentication 46

Authentication Ransomware Cyber threats Software 46

Krebs on Security

DECEMBER 14, 2022

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The bug already seeing exploitation is CVE-2022-44698 , which allows attackers to bypass the Windows SmartScreen security feature.

Social Engineering 237

Social Engineering Ransomware Software Engineering 237

Krebs on Security

FEBRUARY 8, 2022

Among those is CVE-2022-22005 , a weakness in Microsoft’s Sharepoint Server versions 2013-2019 that could be exploited by any authenticated user. ” Kevin Breen at Immersive Labs called attention to CVE-2022-21996 , an elevation of privilege vulnerability in the core Windows component “ Win32k.”

Authentication 230

Authentication Internet Internet System Administration 230

Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The men were among 14 suspected REvil members rounded up by Russia in the weeks before Russia invaded Ukraine in 2022.

Cybercrime 230

Cybercrime Ransomware Cryptocurrency Government 230

Krebs on Security

SEPTEMBER 14, 2022

Worst in terms of outright scariness is CVE-2022-37969 , which is a “privilege escalation” weakness in the Windows Common Log File System Driver that allows attackers to gain SYSTEM-level privileges on a vulnerable host. .” CVE-2022-32984 is a problem in the deepest recesses of the operating system (the kernel).

Spyware 221

Spyware Cyber threats Security Defenses Cyber Attacks 221

Tech Republic Security

NOVEMBER 4, 2021

IoT tech will help reduce emissions, satellite internet will challenge 5G, the chip shortage will continue and more will happen in 2022 as pandemic recovery continues to move slowly forward.

IoT 215

IoT Internet Internet 215

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. ” Orn advertising Araneida Scanner in Feb.

Hacking 230

Hacking Cybercrime Advertising Data breaches 230

Krebs on Security

FEBRUARY 11, 2025

Tenable senior staff research engineer Satnam Narang noted that since 2022, there have been nine elevation of privilege vulnerabilities in this same Windows component — three each year — including one in 2024 that was exploited in the wild as a zero day (CVE-2024-38193).

Artificial Intelligence 195

Artificial Intelligence Engineering Software Internet 195

Krebs on Security

NOVEMBER 14, 2024

Golubov later earned immunity from prosecution by becoming an elected politician and founding the Internet Party of Ukraine , which called for free internet for all, the creation of country-wide “hacker schools” and the “computerization of the entire economy.”

Retail 253

Retail Advertising Cryptocurrency Marketing 253

Krebs on Security

MAY 29, 2024

.” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. The prices page for 911 S5, circa July 2022. $28

VPN 344

VPN Government Cybercrime Internet 344

Security Affairs

JANUARY 15, 2025

released in October 2022. “The build date coded in the last number block also points to the same date range: None of the firewall firmwares examined had been compiled after September 14, 2022.” The analysis of the configuration files revealed that all the FortiOS versions in the data set were older than version 7.2.2,

VPN 131

VPN Passwords Firewall Firmware 131

Schneier on Security

MAY 17, 2024

The seizure messages include ways to contact the FBI about the seizure, including an email, a Telegram account, a TOX account, and a dedicated page hosted on the FBI’s Internet Crime Complaint Center (IC3). co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. .”

Hacking 314

Hacking Accountability Ransomware Internet 314

Malwarebytes

JANUARY 22, 2025

The MotW is an attribute added to files by Windows when they have been sourced from an untrusted location, like the internet or a restricted zone. 7-Zip added support for MotW in June 2022. Always be careful when opening archived files that you downloaded from the internet.

Internet 141

Internet Internet Malware Risk 141

Krebs on Security

NOVEMBER 21, 2024

In August 2022, multiple security firms gained access to the server that was receiving data from that Telegram bot, which on several occasions leaked the Telegram ID and handle of its developer, who used the nickname “ Joeleoli.” The group then used their access to Twilio to attack at least 163 of its customers.

Identity Theft 250

Identity Theft Phishing Cryptocurrency Accountability 250

Security Affairs

MARCH 7, 2024

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 The 2023 Internet Crime Report published the FBI’s Internet Crime Complaint Center (IC3) reveals that reported cybercrime losses reached $12.5 The figure marks a 22% surge in reported losses compared to 2022.

Cybercrime 140

Cybercrime Internet Internet Scams 140

Krebs on Security

MARCH 31, 2023

Authorities in Germany this week seized Internet servers that powered FlyHosting , a dark web offering that catered to cybercriminals operating DDoS-for-hire services, KrebsOnSecurity has learned. The German authorities did not name the suspects or the Internet service in question. In mid-December 2022, the U.S.

DDOS 303

DDOS Internet Internet Cybercrime 303

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. Image: SentinelOne.com.

DDOS 321

DDOS Internet Internet Government 321

Krebs on Security

MAY 28, 2024

KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later. The 911 S5 botnet-powered proxy service, circa July 2022. At the time, Spur found Cloud Router had more than 140,000 Internet addresses for rent.

VPN 274

VPN Banking Cybercrime Internet 274

Krebs on Security

MARCH 27, 2025

When Cloudflare responded by blocking the sites with a phishing warning, the real Internet address of these sites was exposed as belonging to a known “bulletproof hosting” network called Stark Industries Solutions Ltd.

Phishing 210

Phishing Government Engineering Internet 210

Google Security

FEBRUARY 22, 2023

Working with security researchers throughout 2022, we have been able to identify and fix over 2,900 security issues and continue to make our products more secure for our users around the world. In 2022 we awarded over $12 million in bounty rewards – with researchers donating over $230,000 to a charity of their choice. Thank you, Rory!

Manufacturing 144

Manufacturing Internet Internet Hacking 144

Krebs on Security

SEPTEMBER 16, 2021

man charged in 2018 with operating two online services that allowed paying customers to launch powerful distributed denial-of-service (DDoS) attacks against Internet users and websites. Gatrel’s sentencing is scheduled for January 27, 2022. A jury in California today reached a guilty verdict in the trial of Matthew Gatrel , a St.

DDOS 347

DDOS DNS Internet Internet 347

Security Affairs

FEBRUARY 13, 2025

In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications 108

Telecommunications DNS Passwords Hacking 108

Krebs on Security

APRIL 8, 2025

This CLFS component of Windows is no stranger to Patch Tuesday: According to Tenable’s Satnam Narang , since 2022 Microsoft has patched 32 CLFS vulnerabilities — averaging 10 per year — with six of them exploited in the wild. The last CLFS zero-day was patched in December 2024.

Software 168

Software Media Internet Internet 168

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. ” The Remote Access Trojan (RAT) has been active since July 2022. . ” The Remote Access Trojan (RAT) has been active since July 2022. ” reads the PIN report.

Architecture 109

Architecture Internet Internet Malware 109

Krebs on Security

OCTOBER 23, 2023

4, 2022 story here about the emergence of “violence-as-a-service” offerings, where random people from the Internet hire themselves out to perform a variety of local, physical attacks, including firebombing a home, “bricking” windows, slashing tires, or performing a drive-by shooting at someone’s residence.

Internet 313

Internet Internet 313

Krebs on Security

MARCH 17, 2023

The forum’s administrator “ Pompompurin ” has been a thorn in the side of the FBI for years, and BreachForums is widely considered a reincarnation of RaidForums , a remarkably similar crime forum that the FBI infiltrated and dismantled in 2022. In April 2022, U.S. Image: News 12 Westchester.

Data breaches 351

Data breaches Cybercrime Insurance Internet 351

Adam Shostack

JANUARY 2, 2025

Interesting articles from around the internet, March edition I've been meaning to blog about a few things, and not quite had time. Events in Ukraine are tremendously depressing, and I don't have much useful to say.

Marketing 130

Marketing Internet Internet 130

Krebs on Security

AUGUST 2, 2022

With the recent demise of several popular “proxy” services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. A review of the Internet addresses historically used by Super-socks[.]biz Image: Spur.us.

Malware 312

Malware Cybercrime Internet Internet 312

Security Affairs

DECEMBER 3, 2024

In 2021, the University of Toronto-based Citizen Lab Internet reported that a Polish opposition duo was hacked with NSO spyware. In June 2022, the controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region.

Spyware 119

Spyware Government Surveillance Hacking 119

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. CVE-2022-40684: Admin Control over VPN Infrastructure What is CVE-2022-40684? Rated CVSS 9.8,

VPN 133

VPN Authentication Ransomware Risk 133

Malwarebytes

NOVEMBER 14, 2024

From calendar years 2020 to 2022, there was a 27% increase in victim reports to the Internet Crime Complaint Center (IC3) of BECs with a real estate nexus. To cover their tracks, the gang would buy Bitcoin with the stolen funds and divide it over three different addresses.

Accountability 142

Accountability Banking Internet Internet 142

Schneier on Security

APRIL 11, 2024

Last week, the internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. There are libraries for everything: displaying objects in 3D, spell-checking, performing complex mathematics, managing an e-commerce shopping cart, moving files around the internet—everything.

Software 360

Software Engineering Internet Internet 360

Schneier on Security

APRIL 7, 2022

The operation copied and removed malware from vulnerable internet-connected firewall devices that Sandworm used for command and control (C2) of the underlying botnet. government has previously attributed to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (the GRU).

Manufacturing 274

Manufacturing Firewall Malware Internet 274

Security Affairs

DECEMBER 13, 2023

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. In December 2022, Sophos released security patches to address seven vulnerabilities in Sophos Firewall version 19.5 , including some arbitrary code execution bugs. reads the advisory.

Firmware 132

Firmware Firewall Internet Internet 132

Security Boulevard

MARCH 16, 2023

The post Scams Lost US $10 BILLION in 2022 — Crypto Fraud Grows Fast appeared first on Security Boulevard. Ben is disappointed: FBI reports huge rise in cryptocurrency investment scams. Why am I not surprised?

Scams 140

Scams Cryptocurrency Social Engineering Internet 140