Krebs on Security

AUGUST 19, 2024

According to the breach tracking service Constella Intelligence , the passwords included in the source code archive are identical to credentials exposed in previous data breaches that involved email accounts belonging to NPD’s founder, an actor and retired sheriff’s deputy from Florida named Salvatore “Sal” Verini.

Passwords 359

Passwords Data breaches Accountability Data privacy 359

Krebs on Security

OCTOBER 20, 2023

BeyondTrust’s security team detected that someone was trying to use an Okta account assigned to one of their engineers to create an all-powerful administrator account within their Okta environment. ET: BeyondTrust has published a blog post about their findings. He said that on Oct 2., But she said that by Oct.

Social Engineering 329

Social Engineering Engineering Accountability Hacking 329

Schneier on Security

FEBRUARY 3, 2021

Details are in the Microsoft blog: We have published our in-depth analysis of the Solorigate backdoor malware (also referred to as SUNBURST by FireEye), the compromised DLL that was deployed on networks as part of SolarWinds products, that allowed attackers to gain backdoor access to affected devices.

Computers and Electronics 358

Computers and Electronics Malware Software Government 358

Krebs on Security

NOVEMBER 21, 2020

And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. “This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. . 2019 that wasn’t discovered until April 2020.

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Krebs on Security

MAY 14, 2021

The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates. The outage also took down its payment server and those that supply its distributed denial-of-service feature, which is used to turn up the heat on victims who balk at paying.

Ransomware 364

Ransomware Cryptocurrency Cybercrime Healthcare 364

Troy Hunt

JUNE 3, 2020

Less than 3 weeks ago I wrote about The Unattributable "db8151dd" Data Breach which, after posting that blog post and a sample of my own data, the community quickly attributed to Covve. My hope is that this blog post helps myself and the 69 million other people in this one work out who collected and then exposed their personal information.

Data breaches 361

Data breaches B2B Marketing Accountability 361

Krebs on Security

DECEMBER 14, 2020

A blog post by Microsoft says the attackers were able to add malicious code to software updates provided by SolarWinds for Orion users. From there, the attackers would be able to forge single sign-on tokens that impersonate any of the organization’s existing users and accounts, including highly privileged accounts on the network.

Hacking 364

Hacking Antivirus Software Accountability 364

Krebs on Security

MARCH 16, 2021

Lucky225 showed how anyone could do the same after creating an account at a service called Sakari , a company that helps celebrities and businesses do SMS marketing and mass messaging. From there, the attacker can reset the password of any account which uses that phone number for password reset links.

Telecommunications 363

Telecommunications Mobile Accountability Wireless 363

IT Security Guru

JUNE 13, 2024

Our data shows that between 93-97% of OX Security users have activated two-factor authentication (2FA), which helps keep accounts, data, and secrets private. The post Guest Blog: Ox Security on learning from the Recent GitHub Extortion Campaigns first appeared on IT Security Guru.

Backups 129

Backups Authentication Data breaches Social Engineering 129

Schneier on Security

APRIL 9, 2024

The Board reaches this conclusion based on: the cascade of Microsoft’s avoidable errors that allowed this intrusion to succeed; Microsoft’s failure to detect the compromise of its cryptographic crown jewels on its own, relying instead on a customer to reach out to identify anomalies the customer had observed; the Board’s assessment of security practices (..)

Hacking 306

Hacking Government Accountability Technology 306

Krebs on Security

AUGUST 30, 2022

In a blog post earlier this month, Cloudflare said it detected the account takeovers and that no Cloudflare systems were compromised. 4 it became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Mobile 329

Mobile Phishing Authentication Accountability 329

Krebs on Security

AUGUST 18, 2021

million current T-Mobile postpaid customer accounts’ information appears to be contained in the stolen files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile,” the company wrote in a blog post. . “Our preliminary analysis is that approximately 7.8

Mobile 270

Mobile Identity Theft Accountability Cybercrime 270

Anton on Security

OCTOBER 12, 2022

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our fourth Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blog for #2 , my unofficial blog for #3 ).

Cybersecurity 246

Cybersecurity Malware Accountability Passwords 246

Troy Hunt

OCTOBER 29, 2020

Almost a decade ago now, I wrote what would become one of my most career-defining blog posts: The Only Secure Password is the One You Can't Remember. I had come to the realisation that I simply had too many accounts across too many systems to ever have any chance of creating decent unique passwords I could remember.

Password Management 346

Password Management Passwords Software Accountability 346

Krebs on Security

JULY 26, 2021

But most of the coverage seems to have overlooked the far more sinister criminal charges in the indictment, which involve an underground scene wherein young men turn to extortion, sextortion, SIM swapping, death threats and physical attacks — all in a frenzied effort to seize control over social media accounts. FEMALE TARGETS.

Media 349

Media Hacking Accountability Scams 349

Krebs on Security

AUGUST 16, 2021

” The intrusion came to light on Twitter when the account @und0xxed started tweeting the details. ” Other databases allegedly accessed by the intruders included one for prepaid accounts, which had far fewer details about customers. ” T-Mobile declined to comment beyond what the company said in its blog post today.

Mobile 348

Mobile Data breaches Accountability Wireless 348

Troy Hunt

OCTOBER 14, 2023

here's a blog post about how stupid class actions like this are! Protect your identity now.

Data breaches 281

Data breaches Advertising Marketing Account Security 281

Krebs on Security

FEBRUARY 28, 2024

The profile also linked to Mr. Lee’s Twitter/X account , which features the same profile image. Doug then messaged the Mr. Lee account on Telegram, who said there was some kind of technology issue with the video platform, and that their IT people suggested using a different meeting link. Image: SlowMist.

Malware 309

Malware Cryptocurrency Software Phishing 309

Krebs on Security

FEBRUARY 3, 2022

The trouble is, there’s little to stop criminals from leveraging newly registered or hacked LinkedIn business accounts to create their own ad campaigns using Slinks. Way back in 2016, security firm Fortinet blogged about LinkedIn’s redirect being used to promote phishing sites and online pharmacies. Image: Urlscan.io.

Phishing 347

Phishing Marketing Scams Accountability 347

Krebs on Security

JULY 29, 2020

Whoever compromised the shop siphoned data on millions of card accounts that were acquired over four years through various illicit means from legitimate, hacked businesses around the globe — but mostly from U.S. Although Visa cards made up more than half of accounts put up for sale (12.1 Source: NYU.

Accountability 351

Accountability Banking Retail Hacking 351

Krebs on Security

OCTOBER 30, 2024

“Affected insurance providers can contact us to prevent leaking of their own data and [remove it] from the sale,” RansomHub’s victim shaming blog announced on April 16. A few days after BlackCat imploded, the same stolen healthcare data was offered for sale by a competing ransomware affiliate group called RansomHub.

Healthcare 283

Healthcare Insurance Computers and Electronics Data breaches 283

Troy Hunt

JULY 21, 2020

This comes as no surprise to regular followers, nor should it come as a surprise that I maintain an Untappd account, logging my beer experiences as I (used to ??) Someone had registered a new Netflix account with my email / password associated with my BeerAdvocate account. I love beer. You'll never believe what happened next.

Passwords 316

Passwords Accountability Password Management Backups 316

Krebs on Security

SEPTEMBER 5, 2023

Importantly, none appeared to have suffered the sorts of attacks that typically preface a high-dollar crypto heist, such as the compromise of one’s email and/or mobile phone accounts. “If you have my seed phrase, you can copy and paste that into your wallet, and then you can see all my accounts.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

Krebs on Security

SEPTEMBER 2, 2021

Whether it’s related to hotel or airline rewards or just Amazon gift cards, after they successfully log in to the account their scripts start pilfering inboxes looking for things that could be of value.” . “These guys are looking for low-hanging fruit — basically cash in your inbox.

Accountability 326

Accountability Authentication Passwords Hacking 326

Krebs on Security

NOVEMBER 4, 2022

Responding to a recent surge in AI-generated bot accounts, LinkedIn is rolling out new features that it hopes will help users make more informed decisions about with whom they choose to connect. For example, on October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc.

Scams 270

Scams Artificial Intelligence Cryptocurrency Accountability 270

Anton on Security

FEBRUARY 7, 2024

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our seventh Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 , #4 , #5 , #6 , #7 and #8 ).

Cybersecurity 246

Cybersecurity Ransomware Passwords Cryptocurrency 246

Krebs on Security

MARCH 23, 2022

In a blog post published Mar. Our investigation has found a single account had been compromised, granting limited access. “LAPSUS$ currently does not operate a clearnet or darknet leak site or traditional social media accounts—it operates solely via Telegram and email,” Flashpoint wrote in an analysis of the group.

Social Engineering 327

Social Engineering Accountability Mobile Passwords 327

Anton on Security

APRIL 13, 2023

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our sixth Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 , #4 and #5 ). a useful reminder to, well, not do that!] “One

Cybersecurity 221

Cybersecurity Passwords Accountability Ransomware 221

Troy Hunt

JUNE 8, 2021

I was pretty excited when I saw PRs coming in right after launching that last blog post. a conference series I've had a very long, close affinity with: Want to protect your accounts like @EveOnline does? Code enhancements. Framework updates. New features. It was all there! So I asked him, and he said yes.

Passwords 354

Passwords Accountability 354

Troy Hunt

MAY 13, 2023

This is the story I mentioned about the bloke in Melbourne copping it from the public for craning his McLaren into his apartment (its' "guitar lessons" all over again!)

Data breaches 224

Data breaches Government Accountability 224

Krebs on Security

SEPTEMBER 29, 2021

The idea is that even if the user’s password gets stolen, the attacker still can’t access the user’s account without that second factor — i.e. without access to the victim’s mobile device or phone number. The OTP interception service featured earlier this year — Otp[.]agency

Passwords 352

Passwords Mobile Authentication Banking 352

Krebs on Security

SEPTEMBER 30, 2023

. “Snatch threat actors have been observed purchasing previously stolen data from other ransomware variants in an attempt to further exploit victims into paying a ransom to avoid having their data released on Snatch’s extortion blog,” the FBI/CISA alert reads. was also used to register an account at the online game stalker[.]so

Ransomware 257

Ransomware Accountability Cybercrime Backups 257

Krebs on Security

JUNE 27, 2023

On July 16, 2020 — the day after some of Twitter’s most recognizable and popular users had their accounts hacked and used to tweet out a bitcoin scam — KrebsOnSecurity observed that several social media accounts tied to O’Connor appeared to have inside knowledge of the intrusion. I haven’t done anything.”

Cryptocurrency 252

Cryptocurrency Accountability Mobile Hacking 252

Troy Hunt

JUNE 1, 2020

closed or ia idk | BLM (@pjnkmin) May 31, 2020 Just to be clear: there's not necessarily a direct link between whoever put the video above together and the data now doing the rounds and attribution is tricky once you get a bunch of different people under different accounts and pseudonyms all flying the "Anonymous" banner.

Hacking 364

Hacking Passwords Data breaches Accountability 364

Krebs on Security

JANUARY 18, 2021

Joker’s Stash , by some accounts the largest underground shop for selling stolen credit card and identity data, says it’s closing up shop effective mid-February 2021. Those “partner” customers will be given the opportunity to cash out their accounts. and European authorities seized a number of its servers.

Marketing 277

Marketing Cybercrime Accountability Cryptocurrency 277

Krebs on Security

APRIL 6, 2022

Microsoft blogged about its attack at the hands of LAPSUS$, and about the group targeting its customers. The smash-and-grab attacks by LAPSUS$ obscure some of the group’s less public activities, which according to Microsoft include targeting individual user accounts at cryptocurrency exchanges to drain crypto holdings.

Social Engineering 277

Social Engineering Phishing Engineering Accountability 277

Krebs on Security

JULY 30, 2020

Traditional payment cards encode cardholder account data in plain text on a magnetic stripe, which can be read and recorded by skimming devices or malicious software surreptitiously installed in payment terminals. Newer, chip-based cards employ a technology known as EMV that encrypts the account data stored in the chip.

Banking 362

Banking Malware Encryption Accountability 362