Sat.Nov 11, 2023

article thumbnail

It’s Still Easy for Anyone to Become You at Experian

Krebs on Security

In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian clearly has not addressed this gaping lack of security. I know that because my account at Experian was recently hacked, and the only way I could recover access was by recreating the account.

article thumbnail

Weekly Update 373

Troy Hunt

Most of this week's video went on the scraped (and faked) LinkedIn data, but it's the ransomware discussion that keeps coming back to mind. Even just this morning, 2 days after recording this live stream, I ended up on nation TV talking about the DP World security incident and whilst we don't have any confirmation yet, it has all the hallmarks of another ransomware case.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Police seized BulletProftLink phishing-as-a-service (PhaaS) platform

Security Affairs

The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. A joint international operation conducted by the Malaysian police, the FBI, and the Australian Federal Police took down several domains employed in the cybercriminal operation. “We seized around RM960,000 put inside an e-wallet, apart from other

Phishing 144
article thumbnail

Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers

The Hacker News

A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns. Microsoft attributed the activity to a threat actor it calls Sapphire Sleet, describing it as a "shift in the persistent actor's tactics.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Security Affairs newsletter Round 445 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Police seized BulletProftLink phishing-as-a-service (PhaaS) platform Serbian pleads guilty to running ‘Monopoly’ dark web drug market McLaren Health Care revealed that a data breach impacted 2.2 million people After ChatGPT, Anonymous Sudan took d

DDOS 131
article thumbnail

Police takes down BulletProftLink large-scale phishing provider

Bleeping Computer

The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced. [.

More Trending

article thumbnail

Microsoft fixes Outlook Desktop bug causing slow saving issues

Bleeping Computer

Microsoft has resolved a known issue causing significant delays for Microsoft 365 customers when saving attachments in Outlook Desktop. [.

75
article thumbnail

Kamran Spyware Targets Gilgit Baltistan Users Through Hunza News

Hackology

The emergence of Kamran spyware, targeting users of a regional news website, has raised concerns among cybersecurity experts. Distributed through a possible watering-hole attack on the Hunza News website , the spyware prompts users to grant permissions, allowing access to sensitive data. With its unique code composition, attributing Kamran to a specific APT group is challenging.

Spyware 45