Krebs on Security

DECEMBER 3, 2024

Interisle sources data about cybercrime domains from anti-spam organizations, including the Anti-Phishing Working Group (APWG), the Coalition Against Unsolicited Commercial Email (CAUCE), and the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG). But this past year, Interisle found the U.S.

Cybercrime 286

Cybercrime Phishing Accountability Internet 286

Malwarebytes

APRIL 3, 2025

Up to one in five of the most popular mobile VPNs for iOS last year are owned by Chinese companies that do their best to hide the fact. Mobile VPNs are apps that connect your smartphone to the internet via different computers around the world. The company developed several mobile apps for Innovative Connecting Pte.

VPN 131

VPN Mobile Government Technology 131

Security Affairs

NOVEMBER 25, 2024

. “This “SMS blasting” attack relies on using technology that impersonates cellular base stations and is capable of transmitting thousands of messages to devices within a close geographical radius.” The equipment sent nearly 1 million fraudulent messages in 3 days. around busy areas of Sukhumvit Road” continues Khaosod.

Mobile 123

Mobile Scams Technology Telecommunications 123

The Last Watchdog

APRIL 7, 2020

Zoosk’s core service is delivered via a mobile app that has 20 different registration and/or login pages – all are API driven. Here’s how Keil breaks down what happened: Keil “The attackers deconstructed the mobile app and found all of these login and mobile app registration APIs, and so they started using them for attack purposes.

Mobile 266

Mobile Digital transformation Scams Accountability 266

The Last Watchdog

MAY 18, 2023

Your go-to mobile apps aren’t nearly has hackproof as you might like to believe. Related: Fallout of T-Mobile hack Hackers of modest skill routinely bypass legacy security measures, even two-factor authentication, with techniques such as overlay attacks. And hard data shows instances of such breaches on the rise.

Mobile 202

Mobile Authentication Internet Internet 202

The Last Watchdog

AUGUST 19, 2021

At the start of this week, word got out that hackers claimed to have seized personal data for as many as 100 million T-Mobile patrons. According to the attackers, this was a configuration issue on an access point T-Mobile used for testing. T-Mobile left a gate left wide open for attackers – and attackers just had to find the gate.”.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Krebs on Security

APRIL 29, 2024

Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers — including AT&T , Sprint , T-Mobile and Verizon — for illegally sharing access to customers’ location information without consent.

Wireless 327

Wireless Mobile Technology 327

Schneier on Security

DECEMBER 18, 2020

Gizmodo is reporting that schools in the US are buying equipment to unlock cell phones from companies like Cellebrite: Gizmodo has reviewed similar accounting documents from eight school districts, seven of which are in Texas, showing that administrators paid as much $11,582 for the controversial surveillance technology.

Surveillance 363

Surveillance Mobile Accountability Technology 363

Krebs on Security

FEBRUARY 28, 2020

The FCC proposed fining T-Mobile $91 million; AT&T faces more than $57 million in fines; Verizon is looking at more than $48 million in penalties; and the FCC said Sprint should pay more than $12 million. In response, the carriers promised to “wind down” location data sharing agreements with third-party companies.

Wireless 340

Wireless Mobile Technology 340

Malwarebytes

APRIL 3, 2025

Not one but several worried parents that tracked their children by using T-Mobile tracking devices suddenly found that they were looking at the location of random other children. T-Mobile sells a small GPS tracker called SyncUP , which can be used to track, among others, the locations of young children who dont have cell phones yet.

Mobile 90

Mobile Media Surveillance Technology 90

Schneier on Security

DECEMBER 31, 2021

This development suprises no one who has been paying attention: Researchers now believe AirTags, which are equipped with Bluetooth technology, could be revealing a more widespread problem of tech-enabled tracking. They emit a digital signal that can be detected by devices running Apple’s mobile operating system.

Technology 354

Technology Mobile Surveillance 354

The Last Watchdog

AUGUST 1, 2024

Two-plus decades of enduring wave after wave of mobile app malware and fraud has finally taken its toll on users. I recently visited with Appdome CEO Tom Tovar to discuss clear signals that consumers are now insisting upon mobile apps that are private and secure, as well as convenient. . I’ll keep watch and keep reporting.

Mobile 147

Mobile Internet Internet Technology 147

Security Affairs

OCTOBER 21, 2024

DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Cisco’s technologies. IntelBroker targeted many major organizations in past attacks, including AMD , AT&T, Bank of America, Microsoft, Europol , SAP, T-Mobile, Verizon, and others.

Cybercrime 130

Cybercrime Data breaches Technology Banking 130

Krebs on Security

NOVEMBER 21, 2024

technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft 254

Identity Theft Phishing Cryptocurrency Accountability 254

Krebs on Security

AUGUST 3, 2020

A California company that helps telemarketing firms avoid getting sued for violating a federal law that seeks to curb robocalls has leaked the phone numbers, email addresses and passwords of all its customers, as well as the mobile phone numbers and other data on people who have hired lawyers to go after telemarketers.

Mobile 358

Mobile Marketing Consumer Protection Wireless 358

The Last Watchdog

JANUARY 15, 2025

15, 2025, CyberNewswire — Quantum computing is set to revolutionize technology, but it also presents a significant security risk for financial institutions. He played a key role in building Inmite, a mobile app development firm acquired by Avast in 2014. Prague, Czech Republic, Jan. Dvorak is no stranger to innovation.

Banking 130

Banking Authentication Technology Marketing 130

Security Affairs

AUGUST 23, 2024

Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). ” concludes the report published by ESET.

Phishing 131

Phishing Mobile Banking Social Engineering 131

Security Affairs

OCTOBER 28, 2024

million mobile and fixed subscribers. “” The telecommunications firm has filed a criminal complaint and informed France’s agencies National Commission for Information Technology and Civil Liberties (CNIL) and the National Agency for the Security of Information Systems (ANSSI). Free S.A.S.

Cyber Attacks 124

Cyber Attacks Telecommunications Data breaches Banking 124

Malwarebytes

OCTOBER 18, 2024

It is important to note that this vulnerability would only impact Mobile Device Management (MDM) managed devices. By exploiting this vulnerability an attacker could bypass the macOS Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data. Microsoft has dubbed the flaw “HM Surf.”

Adware 143

Adware Spyware Mobile Technology 143

Krebs on Security

AUGUST 30, 2022

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. TechCrunch reported last week that the incident was linked to the same phishing campaign that targeted Twilio. In an Aug.

Mobile 341

Mobile Phishing Authentication Accountability 341

Krebs on Security

DECEMBER 16, 2021

A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. A SIM card is the tiny, removable chip in a mobile device that allows it to connect to the provider’s network. Nicholas Truglia, holding bottle.

Cryptocurrency 363

Cryptocurrency Mobile Accountability Scams 363

Security Affairs

DECEMBER 16, 2024

The spyware’s deployment relied on Cellebrite’s unlocking process, combining two invasive technologies to compromise the journalists digital privacy comprehensively. NoviSpy can extract sensitive data from compromised Android devices, including screenshots, location data, audio recordings, files, and photos. .

Spyware 105

Spyware Surveillance Technology Mobile 105

Krebs on Security

OCTOBER 26, 2020

For the second time in as many years, Google is working to fix a weakness in its Widevine digital rights management (DRM) technology used by online streaming sites like Disney , Hulu and Netflix to prevent their content from being pirated. Further reading: Breaking Content Protection on Streaming Websites.

Software 325

Software Technology Mobile Media 325

Schneier on Security

FEBRUARY 22, 2023

Instead, they use optical technology to beam infrared light from vehicles to static receivers mounted on traffic light poles. Essentially, the tech works by detecting a specific pattern of infrared light emitted by the Mobile Infrared Transmitter (MIRT) installed in a police car, fire truck, or ambulance when the MIRT is switched on.

Wireless 63

Wireless Firmware Mobile Technology 63

Krebs on Security

SEPTEMBER 29, 2021

.” Many websites now require users to supply both a password and a numeric code/OTP token sent via text message, or one generated by mobile apps like Authy and Google Authenticator. Unfortunately, those most likely to fall for these OTP interception schemes are people who are less experienced with technology.

Passwords 346

Passwords Mobile Authentication Banking 346

Krebs on Security

APRIL 14, 2023

KrebsOnSecurity received a nice bump in traffic this week thanks to tweets from the Federal Bureau of Investigation (FBI) and the Federal Communications Commission (FCC) about “ juice jacking ,” a term first coined here in 2011 to describe a potential threat of data theft when one plugs their mobile device into a public charging kiosk.

Mobile 323

Mobile Software Backups Technology 323

Security Boulevard

JULY 22, 2024

A cybercrime group called Vigorish Viper runs a complex suite of technologies that support the sprawling operations of a Chinese crime syndicate that has its reach into illegal online sports gambling and Europe's most popular soccer teams.

Technology 115

Technology Cybercrime Security Awareness Mobile 115

Security Affairs

DECEMBER 6, 2024

Atrium Health launched an investigation into the security breach and discovered that from January 2015 to July 2019, certain online tracking technologies were active on its MyAtriumHealth (formerly MyCarolinas) Patient Portal, accessible via web and mobile. ” reads the notice of a Privacy Matter published by the organization.

Data breaches 110

Data breaches Identity Theft Accountability Technology 110

Bleeping Computer

JULY 7, 2024

Europol is proposing solutions to avoid challenges posed by privacy-enhancing technologies in Home Routing that hinder law enforcement's ability to intercept communications during criminal investigations. [.]

Encryption 124

Encryption Mobile Technology 124

Krebs on Security

JANUARY 11, 2021

NYSE: UI ] said it recently became aware of “unauthorized access to certain of our information technology systems hosted by a third party cloud provider,” although it declined to name that provider. In an email sent to customers today, Ubiquiti Inc. Click on ‘Security’ from the left-hand menu. Change your password.

Passwords 362

Passwords Authentication Firmware Accountability 362

Security Affairs

DECEMBER 30, 2024

DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Ciscos technologies. IntelBroker targeted many major organizations in past attacks, including AMD , AT&T, Bank of America, Microsoft, Europol , SAP, T-Mobile, Verizon, and others. ” concludes the update.

Data breaches 123

Data breaches Cybercrime Authentication Technology 123

Security Affairs

DECEMBER 4, 2024

broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. T-Mobile detected recent infiltration attempts but confirmed no unauthorized system access occurred, and no sensitive data was compromised. This is not the case at T-Mobile.”

Telecommunications 111

Telecommunications Government Mobile Cyber threats 111

Malwarebytes

NOVEMBER 6, 2024

LMP stands for Link Manager Protocol, which is a communication system used in Bluetooth technology to set up and manage connections between devices. Keep threats off your mobile devices by downloading Malwarebytes for iOS , and Malwarebytes for Android today.

Encryption 132

Encryption Mobile Technology Software 132

Schneier on Security

AUGUST 22, 2023

What’s new is that AI is being used on the data, identifying “suspicious” vehicle behavior: Typically, Automatic License Plate Recognition (ALPR) technology is used to search for plates linked to specific crimes. Neither is using them for bulk surveillance. The AI was not just looking at license plates either.

Surveillance 243

Surveillance Mobile Technology Artificial Intelligence 243

Schneier on Security

AUGUST 1, 2019

Of course alternatives like Signal will exist for those who don't want to be subject to Facebook's content moderation, but what happens when this filtering technology is built into operating systems?

Encryption 140

Encryption Manufacturing Mobile Government 140

Krebs on Security

MAY 10, 2021

“Consumers’ access to financial security and upward mobility is dependent on their access to and control over their own employment records and how easily they can share those records with financial institutions,” Argyle explained in a May 3 blog post. ” Argyle’s app flow.

Passwords 320

Passwords Mobile Accountability Marketing 320

Adam Shostack

JANUARY 2, 2025

Chuck and Acme didnt realize that road runners only survive in this crazy world because of their mad skills now including compromising mobile apps. With automation, you formalize the work and share the information across all these different people, but that doesnt mean you can just use technology.

Technology 130

Technology Penetration Testing Software Mobile 130