Krebs on Security

PlugwalkJoe Does the Perp Walk

20 hours 22 minutes ago
One day after last summer's mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph "PlugwalkJoe" O'Connor appeared to have been involved in the incident. When the Justice Department last week announced O'Connor's arrest and indictment, his alleged role in the Twitter compromise was well covered in the media. But most of the coverage so far seem to have overlooked the far more sinister criminal charges in the indictment, which involve an underground scene wherein young men turn to extortion, sextortion, SIM swapping, death threats and physical attacks -- all in a bid to seize control over highly-prized social media accounts.
BrianKrebs

Spam Kingpin Peter Levashov Gets Time Served

6 days 17 hours ago
A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov, a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. Levashov has been in federal custody since his extradition to the United States and guilty plea in 2018, and was facing up to 12 more years in prison. Instead, he will go free under three years of supervised release and a possible fine.
BrianKrebs

Don’t Wanna Pay Ransom Gangs? Test Your Backups.

1 week ago
Browse the comments on virtually any story about a ransomware attack and you will almost surely encounter the view that the victim organization could have avoided paying their extortionists if only they'd had proper data backups. But the ugly truth is there are many non-obvious reasons why victims end up paying even when they have done nearly everything right from a data backup perspective. 
BrianKrebs

Microsoft Patch Tuesday, July 2021 Edition

1 week 6 days ago
Microsoft today released updates to patch at least 116 security holes in its Windows operating systems and related software. A half of dozen of the vulnerabilities addressed today are under active attack, according to Microsoft.
BrianKrebs

Spike in “Chain Gang” Destructive Attacks on ATMs

2 weeks 3 days ago
Last summer, financial institutions throughout Texas started reporting a sudden increase in attacks involving well-orchestrated teams that would show up at night, use stolen trucks and heavy chains to rip Automated Teller Machines (ATMs) out of their foundations, and make off with the cash boxes inside. Now it appears the crime -- known variously as "ATM smash-and-grab" and "chain gang" attacks -- is rapidly increasing in other states.
BrianKrebs

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

2 weeks 4 days ago
Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company whose products help system administrators manage large networks remotely. Now it appears Kaseya's customer service portal was left vulnerable until last week to a data-leaking security flaw that was first identified in the same software six years ago.
BrianKrebs

Microsoft Issues Emergency Patch for Windows Flaw

2 weeks 6 days ago
Microsoft on Tuesday issued an emergency software update to quash a security bug that's been dubbed "PrintNightmare," a critical vulnerability in all supported versions of Windows that is actively being exploited. The fix comes a week ahead of Microsoft's normal monthly Patch Tuesday release, and follows the publishing of exploit code showing would-be attackers how to leverage the flaw to break into Windows computers.
BrianKrebs

Another 0-Day Looms for Many Western Digital Users

3 weeks 3 days ago
Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. But there is a similarly serious zero-day flaw present in a much broader range of newer Western Digital MyCloud network storage devices that will remain unfixed for many customers who can't or won't upgrade to the latest operating system.
BrianKrebs

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

3 weeks 4 days ago
Financial services giant Intuit this week informed 1.4 million small businesses using its QuickBooks Online Payroll and Intuit Online Payroll products that their payroll information will be shared with big-three consumer credit bureau Equifax starting later this year unless customers opt out by the end of this month. Intuit says the change is tied to an "exciting" and "free" new service that will let millions of small business employees get easy access to employment and income verification services when they wish to apply for a loan or line of credit.
BrianKrebs

We Infiltrated a Counterfeit Check Ring! Now What?

3 weeks 5 days ago
Imagine waking up each morning knowing the identities of thousands of people who are about to be mugged for thousands of dollars each. You know exactly when and where each of those muggings will take place, and you've shared this information in advance with the authorities each day for a year with no outward indication that they are doing anything about it. How frustrated would you be? Such is the curse of the fraud fighter known online by the handles “Brianna Ware” and “BWare” for short, a longtime member of a global group of volunteers who’ve infiltrated a cybercrime gang that disseminates fraudulent checks tied to a dizzying number of online scams.
BrianKrebs

MyBook Users Urged to Unplug Devices from Internet

1 month ago
Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a previously unknown critical flaw that can be triggered by anyone who knows the Internet address of an affected device.
BrianKrebs

How Cyber Sleuths Cracked an ATM Shimmer Gang

1 month ago
In 2015, police departments worldwide started finding ATMs compromised with advanced new "shimming" devices made to clone data from chip card transactions. Authorities in the United States and abroad had seized many of these shimmers, but for years couldn't decrypt the data on the devices. This is a story of ingenuity and happenstance, and how one former Secret Service agent helped crack a code that revealed the contours of a global organized crime ring.
BrianKrebs

How Cyber Safe is Your Drinking Water Supply?

1 month ago
Amid multiple recent reports of hackers breaking into and tampering with drinking water treatment systems comes a new industry survey with some sobering findings: A majority of the 52,000 separate drinking water systems in the United States still haven't inventoried some or any of their information technology systems -- a basic first step in protecting networks from cyberattacks.
BrianKrebs

First American Financial Pays Farcical $500K Fine

1 month 1 week ago
In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. [NYSE:FAF] was leaking more than 800 million documents -- many containing sensitive financial data -- related to real estate transactions dating back more than 16 years. This week, the U.S. Securities and Exchange Commission settled its investigation into the matter after the Fortune 500 company agreed to pay a paltry penalty of less than $500,000.
BrianKrebs
Checked
55 minutes 41 seconds ago
In-depth security news and investigation
Subscribe to Krebs on Security feed

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer