This Week in Security News: Facebook and Faxploits

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Facebook removed 652 fake accounts originating from Russia and Iran. Also, Microsoft identified and removed fake internet domains that...

How Digital Extortion Impacts Today’s Enterprises

By now, many enterprise decision-makers are familiar with the concept of digital extortion, particularly in the form of ransomware. These encryption-based attacks lock users out of their sensitive and valuable data, applications and operating systems. Attackers demand a ransom in the form of...

The Year Targeted Phishing Went Mainstream

A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. And with good reason -- sex sells the second most-read piece here was my 2015 scoo...

SamSam Ransomware Attacks Extorted Nearly $6 Million

Ransomware has become a multimillion-dollar black market business for cybercriminals, and SamSam being a great example. New research revealed that the SamSam ransomware had extorted nearly $6 million from its victims since December 2015, when the cyber gang behind the ransomware started...

CoinVault Ransomware Authors Sentenced to 240 Hours of Community Service

Almost three years after the arrest of two young Dutch brothers, who pleaded guilty to their involvement in creating and distributing CoinVault ransomware malware, a district court in Rotterdam today sentenced them to 240 hours of community service. In 2015, the two suspects — Melvin 25-year-old...

Reasonably Clever Extortion E-mail Based on Password Theft

Imagine you've gotten your hands on a file of e-mail addresses and passwords. You want to monetize it, but the site it's for isn't very valuable. How do you use it? You convince the owners of the password to send you money. I recently saw a spam e-mail that ties the password to a porn site. The...

Coinvault, the court case

Today, after almost 3 years of waiting, it was finally the day of the trial. In the Netherlands, where the whole case took place, the hearings are open to the public. Meaning anyone who is interested can visit. And it was quite busy. Because besides the suspects, their lawyers, the judges and the...

WannaCry Extortion Fraud Reemerges

Extortion emails that threaten recipients with a WannaCry infection if they don’t pay up are making the rounds in the UK and elsewhere. The activity prompted an alert Friday from the City of London’s Action Fraud unit, which said at the time that police had already received almost 300 reports in...

Google to Fix Location Data Leak in Google Home, Chromecast

Google in the coming weeks is expected to fix a location privacy leak in two of its most popular consumer products. New research shows that Web sites can run a simple script in the background that collects precise location data on people who have a Google Home or Chromecast device installed...

Fraudsters Claim To Hack Two Canadian Banks

UPDATE Two Canadian banks have reported that they may be targets of a hack, after bad actors claimed that they electronically accessed personal and account information of a combined 90,000 customers. The attackers have asked for a ransom of 1 Ripple XMR from each, which translates to around $1...

FBI: Cyber-Fraud Losses Rise to Reach $1.4B

About 301,580 consumers reported cyber-fraud and malware attacks to the FBI’s Internet Crime Complaint Center IC3 last year – with reported losses exceeding a whopping $1.4 billion. The year’s haul of reports brings the overall total of complaints since the IC3 began recording such things to 4...

Uber Tightens Bug Bounty Extortion Policies

Uber is tightening policies around its bug-bounty program after a 2016 data breach exposed deep flaws in its policies around handling extortion. The ride-sharing company has updated its program to include clarity around the boundaries between research versus blackmail. The changes come after a 20...

iPhone crackers GrayShift become victim of extortion after code Leak

By Waqas GrayKey's code snippets recently appeared online and an unknown party was This is a post from HackRead.com Read the original post: iPhone crackers GrayShift become victim of extortion after code Leak...

Linux server discovered bitcoin extortion event, do a good Four Points from a loss-vulnerability warning-the black bar safety net

Following the Windows encountered ransomware virus after the Linux server was bitcoin extortion cases have occurred, you think to pay a ransom just to end? Important warning Recently, Tencent cloud security team monitoring to the cloud on a Linux server began to appear bitcoin extortion event, th...

The Role That IT Security Teams Need to Play in Connected Hospitals

The WannaCry outbreak that reportedly raked in US$1B in damage costs also forced doctors to cancel scheduled appointments, among other things, brought on warranted concern over pervasive ransomware attacks that could stem from oft-overlooked components of healthcare networks—exposed medical cyber...

Memcached DDoS Exploit Code and List of 17,000 Vulnerable Servers Released

Two separate proofs-of-concept PoC exploit code for Memcached amplification attack have been released online that could allow even script-kiddies to launch massive DDoS attacks using UDP reflections easily. The first DDoS tool is written in C programming language and works with a pre-compiled lis...

Powerful New DDoS Method Adds Extortion

Attackers have seized on a relatively new method for executing distributed denial-of-service DDoS attacks of unprecedented disruptive power, using it to launch record-breaking DDoS assaults over the past week. Now evidence suggests this novel attack method is fueling digital shakedowns in which...

memcached, now with extortion!

Over the past week, memcached reflection attacks have taken the DDoS scene by storm. With several attacks hitting organizations across many industries, including a record breaking 1.3Tbps attack against an Akamai customer. Akamai has observed a new trend in extortion attempts using memcached...

Sophisticated RedDrop Malware Targets Android Phones

A sophisticated strain of mobile malware targeting Android devices can extract sensitive data and audio recordings, run up premium SMS charges and then tries to extort money from victims. According to security firm Wandera the malware, dubbed RedDrop, is being distributed inside 53 Android...

New Android malware record voice calls for extortion & blackmailing

By Waqas Another day, another Android malware - This time IT security This is a post from HackRead.com Read the original post: New Android malware record voice calls for extortion & blackmailing...