1094 matches found
Equifax Reopens Salary Lookup Service
Equifax has re-opened a Web site that lets anyone look up the salary history of a large portion of the American workforce using little more than a person's Social Security number and their date of birth. The big-three credit bureau took the site down just hours after I wrote about it on Oct. 8, a...
Equifax Credit Assistance Site Served Spyware
Big-three consumer credit bureau Equifax says it has removed third-party code from its credit report assistance Web site that prompted visitors to download spyware disguised as an update for Adobe's Flash Player software. Image: Randy-abrams.blogspot.com On Wednesday, security expert and blogger...
Emergency Fix for Windows Anti-Malware Flaw Leads May’s Patch Tuesday
Adobe and Microsoft both issued updates today to fix critical security vulnerabilities in their software. Microsoft actually released an emergency update on Monday just hours ahead of today's regularly scheduled "Patch Tuesday" the 2nd Tuesday of each month to fix a dangerous flaw present in most...
Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested
A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years. The Spanish daily Murcia Today...
Hackers Claim They Breached T-Mobile More Than 100 Times in 2022
Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to...
Indictment, Lawsuits Revive Trump-Alfa Bank Story
In October 2016, media outlets reported that data collected by some of the worlds most renowned cybersecurity experts had identified frequent and unexplained communications between an email server used by the Trump Organization and Alfa Bank, one of Russias largest financial institutions. Those...
T-Mobile: Breach Exposed SSN/DOB of 40M+ People
T-Mobile is warning that a data breach has exposed the names, date of birth, Social Security number and drivers license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. The acknowledgment came less than 48 hours after million...
WeLeakInfo Leaked Customer Payment Info
A little over a year ago, the FBI and law enforcement partners overseas seized WeLeakInfo.com, a wildly popular service that sold access to more than 12 billion usernames and passwords stolen from thousands of hacked websites. In an ironic turn of events, a lapsed domain registration tied to...
FBI, CISA Echo Warnings on ‘Vishing’ Threat
The Federal Bureau of Investigation FBI and the Cybersecurity and Infrastructure Security Agency CISA on Thursday issued a joint alert to warn about the growing threat from voice phishing or "vishing" attacks targeting companies. The advisory came less than 24 hours after KrebsOnSecurity publishe...
Booter Boss Busted By Bacon Pizza Buy
A Pennsylvania man who operated one of the Internet's longest-running online attack-for-hire or "booter" services was sentenced to five years probation today. While the young man's punishment was heavily tempered by his current poor health, the defendant's dietary choices may have contributed to...
Wawa Breach May Have Compromised More Than 30 Million Payment Cards
In late December 2019, fuel and convenience store chain Wawa Inc. said a nine-month-long breach of its payment card processing systems may have led to the theft of card data from customers who visited any of its 850 locations nationwide. Now, fraud experts say the first batch of card data stolen...
Hidden Cam Above Bluetooth Pump Skimmer
Tiny hidden spy cameras are a common sight at ATMs that have been tampered with by crooks who specialize in retrofitting the machines with card skimmers. But until this past week I'd never heard of hidden cameras being used at gas pumps in tandem with Bluetooth-based card skimming devices...
Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M
Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total. Now the financial institution is suing its insurance provider for refusing to fully cover the losses. According to a lawsuit filed...
Mobile Giants: Please Don’t Share the Where
Your mobile phone is giving away your approximate location all day long. This isn't exactly a secret: It has to share this data with your mobile provider constantly to provide better call quality and to route any emergency 911 calls straight to your location. But now, the major mobile providers i...
Credit Card Breach at Buckle Stores
The Buckle Inc., a clothier that operates more than 450 stores in 44 U.S. states, disclosed Friday that its retail locations were hit by malicious software designed to steal customer credit card data. The disclosure came hours after KrebsOnSecurity contacted the company regarding reports from...
Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion
A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon, a popular "malware-as-a-service" offering that helped paying customers steal passwords and financial data from millions of cybercrime victims...
It Might Be Our Data, But It’s Not Our Breach
Image: Shutterstock. A cybersecurity firm says it has intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans. The firms analysis of the data suggests it corresponds to...
The Rise of One-Time Password Interception Bots
In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords OTPs that many websites require as a second authentication factor in addition to passwords. That service quickly went offline, but new research reveals a number of competitor...
Google Mending Another Crack in Widevine
For the second time in as many years, Google is working to fix a weakness in its Widevine digital rights management DRM technology used by online streaming sites like Disney, Hulu and Netflix to prevent their content from being pirated. The latest cracks in Widevine concern the encryption...
AT&T, Sprint, Verizon to Stop Sharing Customer Location Data With Third Parties
In the wake of a scandal involving third-party companies leaking or selling precise, real-time location data on virtually all Americans who own a mobile phone, the four major wireless carriers have responded to requests from a U.S. senator for more details about how the carriers are managing acce...
Equifax Breach: Setting the Record Straight
Bloomberg published a story this week citing three unnamed sources who told the publication that Equifax experienced a breach earlier this year which predated the intrusion that the big-three credit bureau announced on Sept. 7. To be clear, this earlier breach at Equifax is not a new finding and...
Highlights from the New U.S. Cybersecurity Strategy
The Biden administration today issued its vision for beefing up the nations collective cybersecurity posture, including calls for legislation establishing liability for software products and services that are sold with little regard for security. The White Houses new national cybersecurity strate...
How Cyber Sleuths Cracked an ATM Shimmer Gang
In 2015, police departments worldwide started finding ATMs compromised with advanced new "shimming" devices made to steal data from chip card transactions. Authorities in the United States and abroad had seized many of these shimmers, but for years couldnt decrypt the data on the devices. This is...
First American Financial Pays Farcical $500K Fine
In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF was leaking more than 800 million documents -- many containing sensitive financial data -- related to real estate transactions dating back 16 years. This week, the U.S...
Account Hijacking Site OGUsers Hacked, Again
For at least the third time in its existence, OGUsers -- a forum overrun with people looking to buy, sell and trade access to compromised social media accounts -- has been hacked. An offer by the apparent hackers of OGUsers, offering to remove account information from the eventual database leak i...
Trump Fires Security Chief Christopher Krebs
President Trump on Tuesday fired his top election security official Christopher Krebs no relation. The dismissal came via Twitter two weeks to the day after Trump lost an election he baselessly claims was stolen by widespread voting fraud. Chris Krebs. Image: CISA. Krebs, 43, is a former Microsof...
Body Found in Canada Identified as Neo-Nazi Spam King
The body of a man found shot inside a burned out vehicle in Canada three years ago has been identified as that of Davis Wolfgang Hawke, a prolific spammer and neo-Nazi who led a failed anti-government march on Washington, D.C. in 1999, according to news reports. Homicide detectives said they...
Who is Tech Investor John Bernard?
John Bernard, the subject of a story here last week about a self-proclaimed millionaire investor who has bilked countless tech startups, appears to be a pseudonym for John Clifton Davies, a U.K. man who absconded from justice before being convicted on multiple counts of fraud in 2015. Prior to hi...
Owners of DDoS-for-Hire Service vDOS Get 6 Months Community Service
The co-owners of vDOS, a now-defunct service that for four years helped paying customers launch more than two million distributed denial-of-service DDoS attacks that knocked countless Internet users and websites offline, each have been sentenced to six months of community service by an Israeli...
REvil Ransomware Gang Starts Auctioning Victim Data
The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. The move marks an escalation in tactics aimed at coercing victims to pay up -- and publicly shaming those who don't. But it may also signal that...
COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?
The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. Whether it's helping hospitals avoid becoming the next ransomware...
Coronavirus Widens the Money Mule Pool
With many people being laid off or working from home thanks to the Coronavirus pandemic, cybercrooks are almost certain to have more than their usual share of recruitable "money mules" -- people who get roped into money laundering schemes under the pretense of a work-at-home job offer. Here's the...
Transcription Service Leaked Medical Records
MEDantex, a Kansas-based company that provides medical transcription services for hospitals, clinics and private physicians, took down its customer Web portal last week after being notified by KrebsOnSecurity that it was leaking sensitive patient medical records -- apparently for thousands of...
Panerabread.com Leaks Millions of Customer Records
Panerabread.com, the Web site for the American chain of bakery-cafe fast casual restaurants by the same name, leaked millions of customer records -- including names, email and physical addresses, birthdays and the last four digits of the customer's credit card number -- for at least eight months...
Would You Have Spotted This Skimmer?
When you realize how easy it is for thieves to compromise an ATM or credit card terminal with skimming devices, it's difficult not to inspect or even pull on these machines when you're forced to use them personally -- half expecting something will come detached. For those unfamiliar with the...
Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes
The individual who allegedly made a fake emergency call to Kansas police last week that summoned them to shoot and kill an unarmed local man has claimed credit for raising dozens of these dangerous false alarms -- calling in bogus hostage situations and bomb threats at roughly 100 schools and at...
Ayuda! (Help!) Equifax Has My Data!
Equifax last week disclosed a historic breach involving Social Security numbers and other sensitive data on as many as 143 million Americans. The company said the breach also impacted an undisclosed number of people in Canada and the United Kingdom. But the official list of victim countries may n...
Six 0-Days Lead Microsoft’s August 2024 Patch Push
Microsoft today released updates to fix at least 90 security vulnerabilities in Windows and related software, including a whopping six zero-day flaws that are already being actively exploited by attackers. Image: Shutterstock. This months bundle of update joy from Redmond includes patches for...
Incognito Darknet Market Mass-Extorts Buyers, Sellers
Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass...
A Close Up Look at the Consumer Data Broker Radaris
If you live in the United States, the data broker Radaris likely knows a great deal about you, and they are happy to sell what they know to anyone. But how much do we know about Radaris? Publicly available data indicates that in addition to running a dizzying array of people-search websites, the...
‘Snatch’ Ransom Group Exposes Visitor IP Addresses
The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid...
Who’s Behind the 8Base Ransomware Website?
The victim shaming website operated by the cybercriminals behind 8Base -- currently one of the more active ransomware groups -- was until earlier today leaking quite a bit of information that the crime group probably did not intend to be made public. The leaked data suggests that at least some of...
Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people...
Canada Charges Its “Most Prolific Cybercriminal”
A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Canadian authorities describe him as "the most prolific cybercriminal weve...
Phish Leads to Breach at Calif. State Controller
A phishing attack last week gave attackers access to email and files at the California State Controllers Office SCO, an agency responsible for handling more than $100 billion in public funds each year. The phishers had access for more than 24 hours, and sources tell KrebsOnSecurity the intruders...
FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals
On Monday, Oct. 26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the Unit...
Confessions of an ID Theft Kingpin, Part I
At the height of his cybercriminal career, the hacker known as "Hieupc" was earning $125,000 a month running a bustling identity theft service that siphoned consumer dossiers from some of the worlds top data brokers. That is, until his greed and ambition played straight into an elaborate snare se...
Voice Phishers Targeting Corporate VPNs
The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers networks. But one increasingly brazen group of crooks is taking your standard phishing attack to the next level,...
Ransomware Gangs Don’t Need PR Help
We've seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Such coverage is potentially quite harmful and plays deftly into...
FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy
An information technology specialist at the Federal Emergency Management Agency FEMA was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center UPMC in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the...