1092 matches found
Equifax Breach Fallout: Your Salary History
In May, KrebsOnSecurity broke a story about lax security at a payroll division of big-three credit bureau Equifax that let identity thieves access personal and financial data on an unknown number of Americans. Incredibly, this same division makes it simple to access detailed salary and employment...
Pakistani Firm Shipped Fentanyl Analogs, Scams to US
A Texas firm recently charged with conspiring to distribute synthetic opioids in the United States is at the center of a vast network of companies in the U.S. and Pakistan whose employees are accused of using online ads to scam westerners seeking help with trademarks, book writing, mobile app...
Orcus RAT Author Charged in Malware Scheme
In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT, a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with...
Secret Service: Theft Rings Turn to Fuze Cards
Street thieves who specialize in cashing out stolen credit and debit cards increasingly are hedging their chances of getting caught carrying multiple counterfeit cards by relying on Fuze Cards, a smartcard technology that allows users to store dozens of cards on a single device, the U.S. Secret...
How to Shop Online Like a Security Pro
'Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. So here's a quick refresher course on how to make it through the next few weeks without getting snookered...
USPS Site Exposed Data on 60 Million Users
U.S. Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf. Image: USPS.com KrebsOnSecurity was contacted last week by a researcher who...
Microsoft Patch Tuesday, October 2020 Edition
Its Cybersecurity Awareness Month! In keeping with that theme, if you abuse Microsoft Windows computers you should be aware the company shipped a bevy of software updates today to fix at least 87 security problems in Windows and programs that run on top of the operating system. That means its onc...
P2P Weakness Exposes Millions of IoT Devices
A peer-to-peer P2P communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found. A map showing the distribution of...
Spammed Bomb Threat Hoax Demands Bitcoin
A new email extortion scam is making the rounds, threatening that someone has planted bombs within the recipient's building that will be detonated unless a hefty bitcoin ransom is paid by the end of the business day. Sources at multiple U.S. based financial institutions reported receiving the...
Adobe Patches Zero-Day Flash Flaw
Adobe has released an emergency update to address a critical security hole in its Flash Player browser plugin that is being actively exploited to deploy malicious software. If you've got Flash installed -- and if you're using Google Chrome or a recent version of Microsoft Windows you do -- it's...
What You Should Know About the ‘KRACK’ WiFi Security Weakness
Researchers this week published information about a newfound, serious weakness in WPA2 -- the security standard that protects all modern Wi-Fi networks. What follows is a short rundown on what exactly is at stake here, who's most at-risk from this vulnerability, and what organizations and...
Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security
On Sept. 11, 2019, two security experts at a company that had been hired by the state of Iowa to test the physical and network security of its judicial system were arrested while probing the security of an Iowa county courthouse, jailed in orange jumpsuits, charged with burglary, and held on...
Why Were the Russians So Set Against This Hacker Being Extradited?
The Russian government has for the past four years been fighting to keep 29-year-old alleged cybercriminal Alexei Burkov from being extradited by Israel to the United States. When Israeli authorities turned down requests to send him back to Russia -- supposedly to face separate hacking charges...
“BriansClub” Hack Rescues 26M Stolen Cards
"BriansClub," one of the largest underground stores for buying stolen credit card data, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, includin...
Forced Password Reset? Check Your Assumptions
Almost weekly now I hear from an indignant reader who suspects a data breach at a Web site they frequent that has just asked the reader to reset their password. Further investigation almost invariably reveals that the password reset demand was not the result of a breach but rather the site's...
NY Investigates Exposure of 885 Million Mortgage Documents
New York regulators are investigating a weakness that exposed 885 million mortgage records at First American Financial Corp. NYSE:FAF as the first test of the state's strict new cybersecurity regulation. That measure, which went into effect in March 2019 and is considered among the toughest in th...
Booter Boss Interviewed in 2014 Pleads Guilty
A 20-year-old Illinois man has pleaded guilty to running multiple DDoS-for-hire services that launched millions of attacks over several years. The plea deal comes almost exactly five years after KrebsOnSecurity interviewed both the admitted felon and his father and urged the latter to take a more...
For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records
mSpy, the makers of a software-as-a-service product that claims to help more than a million paying customers spy on the mobile devices of their kids and partners, has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, notes and location data...
FBI Warns of ‘Unlimited’ ATM Cashout Blitz
The Federal Bureau of Investigation FBI is warning banks that cybercriminals are preparing to carry out a highly choreographed, global fraud scheme known as an "ATM cash-out," in which crooks hack a bank or payment card processor and use cloned cards at cash machines around the world to...
Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?
The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. An investigation into the history of these communities shows their apparent...
Who’s Behind the “Reopen” Domain Surge?
The past few weeks have seen a large number of new domain registrations beginning with the word "reopen" and ending with U.S. city or state names. The largest number of them were created just hours after President Trump sent a series of all-caps tweets urging citizens to "liberate" themselves fro...
Microsoft Buys Corp.com So Bad Guys Can’t
In February, KrebsOnSecurity told the story of a private citizen auctioning off the dangerous domain corp.com for the starting price of $1.7 million. Domain experts called corp.com dangerous because years of testing showed whoever wields it would have access to an unending stream of passwords,...
Feds Allege Adconion Employees Hijacked IP Addresses for Spamming
Federal prosecutors in California have filed criminal charges against four employees of Adconion Direct, an email advertising firm, alleging they unlawfully hijacked vast swaths of Internet addresses and used them in large-scale spam campaigns. KrebsOnSecurity has learned that the charges are...
Feds Charge Three in Mass Seizure of Attack-for-hire Services
Authorities in the United States this week brought criminal hacking charges against three men as part of an unprecedented, international takedown targeting 15 different "booter" or "stresser" sites -- attack-for-hire services that helped paying customers launch tens of thousands of digital sieges...
Patch Tuesday, August 2018 Edition
Adobe and Microsoft each released security updates for their software on Tuesday. Adobe plugged five security holes in its Flash Player browser plugin. Microsoft pushed 17 updates to fix at least 60 vulnerabilities in Windows and other software, including two "zero-day" flaws that attackers were...
Registered at SSA.GOV? Good for You, But Keep Your Guard Up
KrebsOnSecurity has long warned readers to plant your own flag at the my Social Security online portal of the U.S. Social Security Administration SSA -- even if you are not yet drawing benefits from the agency -- because identity thieves have been registering accounts in peoples' names and...
Dell Lost Control of Key Customer Support Domain for a Month in 2017
A Web site set up by PC maker Dell Inc. to help customers recover from malicious software and other computer maladies may have been hijacked for a few weeks this summer by people who specialize in deploying said malware, KrebsOnSecurity has learned. There is a program installed on virtually all...
Why It’s Still A Bad Idea to Post or Trash Your Airline Boarding Pass
An October 2015 piece published here about the potential dangers of tossing out or posting online your airline boarding pass remains one of the most-read stories on this site. One reason may be that the advice remains timely and relevant: A talk recently given at a Czech security conference...
Microsoft Patch Tuesday, July 2022 Edition
Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft warns is actively being exploited. The software giant also has made a controversial decision t...
A Breach, or Just a Forced Password Reset?
Software giant Citrix Systems recently forced a password reset for many users of its Sharefile content collaboration service, warning it would be doing this on a regular basis in response to password-guessing attacks that target people who re-use passwords across multiple Web sites. Many Sharefil...
Who Is Agent Tesla?
A powerful, easy-to-use password stealing program known as Agent Tesla has been infecting computers since 2014, but recently this malware strain has seen a surge in popularity -- attracting more than 6,300 customers who pay subscription fees to license the software. Although Agent Tesla includes ...
Patch Tuesday, October 2018 Edition
Microsoft this week released software updates to fix roughly 50 security problems with various versions of its Windows operating system and related software, including one flaw that is already being exploited and another for which exploit code is publicly available. The zero-day bug --...
Microsoft Patch Tuesday, July 2024 Edition
Microsoft Corp. today issued software updates to plug at least 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users. The first Microsoft zero-day thi...
Microsoft (& Apple) Patch Tuesday, April 2023 Edition
Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day...
Microsoft Patch Tuesday, March 2023 Edition
Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction. The...
Microsoft Patch Tuesday, February 2023 Edition
Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This years special Valentines Day Patch Tuesday includes fixes for a whopping three different "zero-day" vulnerabilities that ar...
Ukraine Nabs Suspect in 773M Password ‘Megabreach’
In January 2019, dozens of media outlets raised the alarm about a new "megabreach" involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled "the largest collection of stolen data in history." A subsequent review by KrebsOnSecurity quickly determined t...
Avast, NordVPN Breaches Tied to Phantom User Accounts
Antivirus and security giant Avast and virtual private networking VPN software provider NordVPN each today disclosed months-long network intrusions that -- while otherwise unrelated -- shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with...
Courts Hand Down Hard Jail Time for DDoS
Seldom do people responsible for launching crippling cyberattacks face justice, but increasingly courts around the world are making examples of the few who do get busted for such crimes. On Friday, a 34-year-old Connecticut man received a whopping 10-year prison sentence for carrying out...
Chase ‘Glitch’ Exposed Customer Accounts
Multiple Chase.com customers have reported logging in to their bank accounts, only to be presented with another customer's bank account details. Chase has acknowledged the incident, saying it was caused by an internal "glitch" Wednesday evening that did not involve any kind of hacking attempt or...
New KrebsOnSecurity Mobile-Friendly Site
Dear Readers, this has been long overdue, but at last I give you a more responsive, mobile-friendly version of KrebsOnSecurity. We tried to keep the visual changes to a minimum and focus on a simple theme that presents information in a straightforward, easy-to-read format. Please bear with us ove...
Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts
Facebook, Instagram, TikTok, and Twitter this week all took steps to crack down on users involved in trafficking hijacked user accounts across their platforms. The coordinated action seized hundreds of accounts the companies say have played a major role in facilitating the trade and often lucrati...
‘Wormable’ Flaw Leads July Microsoft Patches
Microsoft today released updates to plug a whopping 123 security holes in Windows and related software, including fixes for a critical, "wormable" flaw in Windows Server versions that Microsoft says is likely to be exploited soon. While this particular weakness mainly affects enterprises, July's...
Riding the State Unemployment Fraud ‘Wave’
When a reliable method of scamming money out of people, companies or governments becomes widely known, underground forums and chat networks tend to light up with activity as more fraudsters pile on to claim their share. And that's exactly what appears to be going on right now as multiple U.S...
Cryptic Rumblings Ahead of First 2020 Patch Tuesday
Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to...
“FudCo” Spam Empire Tied to Pakistani Software Firm
In May 2015, KrebsOnSecurity briefly profiled "The Manipulaters," the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. Six years later, a review of the social media...
The Case for Limiting Your Browser Extensions
Last week, KrebsOnSecurity reported to health insurance provider Blue Shield of California that its Web site was flagged by multiple security products as serving malicious content. Blue Shield quickly removed the unauthorized code. An investigation determined it was injected by a browser extensio...
Should Failing Phish Tests Be a Fireable Offense?
Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? Recently, I met someone at a conference who said his employer had in fact terminated employees for such repeated...
Feds Target $100M ‘GozNym’ Cybercrime Network
Law enforcement agencies in the United States and Europe today unsealed charges against 11 alleged members of the GozNym malware network, an international cybercriminal syndicate suspected of stealing $100 million from more than 41,000 victims with the help of a stealthy banking trojan by the sam...
A Tough Week for IP Address Scammers
In the early days of the Internet, there was a period when Internet Protocol version 4 IPv4 addresses e.g. 4.4.4.4 were given out like cotton candy to anyone who asked. But these days companies are queuing up to obtain new IP space from the various regional registries that periodically dole out t...