Lucene search
K
KrebsMost viewed

1092 matches found

Krebs on Security
Krebs on Security
added 2023/08/09 2:22 a.m.51 views

Microsoft Patch Tuesday, August 2023 Edition

Microsoft Corp. today issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including multiple zero-day vulnerabilities currently being exploited in the wild. Six of the flaws fixed today earned Microsofts "critical" rating, meaning...

7.5CVSS8.4AI score0.99083EPSS
Exploits3
Krebs on Security
Krebs on Security
added 2023/01/10 10:28 p.m.51 views

Microsoft Patch Tuesday, January 2023 Edition

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. National Security Agency, and a critical...

0.5AI score0.41538EPSS
Exploits0
Krebs on Security
Krebs on Security
added 2021/05/28 2:47 p.m.51 views

Boss of ATM Skimming Syndicate Arrested in Mexico

Florian "The Shark" Tudor, the alleged ringleader of a prolific ATM skimming gang that siphoned hundreds of millions of dollars from bank accounts of tourists visiting Mexico over the last eight years, was arrested in Mexico City on Thursday in response to an extradition warrant from a Romanian...

7.2AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/02/09 3:16 a.m.51 views

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin, a software package used to administer whats being called "one of the worlds largest phishing services." The operation was carried out in coordination with the FBI and authorities in...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/01/21 3:48 p.m.51 views

DDoS-Guard To Forfeit Internet Space Occupied by Parler

Parler, the beleaguered social network advertised as a "free speech" alternative to Facebook and Twitter, has had a tough month. Apple and Google removed the Parler app from their stores, and Amazon blocked the platform from using its hosting services. Parler has since found a home in DDoS-Guard,...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/12/14 4:26 p.m.51 views

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the companys...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/03/23 8:17 p.m.51 views

Who’s Behind the ‘Web Listings’ Mail Scam?

In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for search engine optimization SEO services rendered on behalf of their domain names. The story concluded...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2019/10/25 12:50 a.m.51 views

Cachet Financial Reeling from MyPayrollHR Fraud

When New York-based cloud payroll provider MyPayrollHR unexpectedly shuttered its doors last month and disappeared with $26 million worth of customer payroll deposits, its payment processor Cachet Financial Services ended up funding the bank accounts of MyPayrollHR client company employees anyway...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2017/10/12 5:44 p.m.51 views

Hyatt Hotels Suffers 2nd Card Breach in 2 Years

Hyatt Corp. is alerting customers about another credit card breach at some hotels, the second major incident with the hospitality chain in as many years. Hyatt said its cyber security team discovered signs of unauthorized access to payment card information from cards manually entered or swiped at...

7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2023/06/08 8:17 p.m.50 views

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

Its not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware -- as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda...

7.5CVSS9.1AI score0.86956EPSS
Exploits3
Krebs on Security
Krebs on Security
added 2023/03/07 11:19 p.m.50 views

Sued by Meta, Freenom Halts Domain Registrations

The domain name registrar Freenom, whose free domain names have long been a draw for spammers and phishers, has stopped allowing new domain name registrations. The move comes after the Dutch registrar was sued by Meta, which alleges the company ignores abuse complaints about phishing websites whi...

1.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2023/02/24 7:51 p.m.50 views

Who’s Behind the Botnet-Based Service BHProxies?

A security firm has discovered that a six-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies, which offers paying customers the ability to route their web traffic anonymously through compromised computers. Heres a closer look at Mylobot, an...

7.5AI score
Exploits0
Krebs on Security
Krebs on Security
added 2019/12/17 7:9 p.m.50 views

Nuclear Bot Author Arrested in Sextortion Case

Last summer, a wave of sextortion emails began flooding inboxes around the world. The spammers behind this scheme claimed they'd hacked your computer and recorded videos of you watching porn, and promised to release the embarrassing footage to all your contacts unless a bitcoin demand was paid...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2019/10/22 7:4 p.m.50 views

Ransomware Hits B2B Payments Firm Billtrust

Business-to-business payments provider Billtrust is still recovering from a ransomware attack that began last week. The company said it is in the final stages of bringing all of its systems back online from backups. With more than 550 employees, Lawrence Township, N.J.-based Billtrust is a...

7.2AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/08/29 10:59 p.m.50 views

Instagram’s New Security Tools are a Welcome Step, But Not Enough

Instagram users should soon have more secure options for protecting their accounts against Internet bad guys. On Tuesday, the Facebook-owned social network said it is in the process of rolling out support for third-party authentication apps. Unfortunately, this welcome new security offering does...

7.4AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/03/11 6:51 p.m.50 views

Checked Your Credit Since the Equifax Hack?

A recent consumer survey suggests that half of all Americans still haven't checked their credit report since the Equifax breach last year exposed the Social Security numbers, dates of birth, addresses and other personal information on nearly 150 million people. If you're in that fifty percent,...

6.7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2017/10/23 7:42 p.m.50 views

Reaper: Calm Before the IoT Security Storm?

It's been just over a year since the world witnessed some of the world's top online Web sites being taken down for much of the day by "Mirai," a zombie malware strain that enslaved "Internet of Things" IoT devices such as wireless routers, security cameras and digital video recorders for use in...

7.5AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/09/10 9:46 p.m.49 views

Bug Left Some Windows PCs Dangerously Unpatched

Microsoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software, including multiple flaws that are already showing up in active attacks. Microsoft also corrected a critical bug that has caused some Windows 10 PCs to remain...

9.8CVSS8.4AI score0.12132EPSS
Exploits3
Krebs on Security
Krebs on Security
added 2023/03/22 11:11 p.m.49 views

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the software. The move comes just weeks after Chinese security researchers published an analysis suggesting the popular e-commerce app sought to seize total control over affected...

7.9AI score0.01445EPSS
Exploits0
Krebs on Security
Krebs on Security
added 2021/08/05 11:38 a.m.49 views

Ransomware Gangs and the Name Game Distraction

Its nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. We hang on to these occasional victories because history tells us that most ransomware moneymaking collectives dont go away so much as reinvent themselves under a new name, wit...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/05/08 12:19 p.m.49 views

Meant to Combat ID Theft, Unemployment Benefits Letter Prompts ID Theft Worries

Millions of Americans now filing for unemployment will receive benefits via a prepaid card issued by U.S. Bank, a Minnesota-based financial institution that handles unemployment payments for more than a dozen U.S. states. Some of these unemployment applications will trigger an automatic letter fr...

6.7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2019/11/07 7:48 p.m.49 views

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a large...

7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2019/04/04 10:44 p.m.49 views

Alleged Chief of Romanian ATM Skimming Gang Arrested in Mexico

An alleged top boss of a Romanian crime syndicate that U.S. authorities say is responsible for deploying card-skimming devices at Automated Teller Machines ATMs throughout North America was arrested in Mexico last week on firearms charges. The arrest comes months after the accused allegedly order...

7.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2019/02/12 1:33 p.m.49 views

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Email provider VFEmail has suffered what the company is calling "catastrophic destruction" at the hands of an as-yet unknown intruder who trashed all of the company's primary and backup data in the United States. The firm's founder says he now fears some 18 years' worth of customer email may be...

6.5AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/07/23 11:34 a.m.49 views

Google: Security Keys Neutralized Employee Phishing

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity. A YubiKey Security Key made by...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/02/26 7:28 p.m.49 views

USPS Finally Starts Notifying You by Mail If Someone is Scanning Your Snail Mail Online

In October 2017, KrebsOnSecurity warned that ne'er-do-wells could take advantage of a relatively new service offered by the U.S. Postal Service that provides scanned images of all incoming mail before it is slated to arrive at its destination address. We advised that stalkers or scammers could...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2017/08/02 4:17 p.m.49 views

Flash Player is Dead, Long Live Flash Player!

Adobe last week detailed plans to retire its Flash Player software, a cross-platform browser plugin so powerful and so packed with security holes that it has become the favorite target of malware developers. To help eradicate this ubiquitous liability, Adobe is enlisting the help of Apple,...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/05/17 2:14 p.m.48 views

Try This One Weird Trick Russian Hackers Hate

In a Twitter discussion last week on ransomware attacks, KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to cover the backsides of the malware purveyors: They simply will not install on a Microsoft Windows computer that already has one of many types o...

6.7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/05/14 3:44 p.m.48 views

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The crime gang announced it was closing up shop after its servers were seized and someone drained th...

6.5AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/03/04 3:1 p.m.48 views

Three Top Russian Cybercrime Forums Hacked

Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. In two of the intrusions, the attackers made off with the forums user databases, including email and Internet addresses and...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/02/19 4:25 p.m.48 views

Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

The leader of Mexicos Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexicos top tourist destinations over the past five years. The scandal is the latest fallo...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/02/01 3:21 p.m.48 views

U.K. Arrest in ‘SMS Bandits’ Phishing Service

Authorities in the United Kingdom have arrested a 20-year-old man for allegedly operating an online service for sending high-volume phishing campaigns via mobile text messages. The service, marketed in the underground under the name "SMS Bandits," has been responsible for blasting out huge volume...

7.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/10/08 7:42 p.m.48 views

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Theres an old adage in information security: "Every company gets penetration tested, whether or not they pay someone for the pleasure." Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/05/26 9:45 p.m.48 views

Report: ATM Skimmer Gang Had Protection from Mexican Attorney General’s Office

A group of Romanians operating an ATM company in Mexico and suspected of bribing technicians to install sophisticated Bluetooth-based skimmers in cash machines throughout several top Mexican tourist destinations have enjoyed legal protection from a top anti-corruption official in the Mexican...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2019/12/17 2:21 a.m.48 views

Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up

As if the scourge of ransomware wasn't bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. To make matters worse, one ransomware gang has now created a public Web site identifying recent victim...

6.6AI score
Exploits0
Krebs on Security
Krebs on Security
added 2019/07/25 5:1 p.m.48 views

The Unsexy Threat to Election Security

Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. But according to a report quietly issued by a California grand jury this week, more attention needs to be paid to securing social media and email accounts...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/04/09 4:31 a.m.48 views

Don’t Give Away Historic Details About Yourself

Social media sites are littered with seemingly innocuous little quizzes, games and surveys urging people to reminisce about specific topics, such as "What was your first job," or "What was your first car?" The problem with participating in these informal surveys is that in doing so you may be...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2017/08/31 3:59 a.m.48 views

Twitter Bots Use Likes, RTs for Intimidation

I awoke this morning to find my account on Twitter @briankrebs had attracted almost 12,000 new followers overnight. Then I noticed I'd gained almost as many followers as the number of re-tweets RTs earned for a tweet I published on Tuesday. The tweet stated how every time I tweet something relate...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2017/07/05 11:25 a.m.48 views

Who is the GovRAT Author and Mirai Botmaster ‘Bestbuy’?

In February 2017, authorities in the United Kingdom arrested a 29-year-old U.K. man on suspicion of knocking more than 900,000 Germans offline in an attack tied to Mirai, a malware strain that enslaves Internet of Things IoT devices like security cameras and Internet routers for use in large-scal...

7.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/01/08 5:57 p.m.47 views

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. All four pleaded guilty to conspiracy and racketeering charges. But there is a...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/08/09 3:21 p.m.47 views

Phishing Sites Targeting Scammers and Thieves

I was preparing to knock off work for the week on a recent Friday evening when a curious and annoying email came in via the contact form on this site: "Hello I go by the username Nuclear27 on your site Briansclub.com," wrote "Mitch," confusing me with the proprietor of perhaps the undergrounds...

6.7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/04/24 4:45 p.m.47 views

Unproven Coronavirus Therapy Proves Cash Cow for Shadow Pharmacies

Many of the same shadowy organizations that pay people to promote male erectile dysfunction drugs via spam and hacked websites recently have enjoyed a surge in demand for medicines used to fight malaria, lupus and arthritis, thanks largely to unfounded suggestions that these therapies can help...

7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/04/11 6:11 p.m.47 views

When Identity Thieves Hack Your Accountant

The Internal Revenue Service has been urging tax preparation firms to step up their cybersecurity efforts this year, warning that identity thieves and hackers increasingly are targeting certified public accountants CPAs in a bid to siphon oodles of sensitive personal and financial data on...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2017/08/09 3:43 p.m.47 views

Alleged vDOS Operators Arrested, Charged

Two young Israeli men alleged by this author to have co-founded vDOS -- until recently the largest and most profitable cyber attack-for-hire service online -- were arrested and formally indicted this week in Israel on conspiracy and hacking charges. On Sept. 8, 2016, KrebsOnSecurity published a...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2017/05/13 1:0 p.m.47 views

Microsoft Issues WanaCrypt Patch for Windows 8, XP

Microsoft Corp. today took the unusual step of issuing security updates to address flaws in older, unsupported versions of Windows -- including Windows XP and Windows 8. The move is a bid to slow the spread of the WanaCrypt ransomware strain that infected tens of thousands of Windows computers...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/04/09 8:28 p.m.46 views

April’s Patch Tuesday Brings Record Number of Fixes

If only Patch Tuesdays came around infrequently -- like total solar eclipse rare -- instead of just creeping up on us each month like The Man in the Moon. Although to be fair, it would be tough for Microsoft to eclipse the number of vulnerabilities fixed in this months patch batch -- a record 147...

6.8CVSS8AI score0.95443EPSS
Exploits2
Krebs on Security
Krebs on Security
added 2023/07/03 2:56 p.m.46 views

Who’s Behind the DomainNetworks Snail Mail Scam?

If youve ever owned a domain name, the chances are good that at some point youve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, dont...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/12/03 9:53 p.m.46 views

Who Is the Network Access Broker ‘Babam’?

Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials -- such as usernames and passwords needed to remotely connect to the...

7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/11/22 9:57 p.m.46 views

Arrest in ‘Ransom Your Employer’ Email Scheme

In August, KrebsOnSecurity warned that scammers were contacting people and asking them to unleash ransomware inside their employers network, in exchange for a percentage of any ransom amount paid by the victim company. This week, authorities in Nigeria arrested a suspect in connection with the...

7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/10/04 7:5 p.m.46 views

What Happened to Facebook, Instagram, & WhatsApp?

Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages. We dont yet know why this happened, but the how is clear: Earlier this morning, something inside Facebook caused the company to revoke key digital records that tell computers and other...

6.7AI score
Exploits0
Total number of security vulnerabilities1092