GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Credit to Author: BrianKrebs| Date: Sat, 21 Nov 2020 18:15:49 +0000

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar, KrebsOnSecurity has learned.

Read more

Convicted SIM Swapper Gets 3 Years in Jail

Credit to Author: BrianKrebs| Date: Fri, 20 Nov 2020 15:05:15 +0000

A 21-year-old Irishman who pleaded guilty to charges of helping to steal millions of dollars in cryptocurrencies from victims has been sentenced to just under three years in prison. The defendant is part of an alleged conspiracy involving at least eight others in the United States who stand accused of theft via SIM swapping, a […]

Read more

Trump Fires Security Chief Christopher Krebs

Credit to Author: BrianKrebs| Date: Wed, 18 Nov 2020 16:02:32 +0000

President Trump on Tuesday fired his top election security official Christopher Krebs (no relation). The dismissal came via Twitter two weeks to the day after Trump lost an election he baselessly claims was stolen by widespread voting fraud.

Read more

Be Very Sparing in Allowing Site Notifications

Credit to Author: BrianKrebs| Date: Tue, 17 Nov 2020 14:13:29 +0000

An increasing number of websites are asking visitors to approve “notifications,” browser modifications that periodically display messages on the user’s mobile or desktop device. In many cases these notifications are benign, but several dodgy firms are paying site owners to install their notification scripts and then selling that communications pathway to scammers and online hucksters.

Read more

Patch Tuesday, November 2020 Edition

Credit to Author: BrianKrebs| Date: Wed, 11 Nov 2020 01:56:41 +0000

Adobe and Microsoft each issued a bevy of updates today to plug critical security holes in their software. Microsoft’s release includes fixes for 112 separate flaws, including one zero-day vulnerability that is already being exploited to attack Windows users. Microsoft also is taking flak for changing its security advisories and limiting the amount of information disclosed about each bug.

Read more

Ransomware Group Turns to Facebook Ads

Credit to Author: BrianKrebs| Date: Tue, 10 Nov 2020 17:09:59 +0000

It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.

Read more

Body Found in Canada Identified as Neo-Nazi Spam King

Credit to Author: BrianKrebs| Date: Mon, 09 Nov 2020 04:58:19 +0000

The body of a man found shot inside a burned out vehicle in Canada three years ago has been identified as that of Davis Wolfgang Hawke, a prolific spammer and neo-Nazi who led a failed anti-government march on Washington, D.C. in 1999, according to news reports.

Read more

Why Paying to Delete Stolen Data is Bonkers

Credit to Author: BrianKrebs| Date: Wed, 04 Nov 2020 19:32:40 +0000

Companies hit by ransomware often face a dual threat: Even if they avoid paying the ransom and can restore things from scratch, about half the time the attackers also threaten to release sensitive stolen data unless the victim pays for a promise to have the data deleted. Leaving aside the notion that victims might have any real expectation the attackers will actually destroy the stolen data, new research suggests a fair number of victims who do pay up may see some or all of the stolen data published anyway.

Read more