Krebs – Page 53 – Computer Security Articles

Credit to Author: BrianKrebs| Date: Mon, 02 Sep 2019 20:52:00 +0000

Federal prosecutors in California have filed criminal charges against four employees of Adconion Direct, an email advertising firm, alleging they unlawfully hijacked vast swaths of Internet addresses and used them in large-scale spam campaigns. KrebsOnSecurity has learned that the charges are likely just the opening salvo in a much larger, ongoing federal investigation into the company’s commercial email practices.

Independent Krebs

August 30, 2019 admin

Phishers are Angling for Your Cloud Providers

Credit to Author: BrianKrebs| Date: Fri, 30 Aug 2019 16:21:59 +0000

Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers. Here’s a look at a recent CRM-based phishing campaign that targeted customers of Fortune 500 construction equipment vendor United Rentals.

Independent Krebs

August 29, 2019 admin

Ransomware Bites Dental Data Backup Firm

Credit to Author: BrianKrebs| Date: Thu, 29 Aug 2019 17:59:11 +0000

PerCSoft, a Wisconsin-based company that manages a remote data backup service relied upon by hundreds of dental offices across the country, is struggling to restore access to client systems after falling victim to a ransomware attack.

Independent Krebs

August 27, 2019 admin

Cybersecurity Firm Imperva Discloses Breach

Credit to Author: BrianKrebs| Date: Tue, 27 Aug 2019 16:52:58 +0000

Imperva, a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users. Redwood Shores, Calif.-based Imperva sells firewall technology designed to detect and block various types of malicious Web traffic, from denial-of-service attacks to digital probes aimed at undermining the security of Web-based software applications.

Independent Krebs

August 22, 2019 admin

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

Credit to Author: BrianKrebs| Date: Thu, 22 Aug 2019 21:38:47 +0000

On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states. Multiple sources now tell KrebsOnSecurity that the card data came from compromised gas pumps, coffee shops and restaurants operated by Hy-Vee, an Iowa-based company that operates a chain of more than 245 supermarkets throughout the Midwestern United States.

Independent Krebs

August 21, 2019 admin

Forced Password Reset? Check Your Assumptions

Credit to Author: BrianKrebs| Date: Wed, 21 Aug 2019 11:58:53 +0000

Almost weekly now I hear from an indignant reader who suspects a data breach at a Web site they frequent that has just asked the reader to reset their password. Further investigation almost invariably reveals that the password reset demand was not the result of a breach but rather the site’s efforts to identify customers who are reusing passwords from other sites that have already been hacked. But ironically, many companies taking these proactive steps soon discover that their explanation as to why they’re doing it can get misinterpreted as more evidence of lax security. This post attempts to unravel what’s going on here.

Independent Krebs

August 19, 2019 admin

The Rise of “Bulletproof” Residential Networks

Credit to Author: BrianKrebs| Date: Mon, 19 Aug 2019 13:03:32 +0000

Cybercrooks increasingly are anonymizing their malicious traffic by routing it through residential broadband and wireless data connections. Most often, those connections are hacked computers, mobile phones, or home routers. But this is the story of a sprawling “bulletproof residential VPN” service that appears to have been built by acquiring chunks of Internet addresses from some the largest ISPs and mobile data providers in the United States and abroad.

Independent Krebs

August 14, 2019 admin

Meet Bluetana, the Scourge of Pump Skimmers

Credit to Author: BrianKrebs| Date: Wed, 14 Aug 2019 12:25:32 +0000

“Bluetana,” a new mobile app that looks for Bluetooth-based payment card skimmers hidden inside gas pumps, is helping police and state employees more rapidly and accurately locate compromised fuel stations across the nation, a study released this week suggests. Data collected in the course of the investigation also reveals some fascinating details that may help explain why these pump skimmers are so lucrative and ubiquitous.