‘War Dialing’ Tool Exposes Zoom’s Password Problems

Credit to Author: BrianKrebs| Date: Thu, 02 Apr 2020 14:43:04 +0000

As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom. But without the protection of a password, there’s a decent chance your next Zoom meeting could be “Zoom bombed” — attended or disrupted by someone who doesn’t belong. And according to data gathered by a new automated Zoom meeting discovery tool dubbed “zWarDial,” a crazy number major corporations are setting up meetings without passwords enabled.

Read more

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Credit to Author: BrianKrebs| Date: Wed, 01 Apr 2020 03:30:46 +0000

A spear-phishing attack this week hooked a customer service employee at GoDaddy.com, the world’s largest domain name registrar, KrebsOnSecurity has learned. The incident gave the phisher the ability to view and modify key customer records, access that was used to briefly hijack domains for a half-dozen GoDaddy customers, including transaction brokering site escrow.com.

Read more

Annual Protest to ‘Fight Krebs’ Raises €150K+

Credit to Author: BrianKrebs| Date: Mon, 30 Mar 2020 17:42:52 +0000

In 2018, KrebsOnSecurity unmasked the creators of Coinhive — a now-defunct cryptocurrency mining service that was being massively abused by cybercriminals — as the administrators of a popular German language image-hosting forum. In protest of that story, forum members donated hundreds of thousands of euros to nonprofits that combat cancer (Krebs means “cancer” in German). This week, the forum is celebrating its third annual observance of that protest to “fight Krebs,” albeit with a Coronavirus twist.

Read more

Russians Shut Down Huge Card Fraud Ring

Credit to Author: BrianKrebs| Date: Thu, 26 Mar 2020 17:28:07 +0000

Federal investigators in Russia have charged at least 25 people accused of operating a sprawling international credit card theft ring. Cybersecurity experts say the raid included the charging of a major carding kingpin thought to be tied to dozens of carding shops and to some of the bigger data breaches targeting western retailers over the past decade. In a statement released this week, the Russian Federal Security Service (FSB) said 25 individuals were charged with circulating illegal means of payment in connection with some 90 websites that sold stolen credit card data.

Read more

US Government Sites Give Bad Security Advice

Credit to Author: BrianKrebs| Date: Wed, 25 Mar 2020 19:30:12 +0000

Many U.S. government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Unfortunately, part of that message is misleading and may help perpetuate a popular misunderstanding about Web site security and trust that phishers have been exploiting for years now.

Read more

Coronavirus Widens the Money Mule Pool

Credit to Author: BrianKrebs| Date: Tue, 17 Mar 2020 22:11:46 +0000

With many people being laid off or working from home thanks to the Coronavirus pandemic, cybercrooks are almost certain to have more than their usual share of recruitable “money mules” — people who get roped into money laundering schemes under the pretense of a work-at-home job offer. Here’s the story of one upstart mule factory that spoofs a major nonprofit and tells new employees they’ll be collecting and transmitting donations for an international “Coronavirus Relief Fund.”

Read more

Crafty Web Skimming Domain Spoofs “https”

Credit to Author: BrianKrebs| Date: Thu, 12 Mar 2020 00:28:57 +0000

Earlier today, KrebsOnSecurity alerted the 10th largest food distributor in the United States that one of its Web sites had been hacked and retrofitted with code that steals credit card and login data. While such Web site card skimming attacks are not new, this intrusion leveraged a sneaky new domain that hides quite easily in a hacked site’s source code: “http[.]ps” (the actual malicious domain does not include the brackets, which are there to keep readers from being able to click on it).

Read more

Hackers Were Inside Citrix for Five Months

Credit to Author: BrianKrebs| Date: Wed, 19 Feb 2020 15:55:04 +0000

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords.

Read more