A week in security (February 4 – 8)

Credit to Author: Malwarebytes Labs| Date: Mon, 11 Feb 2019 17:05:33 +0000

A roundup of security news from February 4 – 8, including Facebook’s secure messaging integration, Google’s changes to URLs, a scam involving the Kindle store and John Wick, and more.

Categories:

Tags:

(Read more…)

The post A week in security (February 4 – 8) appeared first on Malwarebytes Labs.

Read more

“Stole $24 Million But Still Can’t Keep a Friend”

Credit to Author: BrianKrebs| Date: Wed, 16 Jan 2019 00:52:34 +0000

Unsettling new claims have emerged about Nicholas Truglia, a 21-year-old Manhattan resident accused of hijacking cell phone accounts to steal tens of millions of dollars in cryptocurrencies from victims. The lurid details, made public in a civil lawsuit filed this week by one of his alleged victims, paints a chilling picture of a man addicted to thievery and all its trappings. The documents suggest that Truglia stole from his father and even a dead man — all the while lamenting that his fabulous new wealth brought him nothing but misery.

Read more

U.S. Mobile Giants Want to be Your Online Identity

Credit to Author: BrianKrebs| Date: Wed, 12 Sep 2018 20:58:31 +0000

The four major U.S. wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, such as location, customer reputation, and physical attributes of the device. Here’s a look at what’s coming, and the potential security and privacy trade-offs of trusting the carriers to handle online authentication on your behalf.

Read more

Alleged SIM Swapper Arrested in California

Credit to Author: BrianKrebs| Date: Wed, 22 Aug 2018 16:58:17 +0000

Authorities in Santa Clara, Calif. have arrested and charged a 19-year-old area man on suspicion hijacking mobile phone numbers as part of a scheme to steal large sums of bitcoin and other cryptocurrencies. The arrest is the third known law enforcement action this month targeting “SIM swappers,” individuals who specialize in stealing wireless phone numbers and hijacking online financial and social media accounts tied to those numbers.

Read more

Hanging Up on Mobile in the Name of Security

Credit to Author: BrianKrebs| Date: Thu, 16 Aug 2018 17:01:36 +0000

An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies. Increasingly frequent, high-profile attacks like these are prompting some experts to say the surest way to safeguard one’s online accounts may be to disconnect them from the mobile providers entirely.

Read more

Florida Man Arrested in SIM Swap Conspiracy

Credit to Author: BrianKrebs| Date: Tue, 07 Aug 2018 19:27:23 +0000

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims. On July 18, 2018, Pasco County authorities arrested Ricky Joseph Handschumacher, an employee of the city of Port Richey, Fla, charging him with grand theft and money laundering. Investigators allege Handschumacher was part of a group of at least nine individuals scattered across multiple states who for the past two years have drained bank accounts via an increasingly common scheme involving mobile phone “SIM swaps.”

Read more

Supreme Court: Police Need Warrant for Mobile Location Data

Credit to Author: BrianKrebs| Date: Fri, 22 Jun 2018 20:30:13 +0000

The U.S. Supreme Court today ruled that the government needs to obtain a court-ordered warrant to gather location data on mobile device users. The decision is a major development for privacy rights, but experts say it may have limited bearing on the selling of real-time customer location data by the wireless carriers to third-party companies.

Read more

AT&T, Sprint, Verizon to Stop Sharing Customer Location Data With Third Parties

Credit to Author: BrianKrebs| Date: Tue, 19 Jun 2018 18:03:44 +0000

In the wake of a scandal involving third-party companies leaking or selling precise, real-time location data on virtually all Americans who own a mobile phone, the four major wireless carriers have responded to requests from a U.S. senator for more details about how the carriers are managing access to this extremely sensitive information. While three out of four providers said they had cancelled data sharing agreements with some of the offending companies, only one — Verizon — pledged to terminate all of them and initiate a wholesale review of their location data-sharing practices.

Read more

Verizon to Stop Sharing Customer Location Data With Third Parties

Credit to Author: BrianKrebs| Date: Tue, 19 Jun 2018 18:03:44 +0000

In the wake of a scandal involving third-party companies leaking or selling precise, real-time location data on virtually all Americans who own a mobile phone, the four major wireless carriers have responded to requests from a U.S. senator for more details about how the carriers are managing access to this extremely sensitive information. While three out of four providers said they had cancelled data sharing agreements with some of the offending companies, only one — Verizon — pledged to terminate all of them and initiate a wholesale review of their location data-sharing practices.

Read more

Why Is Your Location Data No Longer Private?

Credit to Author: BrianKrebs| Date: Sat, 26 May 2018 16:18:48 +0000

The past month has seen one blockbuster revelation after another about how our mobile phone and broadband providers have been leaking highly sensitive customer information, including real-time location data and customer account details. In the wake of these consumer privacy debacles, many are left wondering who’s responsible for policing these industries? How exactly did we get to this point? What prospects are there for changes to address this national privacy crisis at the legislative and regulatory levels? These are some of the questions we’ll explore in this article.

Read more

Mobile Giants: Please Don’t Share the Where

Credit to Author: BrianKrebs| Date: Tue, 22 May 2018 16:05:50 +0000

Your mobile phone is giving away your approximate location all day long. This isn’t exactly a secret: It has to share this data with your mobile provider constantly to provide better call quality and to route any emergency 911 calls straight to your location. But now, the major mobile providers in the United States — AT&T, Sprint, T-Mobile and Verizon — are selling this location information to third party companies — in real time — without your consent or a court order, and with apparently zero accountability for how this data will be used, stored, shared or protected. It may be tough to put a price on one’s location privacy, but here’s something of which you can be sure: The mobile carriers are selling data about where you are at any time, without your consent, to third-parties for probably far less than you might be willing to pay to secure it.

Read more