How 1-Time Passcodes Became a Corporate Liability

Credit to Author: BrianKrebs| Date: Tue, 30 Aug 2022 14:53:39 +0000

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices.

Read more

When Efforts to Contain a Data Breach Backfire

Credit to Author: BrianKrebs| Date: Tue, 16 Aug 2022 17:06:00 +0000

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico’s second-largest bank was fake news and harming the bank’s reputation. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download.

Read more

‘Petya’ Ransomware Outbreak Goes Global

Credit to Author: BrianKrebs| Date: Tue, 27 Jun 2017 20:18:43 +0000

A new strain of ransomware dubbed “Petya” is worming its way around the world with alarming speed. The malware appears to be spreading using a vulnerability in Microsoft Windows that the software giant patched in March 2017 — the same bug that was exploited by the recent and prolific WannaCry ransomware strain.

Read more