Marcus Hutchins, the “accidental hero” who helped arrest the spread of the global WannaCry ransomware outbreak in 2017, will receive no jail time for his admitted role in authoring and selling malware that helped cyberthieves steal online bank account credentials from victims, a federal judge ruled Friday.
Credit to Author: BrianKrebs| Date: Tue, 07 May 2019 19:56:44 +0000
Early in the afternoon on Friday, May, 3, I asked a friend to relay a message to his security contact at CCH, the cloud-based tax division of the global information services firm Wolters Kluwer in the Netherlands. The message was that the same file directories containing new versions of CCH’s software were open and writable by any anonymous user, and that there were suspicious files in those directories indicating some user(s) abused that access. Shortly after that report, the CCH file directory for tax software downloads was taken offline. As of this publication, several readers have reported outages affecting multiple CCH Web sites. These same readers reported being unable to access their clients’ tax data in CCH’s cloud because of the ongoing outages.
Credit to Author: BrianKrebs| Date: Sat, 29 Dec 2018 15:51:25 +0000
Hard to believe we’ve gone another revolution around the Sun: Today marks the 9th anniversary of KrebsOnSecurity.com! This past year featured some 150 blog posts, but as usual the biggest contribution to this site came from the amazing community of readers here who have generously contributed their knowledge, wit and wisdom in more than 10,000 […]
Credit to Author: BrianKrebs| Date: Thu, 01 Mar 2018 19:04:34 +0000
The Financial Services Information Sharing and Analysis Center (FS-ISAC), an industry forum for sharing data about critical cybersecurity threats facing the banking and finance industries, said today that a successful phishing attack on one of its employees was used to launch additional phishing attacks against FS-ISAC members. The fallout from the back-to-back phishing attacks appears to have been limited and contained, as many FS-ISAC members who received the phishing attack quickly detected and reported it as suspicious. But the incident is a good reminder to be on your guard, remember that anyone can get phished, and that most phishing attacks succeed by abusing the sense of trust already established between the sender and recipient.
Credit to Author: BrianKrebs| Date: Fri, 29 Dec 2017 15:29:37 +0000
Eight years ago today I set aside my Washington Post press badge and became an independent here at KrebsOnSecurity.com. What a wild ride it has been. Thank you all, Dear Readers, for sticking with me and for helping to build a terrific community.
Credit to Author: BrianKrebs| Date: Sat, 02 Dec 2017 19:44:21 +0000
A former employee for the National Security Agency pleaded guilty on Friday to taking classified data to his home computer in Maryland. According to published reports, U.S. intelligence officials believe the data was then stolen from his computer by hackers working for the Russian government.
Credit to Author: BrianKrebs| Date: Tue, 28 Nov 2017 22:34:22 +0000
A newly-discovered flaw in macOS High Sierra — Apple’s latest iteration of its operating system — allows anyone with local (and, apparently in some cases, remote) access to the machine to log in as the all-powerful “root” user without supplying a password. Fortunately, there is a simple fix for this until Apple patches this inexplicable bug: Change the root account’s password now.
Credit to Author: BrianKrebs| Date: Mon, 20 Nov 2017 14:25:09 +0000
If you, a friend or loved one lost money in a scam involving Western Union, some or all of those funds may be recoverable thanks to a more than half-billion dollar program set up by the U.S. Federal Trade Commission.