Kroll Employee SIM-Swapped for Crypto Investor Data

Credit to Author: BrianKrebs| Date: Fri, 25 Aug 2023 18:05:10 +0000

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. Cryptocurrency lender BlockFi and the now-collapsed crypto trading platform FTX each disclosed data breaches this week thanks to a recent SIM-swapping attack targeting an employee of Kroll — the company handling both firms’ bankruptcy restructuring.

Read more

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Credit to Author: BrianKrebs| Date: Mon, 20 Mar 2023 14:47:56 +0000

A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection. Here’s a primer on why you might want to do that, and how. Certain questions might be coming to mind right now, like “What the heck is CPNI?” And, ‘If it’s so ‘customer proprietary,’ why is AT&T sharing it with marketers?” Also maybe, “What can I do about it?” Read on for answers to all three questions.

Read more

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Credit to Author: BrianKrebs| Date: Tue, 28 Feb 2023 16:14:57 +0000

Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

Read more

A week in security (January 23—29)

Categories: News

Tags: T-Mobile

Tags: ransomware

Tags: Microsoft

Tags: TikTok

Tags: privacy

Tags: Data Privacy Day 2023

Tags: Data Privacy Week 2023

Tags: Malwarebytes 2023 State of Mobile Cybersecurity

Tags: Riot Games

Tags: VASTFLUX

Tags: Grand Theft Auto 5

Tags: iPhone

Tags: vRealize

Tags: video game fish

Tags: credit cart theft

Tags: DuoLingo

Tags: K-12

Tags: Vice Society

Tags: Hive ransomware

The most interesting security related news from the week of January 23-19.

(Read more…)

The post A week in security (January 23—29) appeared first on Malwarebytes Labs.

Read more

How 1-Time Passcodes Became a Corporate Liability

Credit to Author: BrianKrebs| Date: Tue, 30 Aug 2022 14:53:39 +0000

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices.

Read more