The Coming Storm – Computer Security Articles

Legal Threats Make Powerful Phishing Lures

May 22, 2019 admin 0 Comments Latest Warnings, Target: Small Businesses, The Coming Storm

Credit to Author: BrianKrebs| Date: Wed, 22 May 2019 19:26:04 +0000

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the recipient that he/she is being sued, and instruct them to review the attached file and respond within a few days — or else. Here’s a look at a recent spam campaign that peppered more than 100,000 business email addresses with fake legal threats harboring malware.

Independent Krebs

A Tough Week for IP Address Scammers

May 15, 2019 admin American Registry for Internet Numbers, Amir Golestan, ARIN, John Levine, Micfo, Micfo LLC, Ne'er-Do-Well News, Sherri Lydon, Stephen Ryan, The Coming Storm, The Internet for Dummies

Credit to Author: BrianKrebs| Date: Wed, 15 May 2019 22:09:12 +0000

In the early days of the Internet, there was a period when Internet Protocol 4 (IPv4) addresses (e.g. 4.4.4.4) were given out like cotton candy to anyone who asked. But these days companies are queuing up to obtain new IP space from the various regional registries that periodically dole out the prized digits. With the value of a single IP hovering between $15-$25, those registries are now fighting a wave of shady brokers who specialize in securing new IP address blocks under false pretenses and then reselling to spammers. Here’s the story of one broker who fought back in the courts, and lost spectacularly. On May 14, South Carolina U.S. Attorney Sherri Lydon filed criminal wire fraud charges against Amir Golestan, alleging he and his Charleston, S.C. based company Micfo LLC orchestrated an elaborate network of phony companies and aliases to gather more than 735,000 IPs from the American Registry for Internet Numbers (ARIN), a nonprofit which oversees IP addresses assigned to entities in the U.S., Canada, and parts of the Caribbean.

Independent Krebs

Feds Bust Up Dark Web Hub Wall Street Market

May 3, 2019 admin @feruccifrances, dark web, McGregor W. Scott, MED3LIN, Ne'er-Do-Well News, The Coming Storm, Wall Street Market, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Fri, 03 May 2019 16:48:36 +0000

Federal investigators in the United States, Germany and the Netherlands announced today the arrest and charging of three German nationals and a Brazilian man as the alleged masterminds behind the Wall Street Market (WSM), one of the world’s largest dark web bazaars that allowed vendors to sell illegal drugs, counterfeit goods and malware. Now, at least one former WSM administrator is reportedly trying to extort money from WSM vendors and buyers (supposedly including Yours Truly) — in exchange for not publishing details of the transactions.

Independent Krebs

Credit Union Sues Fintech Giant Fiserv Over Security Claims

May 3, 2019 admin A Little Sunshine, American Banker, Ann Cave, Bessemer System Federal Credit Union, Charles Nerko, fiserv, Paul Schaus, The Coming Storm

Credit to Author: BrianKrebs| Date: Fri, 03 May 2019 14:30:36 +0000

A Pennsylvania credit union is suing financial industry technology giant Fiserv, alleging that “baffling” security vulnerabilities in the company’s software are “wreaking havoc” on its customers. The credit union said the investigation that fueled the lawsuit was prompted by a 2018 KrebsOnSecurity report about a glaring security weakness a Fiserv platform that exposed personal and financial details of customers across hundreds of bank Web sites.

Independent Krebs

Data: E-Retail Hacks More Lucrative Than Ever

April 30, 2019 admin A Little Sunshine, CVVs, data breaches, dumps, Gemini Advisory, Stas Alforov, The Coming Storm, Ticketstorm, Trustwave

Credit to Author: BrianKrebs| Date: Tue, 30 Apr 2019 20:13:03 +0000

For many years and until quite recently, credit card data stolen from online merchants has been worth far less in the cybercrime underground than cards pilfered from hacked brick-and-mortar stores. But new data suggests that over the past year, the economics of supply-and-demand have helped to double the average price fetched by card-not-present data, meaning cybercrooks now have far more incentive than ever to target e-commerce stores.

Independent Krebs

P2P Weakness Exposes Millions of IoT Devices

April 26, 2019 admin HiChip, iLnkP2P, Latest Warnings, P2P, Paul Marrapese, Shenzhen Yunni Technology, The Coming Storm, UDP hole punching, UPnP

Credit to Author: BrianKrebs| Date: Fri, 26 Apr 2019 13:17:14 +0000

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found.

Independent Krebs

Annual Protest Raises $250K to Cure Krebs

March 31, 2019 admin coinhive, pr0gramm, The Coming Storm

Credit to Author: BrianKrebs| Date: Sun, 31 Mar 2019 08:51:02 +0000

For the second year in a row, denizens of a large German-language online forum have donated more than USD $250,000 to cancer research organizations in protest of a story KrebsOnSecurity published in 2018 that unmasked the creators of Coinhive, a now-defunct cryptocurrency mining service that was massively abused by cybercriminals. Krebs is translated as “cancer” in German.

Independent Krebs

Alleged Child Porn Lord Faces US Extradition

March 22, 2019 admin A Little Sunshine, Brooke Donahue, Eric Eoin Marques, FBI, Firefox zero-day, Freedom Hosting, Ne'er-Do-Well News, RTE, The Coming Storm, The Irish Times, Tor, Tor Browser Bundle, Vlad Tsrklevich, wired.com

Credit to Author: BrianKrebs| Date: Fri, 22 Mar 2019 19:32:39 +0000

In 2013, the FBI exploited a zero-day vulnerability in Firefox to seize control over a Dark Web network of child pornography sites. The alleged owner of that ring – 33-year-old Freedom Hosting operator Eric Eoin Marques – was arrested in Ireland later that year on a U.S. warrant and has been in custody ever since. This week, Ireland’s Supreme Court cleared the way for Marques to be extradited to the United States.

Independent Krebs

Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years

March 21, 2019 admin A Little Sunshine, Facebook, plaintext passwords, Scott Renfro, The Coming Storm

Credit to Author: BrianKrebs| Date: Thu, 21 Mar 2019 15:17:55 +0000

Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data.

Independent Krebs

MyEquifax.com Bypasses Credit Freeze PIN

March 8, 2019 admin A Little Sunshine, credit freeze PIN, Experian, freeze PIN bypass, KBA, Latest Warnings, myEquifax.com, Nancy Bistritz-Balkan, Security Tools, The Coming Storm, Trans Union

Credit to Author: BrianKrebs| Date: Fri, 08 Mar 2019 16:12:38 +0000

Most people who have frozen their credit files with Equifax have been issued a numeric Personal Identification Number (PIN) which is supposed to be required before a freeze can be lifted or thawed. Unfortunately, if you don’t already have an account at the credit bureau’s new myEquifax portal, it may be simple for identity thieves to lift an existing credit freeze at Equifax and bypass the PIN armed with little more than your, name, Social Security number and birthday.

Independent Krebs

Hackers Sell Access to Bait-and-Switch Empire

March 4, 2019 admin A Little Sunshine, arrestrecords.us.org, autohistorychecks.com, backgroundchecks.us.org, Breadcrumbs, carhistory.us.org, carhistoryindex.com, carinfo2.com, carrecordusa.com, census.us.org, courtrecords.us.org, criminalrecords.us.org, data breaches, deathcertificates.us.org, deathrecord.com, deathrecords.us.org, dmv.us.org, dmvinfocheck.com, dmvrecords.co, DomainTools.com, homevalue.us.org, intel471.com, jailinmates.us.org, Jason Oster, Jesse Willms, Latest Warnings, memberreportaccess.com, Mike Stef, mugshots.us.org, myfeeplan.com, myinfobill.com, Ne'er-Do-Well News, Penguin Marketing, Peter Graver, phonelookup.us.org, police.us.org, prison.us.org, propertyrecord.com, propertysearch.us.org, publicrecords.us.org, reversephonelookup.us.org, Taylor Clark, Terra Marketing Group, The Atlantic, The Coming Storm, The Dark Overlord, trafficticket.us.org, vehiclehistoryreports.us.org, vehiclereportusa.com, vinsearchusa.org, warrantcheck.com

Credit to Author: BrianKrebs| Date: Mon, 04 Mar 2019 22:11:33 +0000

Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S. consumers, including DMV and arrest records, genealogy reports, phone number lookups and people searches. In an ironic twist, the marketing empire that owns the hacked online properties appears to be run by a Canadian man who’s been sued for fraud by the U.S. Federal Trade Commission, Microsoft and Oprah Winfrey, to name a few.

← Previous