The Coming Storm – Computer Security Articles

At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates

January 14, 2022 admin andrey sergeevich bessonov, colonial pipeline, darkside, dmitri alperovitch, FSB, gandcrab, immersive labs, kevin breen, Ne'er-Do-Well News, NotPetya, president biden, ransomware, rEvil, roman gennadyevich muromsky, The Coming Storm, Vladimir Putin

Credit to Author: BrianKrebs| Date: Fri, 14 Jan 2022 22:41:34 +0000

The Russian government said today it arrested 14 people accused of working for “REvil,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin’s decision to station 100,000 troops along the nation’s border with Ukraine.

Independent Krebs

‘Wormable’ Flaw Leads January 2022 Patch Tuesday

January 11, 2022 admin cve-2021-22947, cve-2021-36976, cve-2022-21846, cve-2022-21907, dustin childs, Exchange Server, http protocol stack, Latest Warnings, microsoft patch tuesday january 2022, national security agency, Rapid7, Satnam Narang, Tenable, The Coming Storm, Time to Patch, Trend Micro, Zero Day Initiative

Credit to Author: BrianKrebs| Date: Tue, 11 Jan 2022 22:18:55 +0000

Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More concerning, Microsoft warns that one of the flaws fixed this month is “wormable,” meaning no human interaction would be required for an attack to spread from one vulnerable Windows box to another.

Independent Krebs

The Internet is Held Together With Spit & Baling Wire

November 26, 2021 admin A Little Sunshine, adam korab, bgp, border gateway protocol, centurylink, internet routing registry, irr, kc claffy, level3 communications, lumen technologies, The Coming Storm

Credit to Author: BrianKrebs| Date: Fri, 26 Nov 2021 19:03:53 +0000

Imagine being able to disconnect or redirect Internet traffic destined for some of the world’s largest companies — just by spoofing an email. This is the nature of a threat vector recently removed by a Fortune 500 firm that operates one of the world’s largest Internet backbones.

Independent Krebs

‘Trojan Source’ Bug Threatens the Security of All Code

November 1, 2021 admin bidi override, cambridge university, cve-2021-42574, cve-2021-42694, johns hopkins information security institute, Latest Warnings, matthew green, Nicholas Weaver, ross anderson, rust, The Coming Storm, Time to Patch, trojan source bug, university of california berkeley

Credit to Author: BrianKrebs| Date: Mon, 01 Nov 2021 04:23:36 +0000

Virtually all compilers — programs that transform human-readable source code into computer-executable machine code — are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected, new research released today warns. The vulnerability disclosure was coordinated with multiple organizations, some of whom are now releasing updates to address the security weakness.

Independent Krebs

How Coinbase Phishers Steal One-Time Passwords

October 25, 2021 admin A Little Sunshine, alex holden, Bleeping Computer, Coinbase, coinbase phishing, Hold Security, Lawrence Abrams, one-time password phishing, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 13 Oct 2021 14:27:40 +0000

A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phishers are attempting to sign up for new Coinbase accounts by the millions as part of an effort to identify email addresses that are already associated with active accounts.

Independent Krebs

What Happened to Facebook, Instagram, & WhatsApp?

October 4, 2021 admin 60 minutes, A Little Sunshine, bgp, border gateway protocol, CBS, Doug Madory, Facebook outage, frances haugen, instagram outage, kentik, The Coming Storm, whatsapp outage

Credit to Author: BrianKrebs| Date: Mon, 04 Oct 2021 19:05:06 +0000

Facebook and its sister properties Instagram and WhatsApp are suffering from ongoing, global outages. We don’t yet know why this happened, but the how is clear: Earlier this morning, something inside Facebook caused the company to revoke key digital records that tell computers and other Internet-enabled devices how to find these destinations online.

Independent Krebs

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

September 10, 2021 admin A Little Sunshine, Akamai, cambridge university, CloudFlare, ddos, google, meris, MikroTik, Project Shield, Qrator, richard clayton, The Coming Storm, Yandex

Credit to Author: BrianKrebs| Date: Fri, 10 Sep 2021 18:12:44 +0000

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. The assault came from “Meris,” the same new “Internet of Things” (IoT) botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer.

Independent Krebs

Microsoft: Attackers Exploiting Windows Zero-Day Flaw

September 8, 2021 admin cve-2021-40444, Latest Warnings, microsoft, The Coming Storm, windows zero-day

Credit to Author: BrianKrebs| Date: Wed, 08 Sep 2021 15:03:45 +0000

Microsoft Corp. warned Tuesday that attackers are exploiting a previously unknown vulnerability in Windows 10 and many Windows Server versions to seize control over PCs when users open a malicious document or visit a booby-trapped website. There is currently no official patch for the flaw, but Microsoft has released recommendations for mitigating the threat.

← Previous