The Life Cycle of a Breached Database

Credit to Author: BrianKrebs| Date: Thu, 29 Jul 2021 16:20:54 +0000

Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. Here’s a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database. Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. One might even say passwords are the fossil fuels powering most IT modernization: They’re ubiquitous because they are cheap and easy to use, but that means they also come with significant trade-offs — such as polluting the Internet with weaponized data when they’re leaked or stolen en masse.

Read more

PlugwalkJoe Does the Perp Walk

Credit to Author: BrianKrebs| Date: Mon, 26 Jul 2021 18:18:38 +0000

One day after last summer’s mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” O’Connor appeared to have been involved in the incident. When the Justice Department last week announced O’Connor’s arrest and indictment, his alleged role in the Twitter compromise was well covered in the media. But most of the coverage so far seem to have overlooked the far more sinister criminal charges in the indictment, which involve an underground scene wherein young men turn to extortion, sextortion, SIM swapping, death threats and physical attacks — all in a bid to seize control over highly-prized social media accounts.

Read more

Serial Swatter Who Caused Death Gets Five Years in Prison

Credit to Author: BrianKrebs| Date: Wed, 21 Jul 2021 19:59:03 +0000

A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that lead to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today.

Read more

Spam Kingpin Peter Levashov Gets Time Served

Credit to Author: BrianKrebs| Date: Tue, 20 Jul 2021 21:30:00 +0000

A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov, a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. Levashov has been in federal custody since his extradition to the United States and guilty plea in 2018, and was facing up to 12 more years in prison. Instead, he will go free under three years of supervised release and a possible fine.

Read more

Don’t Wanna Pay Ransom Gangs? Test Your Backups.

Credit to Author: BrianKrebs| Date: Mon, 19 Jul 2021 21:11:11 +0000

Browse the comments on virtually any story about a ransomware attack and you will almost surely encounter the view that the victim organization could have avoided paying their extortionists if only they’d had proper data backups. But the ugly truth is there are many non-obvious reasons why victims end up paying even when they have done nearly everything right from a data backup perspective. 

Read more

Microsoft Patch Tuesday, July 2021 Edition

Credit to Author: BrianKrebs| Date: Tue, 13 Jul 2021 21:41:47 +0000

Microsoft today released updates to patch at least 116 security holes in its Windows operating systems and related software. A half of dozen of the vulnerabilities addressed today are under active attack, according to Microsoft.

Read more

Spike in “Chain Gang” Destructive Attacks on ATMs

Credit to Author: BrianKrebs| Date: Fri, 09 Jul 2021 19:31:16 +0000

Last summer, financial institutions throughout Texas started reporting a sudden increase in attacks involving well-orchestrated teams that would show up at night, use stolen trucks and heavy chains to rip Automated Teller Machines (ATMs) out of their foundations, and make off with the cash boxes inside. Now it appears the crime — known variously as “ATM smash-and-grab” and “chain gang” attacks — is rapidly increasing in other states.

Read more

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Credit to Author: BrianKrebs| Date: Thu, 08 Jul 2021 15:22:58 +0000

Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company whose products help system administrators manage large networks remotely. Now it appears Kaseya’s customer service portal was left vulnerable until last week to a data-leaking security flaw that was first identified in the same software six years ago.

Read more