International Computer Science Institute – Computer Security Articles

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

February 28, 2023 admin A Little Sunshine, Allison Nixon, data breaches, International Computer Science Institute, Minecraft, Nicholas Weaver, roblox, Security Keys, SIM swapping, T-Mobile, tmo up, unit 221b, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 28 Feb 2023 16:14:57 +0000

Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

Independent Krebs

U.S. Mobile Giants Want to be Your Online Identity

September 12, 2018 admin A Little Sunshine, AT&T, International Computer Science Institute, Johannes Jaskolski, LocationSmart, Nicholas Weaver, number port-out scams, Project Verify, Security Tools, Securus Technologies, SIM swap, Sprint, T-Mobile, The Coming Storm, UC Berkeley, Verizon

Credit to Author: BrianKrebs| Date: Wed, 12 Sep 2018 20:58:31 +0000

The four major U.S. wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, such as location, customer reputation, and physical attributes of the device. Here’s a look at what’s coming, and the potential security and privacy trade-offs of trusting the carriers to handle online authentication on your behalf.

Independent Krebs

Fraudsters Exploited Lax Security at Equifax’s TALX Payroll Division

May 18, 2017 admin avivah litan, Equifax, Gartner Inc., ICSI, Identity Theft, International Computer Science Institute, knowledge-based authentication, Nicholas A. Oldham, Nicholas Weaver, Other, TALX, tax refund fraud, two-factor authentication

Credit to Author: BrianKrebs| Date: Thu, 18 May 2017 20:23:13 +0000

Identity thieves who specialize in tax refund fraud had big help this past tax year from Equifax, one of the nation’s largest consumer data brokers and credit bureaus. The trouble stems from TALX, an Equifax subsidiary that provides online payroll, HR and tax services. Equifax says crooks were able to reset the 4-digit PIN given to customer employees as a password and then steal W-2 tax data after successfully answering personal questions about those employees. In a boilerplate text sent to several affected customers, Equifax said the unauthorized access to customers’ employee tax records happened between April 17, 2016 and March 29, 2017. Beyond that, the extent of the fraud perpetrated with the help of hacked TALX accounts is unclear, and Equifax refused requests to say how many consumers or payroll service customers may have been impacted by the authentication weaknesses.