T-Mobile – Page 2 – Computer Security Articles

It Might Be Our Data, But It’s Not Our Breach

August 11, 2022 admin A Little Sunshine, alex holden, AT&T, at&t internet, bellsouth.net, Bleeping Computer, data breaches, databreaches.net, Hold Security, Lawrence Abrams, new jersey cybersecurity & communications integration cell, sbcglobal.net, shinyhunters, T-Mobile, The Coming Storm, u-verse, white house market

Credit to Author: BrianKrebs| Date: Thu, 11 Aug 2022 17:45:31 +0000

A cybersecurity firm says it has intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans. The firm’s analysis of the data suggests it corresponds to current and former customers of AT&T. The telecommunications giant stopped short of saying the data wasn’t theirs, but it maintains the records do not appear to have come from its systems and may be tied to a previous data incident at another company.

MalwareBytes Security

A week in security (July 25 – July 31)

August 8, 2022 admin a week in security, backdoor, blog recap, bytedance, cookies, data breach, google, linux, microsoft, ransomware, SQL Injection, T-Mobile, TikTok, Uber, Week in security

Categories: A week in security

Tags: backdoor

Tags: blog recap

Tags: bytedance

Tags: cookies

Tags: data breach

Tags: Google

Tags: linux

Tags: microsoft

Tags: ransomware

Tags: SQL injection

Tags: T-Mobile

Tags: tiktok

Tags: Uber

Tags: week in security

The most important and interesting computer security stories from the last week.

(Read more…)

The post A week in security (July 25 – July 31) appeared first on Malwarebytes Labs.

MalwareBytes Security

A week in security (July 25 – July 31)

August 1, 2022 admin a week in security, backdoor, blog recap, blog roundup, bytedance, chrome update, cookies, data breach, google, lightning framework, linux, Linux Malware, malwarebytes edr, microsoft, neopets, orwellian, prestashop, pro-china, ransomware, rdp brute-force attack, roe v. wade, SonicWall, SQL Injection, T-Mobile, TikTok, Uber, Week in security, windows 11

Credit to Author: Malwarebytes Labs| Date: Mon, 01 Aug 2022 09:51:04 +0000

The most important and interesting computer security stories from the last week.

The post A week in security (July 25 – July 31) appeared first on Malwarebytes Labs.

MalwareBytes Security

T-Mobile agrees to pay customers $350 million in settlement over data breach

July 27, 2022 admin $350 million, data breach, reports, T-Mobile

Credit to Author: Pieter Arntz| Date: Wed, 27 Jul 2022 10:32:19 +0000

T-Mobile has proposed to settle its 2021 data breach by paying $350 million, along with an incremental spend of $150 million in security.

The post T-Mobile agrees to pay customers $350 million in settlement over data breach appeared first on Malwarebytes Labs.

Independent Krebs

Fighting Fake EDRs With ‘Credit Ratings’ for Police

April 27, 2022 admin A Little Sunshine, apple, AT&T, Coinbase, discord, emergency data request, FBI, GitHub, google, kodex, LinkedIn, matt donahue, meta, microsoft, snapchat, T-Mobile, The Coming Storm, TikTok, twilio, Twitter, Verizon, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 27 Apr 2022 14:27:35 +0000

When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests — in part by assigning trustworthiness or “credit ratings” to law enforcement authorities worldwide.

Independent Krebs

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

April 22, 2022 admin A Little Sunshine, amtrak, apple, bitbucket, Breadcrumbs, Dan Goodin, Doxbin, Electronic Arts, emergency data request, everlynn, Flashpoint, genesis, globant, iqor, kt, lapsus$, lapsus$ jobs, michelin, microsoft, Mobile Device Management, mox, Ne'er-Do-Well News, nvidia, recursion team, russian market, Samsung, sascar, SIM swapping, slack, source code theft, SWATting, T-Mobile, t-mobile atlas, whitedoxbin

Credit to Author: BrianKrebs| Date: Fri, 22 Apr 2022 13:09:39 +0000

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.

MalwareBytes Security

TrickBot adds new trick to its arsenal: tampering with trusted texts

September 3, 2019 admin 2fa, account takeover fraud, ATO, Authy, C&C, Dell Secureworks, dynamic webinject, dyreza, emotet, Eternal Romance, EternalBlue, EternalChampion, Gold Blackburn, Google Authenticator, hasherezade, point-of-sale, port-out fraud, pos, SIM hijacking, SIM swapping, Sprint, T-Mobile, thetrick, trickbot, trickloader, trickster, Trojan.TrickBot, trojans, two-factor authentication, Verizon Wireless

Credit to Author: Jovi Umawing| Date: Tue, 03 Sep 2019 15:26:01 +0000

TrickBot’s latest feature allows it to tamper with the web sessions of users from Verizon, T-Mobile, and Sprint mobile carriers.

Categories:

Trojans

Tags: 2fa account takeover fraud ATO Authy C&C Dell Secureworks dynamic webinject dyreza emotet Eternal Romance EternalBlue EternalChampion Gold Blackburn Google Authenticator hasherezade point-of-sale port-out fraud POS SIM hijacking SIM swapping Sprint T-Mobile thetrick trickbot trickloader trickster Trojan.TrickBot two-factor authentication Verizon Wireless

MalwareBytes Security

Maine inches closer to shutting down ISP pay-for-privacy schemes

June 5, 2019 admin ACLU of Maine, AT&T, comcast, Data Privacy, data privacy laws, data privacy legislation, Facebook, google, GWI, internet service provider, ISP, L.D. 946, LD 946, Maine, Maine State Chamber of Commerce, pay-for-privacy, privacy, Ron Wyden, Senator Ron Wyden, Spectrum, Sprint, T-Mobile, Verizon, Wyden

Credit to Author: David Ruiz| Date: Wed, 05 Jun 2019 15:00:00 +0000

Unlike a data privacy proposal in the US and a new data privacy law in California, the Maine data privacy bill aimed at Internet Service Providers (ISPs) explicitly shuts down any pay-for-privacy schemes.

Categories:

Privacy

Tags: ACLU of Maine AT&T comcast Data privacy data privacy laws data privacy legislation facebook Google GWI internet service provider ISP L.D. 946 LD 946 Maine Maine State Chamber of Commerce pay-for-privacy Ron Wyden Senator Ron Wyden Spectrum Sprint T-Mobile Verizon Wyden