U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Credit to Author: BrianKrebs| Date: Thu, 26 Sep 2024 14:54:07 +0000

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted a top Russian cybercriminal known as Taleon, whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks.

Read more

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Credit to Author: BrianKrebs| Date: Tue, 27 Aug 2024 14:26:41 +0000

Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltrating critical U.S. networks and laying the groundwork for the ability to disrupt communications between the United States and Asia during any future armed conflict with China.

Read more

Local Networks Go Global When Domain Names Collide

Credit to Author: BrianKrebs| Date: Fri, 23 Aug 2024 14:12:31 +0000

The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. Meaning, they are continuously sending their Windows usernames and passwords to domain names they do not control and which are freely available for anyone to register. Here’s a look at one security researcher’s efforts to map and shrink the size of this insidious problem.

Read more

National Public Data Published Its Own Passwords

Credit to Author: BrianKrebs| Date: Mon, 19 Aug 2024 16:23:31 +0000

New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its back-end database in a file that was freely available for download from its homepage until today.

Read more

NationalPublicData.com Hack Exposes a Nation’s Data

Credit to Author: BrianKrebs| Date: Thu, 15 Aug 2024 22:38:36 +0000

A great many readers this month reported receiving alerts that their Social Security Number, name, address and other personal information were exposed in a breach at a little-known but aptly-named consumer data broker called NationalPublicData.com. This post examines what we know about a breach that has exposed hundreds of millions of consumer records. We’ll also take a closer look at the data broker that got hacked — a background check company founded by an actor and retired sheriff’s deputy from Florida.

Read more

Phish-Friendly Domain Registry “.top” Put on Notice

Credit to Author: BrianKrebs| Date: Tue, 23 Jul 2024 19:41:51 +0000

The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top was the most common suffix in phishing websites over the past year, second only to domains ending in “.com.”

Read more

‘Operation Endgame’ Hits Malware Delivery Platforms

Credit to Author: BrianKrebs| Date: Thu, 30 May 2024 15:19:44 +0000

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed “the largest ever operation against botnets,” the international effort is being billed as the opening salvo in an ongoing campaign targeting advanced malware “droppers” or “loaders” like IcedID, Smokeloader and Trickbot.

Read more

Why Your Wi-Fi Router Doubles as an Apple AirTag

Credit to Author: BrianKrebs| Date: Tue, 21 May 2024 16:21:20 +0000

Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — including non-Apple devices like Starlink systems — and found they could use this data to monitor the destruction of Gaza, as well as the movements and in many cases identities of Russian and Ukrainian troops.

Read more