The Coming Storm

IndependentKrebs

Who Owns Your Wireless Service? Crooks Do.

Credit to Author: BrianKrebs| Date: Wed, 07 Aug 2019 22:43:58 +0000

Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary. A noticeable uptick in SIM-swapping attacks that lead to multi-million dollar cyberheists. If you are somehow under the impression that you — the customer — are in control over the security, privacy and integrity of your mobile phone service, think again. And you’d be forgiven if you assumed the major wireless carriers or federal regulators had their hands firmly on the wheel.

Read More
IndependentKrebs

The Risk of Weak Online Banking Passwords

Credit to Author: BrianKrebs| Date: Mon, 05 Aug 2019 14:04:27 +0000

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process. This story is about how crooks increasingly are abusing third-party financial aggregation services like Mint, Plaid, Yodlee, YNAB and others to surveil and drain consumer accounts online.

Read More
IndependentKrebs

The Unsexy Threat to Election Security

Credit to Author: BrianKrebs| Date: Thu, 25 Jul 2019 17:01:41 +0000

Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. But according to a report quietly issued by a California grand jury this week, more attention needs to be paid to securing social media and email accounts used by election officials at the state and local level.

Read More
IndependentKrebs

Neo-Nazi SWATters Target Dozens of Journalists

Credit to Author: BrianKrebs| Date: Wed, 24 Jul 2019 20:39:33 +0000

Nearly three dozen journalists at a broad range of major publications have been targeted by a far-right group that maintains a Deep Web database listing the personal information of people who threaten their views. This group specializes in encouraging others to harass those targeted by their ire, and has claimed responsibility for dozens of bomb threats and “swatting” incidents, where police are tricked into visiting potentially deadly force on the target’s address.

Read More
IndependentKrebs

Is ‘REvil’ the New GandCrab Ransomware?

Credit to Author: BrianKrebs| Date: Mon, 15 Jul 2019 15:58:30 +0000

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced ransomware program known variously as “REvil,” “Sodin,” and “Sodinokibi.”

Read More
IndependentKrebs

Tracing the Supply Chain Attack on Android

Credit to Author: BrianKrebs| Date: Tue, 25 Jun 2019 15:24:29 +0000

Earlier this month, Google disclosed that a supply chain attack by one of its vendors resulted in malicious software being pre-installed on millions of new budget Android devices. Google didn’t exactly name those responsible, but said it believes the offending vendor uses the nicknames “Yehuo” or “Blazefire.” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware.

Read More