The Coming Storm – Page 4 – Computer Security Articles

Credit to Author: BrianKrebs| Date: Thu, 30 May 2024 15:19:44 +0000

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed “the largest ever operation against botnets,” the international effort is being billed as the opening salvo in an ongoing campaign targeting advanced malware “droppers” or “loaders” like IcedID, Smokeloader and Trickbot.

Independent Krebs

May 21, 2024 admin

Why Your Wi-Fi Router Doubles as an Apple AirTag

Credit to Author: BrianKrebs| Date: Tue, 21 May 2024 16:21:20 +0000

Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — including non-Apple devices like Starlink systems — and found they could use this data to monitor the destruction of Gaza, as well as the movements and in many cases identities of Russian and Ukrainian troops.

Independent Krebs

May 6, 2024 admin

Why Your VPN May Not Be As Secure As It Claims

Credit to Author: BrianKrebs| Date: Mon, 06 May 2024 14:24:47 +0000

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user.

Independent Krebs

April 15, 2024 admin

Why CISA is Warning CISOs About a Breach at Sisense

Credit to Author: BrianKrebs| Date: Thu, 11 Apr 2024 20:48:06 +0000

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening.

Independent Krebs

April 15, 2024 admin

Recent ‘MFA Bombing’ Attacks Targeting Apple Users

Credit to Author: BrianKrebs| Date: Tue, 26 Mar 2024 15:37:54 +0000

Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature. In this scenario, a target’s Apple devices are forced to display dozens of system-level prompts that prevent the devices from being used until the recipient responds “Allow” or “Don’t Allow” to each prompt. Assuming the user manages not to fat-finger the wrong button on the umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user’s account is under attack and that Apple support needs to “verify” a one-time code.

Independent Krebs

March 11, 2024 admin

Incognito Darknet Market Mass-Extorts Buyers, Sellers

Credit to Author: BrianKrebs| Date: Mon, 11 Mar 2024 16:19:36 +0000

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform.

Independent Krebs

January 19, 2024 admin

Canadian Man Stuck in Triangle of E-Commerce Fraud

Credit to Author: BrianKrebs| Date: Fri, 19 Jan 2024 15:34:53 +0000

A Canadian man who says he’s been falsely charged with orchestrating a complex e-commerce scam is seeking to clear his name. His case appears to involve “triangulation fraud,” which occurs when a consumer purchases something online — from a seller on Amazon or eBay, for example — but the seller doesn’t actually own the item for sale. Instead, the seller purchases the item from an online retailer using stolen payment card data. In this scam, the unwitting buyer pays the scammer and receives what they ordered, and very often the only party left to dispute the transaction is the owner of the stolen payment card.

Independent Krebs

January 13, 2024 admin

Here’s Some Bitcoin: Oh, and You’ve Been Served!

Credit to Author: BrianKrebs| Date: Wed, 10 Jan 2024 13:39:37 +0000

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be the first in which a federal court has recognized… Read More »