Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.” A U2F device made by Yubikey.

Hacking 277

Hacking Social Engineering Phishing Scams 277

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. 15, 2022, LastPass said an investigation into the August breach determined the attacker did not access any customer data or password vaults.

Cryptocurrency 351

Cryptocurrency Passwords Encryption Accountability 351

Krebs on Security

JUNE 22, 2023

.” The written notice goes on to say UPS believes the data exposure “affected packages for a small group of shippers and some of their customers from February 1, 2022 to April 24, 2023.” A smishing website targeting Canadians who recently purchased from Adidas online. The site would only load in a mobile browser.

Phishing 287

Phishing Retail Mobile Scams 287

Krebs on Security

JANUARY 9, 2023

But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. 27, 2022, Experian’s PR team acknowledged receipt of my Dec. It’s also worth mentioning that reports of hijacked Experian.com accounts persisted into late 2022. ” Sen.

Identity Theft 334

Identity Theft Accountability Authentication Web Fraud 334

Krebs on Security

JANUARY 25, 2024

billion ads in 2022, and restricted more than 4.3 The company’s latest ad safety report says Google in 2022 blocked or removed 1.36 We’ll continue to monitor and apply our protections.” Google says it removed 5.2 billion ads and suspended over 6.7 million advertiser accounts.

Software 268

Software Advertising Malware Accountability 268

Krebs on Security

AUGUST 2, 2022

Further reading: July 29, 2022: 911 Proxy Service Implodes After Disclosing Breach. July 28, 2022: Breach Exposes Users of Microleaves Proxy Service. July 18, 2022: A Deep Dive Into the Residential Proxy Service ‘911’ June 28, 2022: The Link Between AWM Proxy & the Glupteba Botnet.

Malware 265

Malware Cybercrime Internet Internet 265

Krebs on Security

DECEMBER 5, 2022

2022 by Google researcher Luca Nagy. In June 2022, KrebsOnSecurity showed how the malware proxy services RSOCKS and AWMProxy were entirely dependent on the Glupteba botnet for fresh proxies, and that the founder of AWMProxy was Dmitry Starovikov — one of the Russian men named in Google’s lawsuit.

Cybercrime 243

Cybercrime Malware Internet Internet 243

Krebs on Security

MARCH 22, 2023

In November 2022, researchers at Google’s Project Zero warned about active attacks on Samsung mobile phones which chained together three security vulnerabilities that Samsung patched in March 2021, and which would have allowed an app to add or read any files on the device.

Malware 272

Malware eCommerce Mobile Media 272

Krebs on Security

AUGUST 30, 2022

In mid-June 2022, a flood of SMS phishing messages began targeting employees at commercial staffing firms that provide customer support and outsourcing to thousands of companies. The messages began at 2022-07-20 22:50 UTC.

Mobile 299

Mobile Phishing Authentication Accountability 299

Krebs on Security

MARCH 28, 2023

In mid-December 2022, the U.S. The NCA campaign comes closely on the heels of an international law enforcement takedown involving four-dozen websites that made powerful DDoS attacks a point-and-click operation. men with computer crimes related to their alleged ownership of popular DDoS-for-hire services.

DDOS 261

DDOS Marketing Computers and Electronics Risk 261

Krebs on Security

OCTOBER 20, 2022

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations.

Accountability 283

Accountability Cryptocurrency Scams CISO 283

Krebs on Security

NOVEMBER 16, 2022

The Disneyland Team’s Web interface, which allows them to interact with malware victims in real time to phish their login credentials using phony bank websites. For example, one domain the gang has used since March 2022 is ushank[.]com The Disneyland Team uses common misspellings for top bank brands in its domains.

Malware 281

Malware Banking Phishing DDOS 281

Krebs on Security

JULY 29, 2022

The 911 service as it existed until July 28, 2022. re is was one of the original “residential proxy” networks, which allow someone to rent a residential IP address to use as a relay for his/her Internet communications, providing anonymity and the advantage of being perceived as a residential user surfing the web. .

Cybercrime 269

Cybercrime Software VPN Backups 269

Krebs on Security

APRIL 4, 2024

info , a website erected after Russia invaded Ukraine in early 2022 that doxed Russians perceived to have helped the Ukrainian cause. Virtually all of those domains were registered through one of two registrars — Hong Kong-based Nicenic and Singapore-based WebCC — and almost all appear to be phishing or pill-spam related.

Phishing 222

Phishing Cryptocurrency DDOS Internet 222

Security Boulevard

JANUARY 25, 2023

23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer's full credit report -- armed with nothing more than a person's name, address, date of birth, and Social Security number. 9, 2022 and Dec.

Web Fraud 52

Web Fraud Data breaches 52

Krebs on Security

OCTOBER 9, 2023

com was registered in 2022 via Singapore-based Alibaba.com , but the registrant city and state listed for that domain says “Georgia, AL,” which is not a real location. DomainTools.com indicates this website name was registered by phishers based in Indonesia. DomainTools says the above-mentioned USPS phishing domain stamppos[.]com

Phishing 286

Phishing Scams Passwords Web Fraud 286

Krebs on Security

FEBRUARY 24, 2023

BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. Abdalla Khafagy’s LinkedIn profile says he was “global director of community” at Crypto.com for about a year ending in January 2022. The website BHProxies[.]com million from private investors.

Accountability 236

Accountability Advertising Marketing Malware 236

Krebs on Security

MARCH 7, 2023

Meta initially filed this lawsuit in December 2022, but it asked the court to seal the case, which would have restricted public access to court documents in the dispute. Although Freenom is based in The Netherlands, some of its other sister companies named as defendants in the lawsuit are incorporated in the United States.

Phishing 261

Phishing Media Internet Internet 261

Krebs on Security

DECEMBER 13, 2022

10, 2022, the relatively new cybercrime forum Breached featured a bombshell new sales thread: The user database for InfraGard, including names and contact information for tens of thousands of InfraGard members.

Hacking 362

Hacking Energy and Utilities Cybercrime Accountability 362

Krebs on Security

OCTOBER 31, 2023

Interisle’s newest study examined six million phishing reports between May 1, 2022 and April 30, 2023, and identified approximately 30,000.US As far back as 2018, Interisle found.US domains were the worst in the world for spam, botnet (attack infrastructure for DDOS etc.) and illicit or harmful content. US phishing domains.

Phishing 278

Phishing Telecommunications Malware Scams 278

Security Boulevard

JANUARY 9, 2023

But until the end of 2022, Experian's website allowed anyone to bypass these questions and go straight to the consumer's report. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history.

Web Fraud 69

Web Fraud Data breaches 69

Krebs on Security

JULY 25, 2023

Preserving bandwidth for both customers and victims was a primary concern for SocksEscort in July 2022, when 911S5 — at the time the world’s largest known malware proxy network — got hacked and imploded just days after being exposed in a story here. “Probably, they wanted to keep that revenue stream going.”

Malware 211

Malware VPN Internet Internet 211

Krebs on Security

AUGUST 17, 2023

A search in Constella on 16Shop’s domain name shows that in mid-2022, a key administrator of the phishing service infected their Microsoft Windows desktop computer with the Redline information stealer trojan — apparently by downloading a cracked (and secretly backdoored) copy of Adobe Photoshop.

Phishing 200

Phishing Passwords Internet Internet 200

Krebs on Security

SEPTEMBER 1, 2023

Interisle’s newest study examined six million phishing reports between May 1, 2022 and April 30, 2023, and found 30,000.US That’s according to The Interisle Consulting Group , which gathers phishing data from multiple industry sources and publishes an annual report on the latest trends. US phishing domains.US

Phishing 239

Phishing Telecommunications Government DNS 239

Krebs on Security

JULY 10, 2022

Turner said that in early June 2022 he received an email from Experian saying the email address on his account had been changed. Emory Roan , policy counsel for the Privacy Rights Clearinghouse , said Experian not offering multi-factor authentication for consumer accounts is inexcusable in 2022.

Accountability 316

Accountability Passwords Authentication Password Management 316

Krebs on Security

AUGUST 16, 2022

On August 3, 2022, someone using the alias “ Holistic-K1ller ” posted on Breached a thread selling data allegedly stolen from Grupo Financiero Banorte , Mexico’s second-biggest financial institution by total loans.

Data breaches 270

Data breaches Banking Cybercrime Marketing 270

Krebs on Security

DECEMBER 8, 2022

First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices. Last month, the U.S. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. healthcare organizations.

Healthcare 274

Healthcare Backups Ransomware Insurance 274

Krebs on Security

JUNE 6, 2023

According to the FBI , financial losses from cryptocurrency investment scams dwarfed losses for all other types of cybercrime in 2022 , rising from $907 million in 2021 to $2.57 The ScamDoc fake reputation websites, which were apparently used to help make fake crypto investment platforms look more trustworthy. Image: Trend Micro.

Accountability 220

Accountability Scams Cryptocurrency Advertising 220

Krebs on Security

MAY 22, 2023

According to the FBI , financial losses from cryptocurrency investment scams dwarfed losses for all other types of cybercrime in 2022 , rising from $907 million in 2021 to $2.57 billion last year.

Scams 252

Scams DDOS Cryptocurrency Accountability 252

Krebs on Security

JULY 18, 2022

2022 closure of LuxSocks , another malware-based proxy network. That’s according to Riley Kilmer , co-founder of Spur.us — a security company that monitors anonymity services. Kilmer said 911 also gained an influx of new customers after the Jan. “And it’s not hard to see why.

VPN 312

VPN Computers and Electronics Antivirus Software 312

Krebs on Security

JULY 21, 2022

. “The fraud is named for the way scammers feed their victims with promises of romance and riches before cutting them off and taking all their money,” the Federal Bureau of Investigation (FBI) warned in April 2022.

Scams 307

Scams Cryptocurrency Marketing Internet 307

Krebs on Security

JANUARY 25, 2022

14, 2022 breach notification letter from tribal lender Mountain Summit Financial. MSF said the personal information involved in this incident may have included name, date of birth, government-issued identification numbers (e.g., A portion of the Jan.

Financial Services 224

Financial Services Banking Accountability Identity Theft 224

Krebs on Security

SEPTEMBER 4, 2022

on Jan 2, 2022, McGovern-Allen and an unidentified co-conspirator fired multiple handgun rounds into a residence in West Chester, Pa. Justin Active’s version of events seems to be supported by a reference in the criminal complaint to an April 2, 2022 chat in which Tongue explained the reason for the shooting.

Government 57

Government Accountability Cryptocurrency Web Fraud 57

Security Boulevard

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites.

Hacking 52

Hacking Phishing Media Malware 52