Blog and Internet - Cyber Security Informer

Internet Backbone Giant Lumen Shuns.RU

Krebs on Security

MARCH 8, 2022

Lumen Technologies , an American company that operates one of the largest Internet backbones and carries a significant percentage of the world’s Internet traffic, said today it will stop routing traffic for organizations based in Russia. ru) from the Internet.

Internet

Internet Internet Government Technology

Pwned - The Collected Blog Posts of Troy Hunt (Preview)

Troy Hunt

OCTOBER 20, 2021

I'm even in the story of how it became the internet's favourite taunt , again, somehow. When I announced the book in April , I explained how Rob Conery has helped me curate a collection of blog posts. They're blog posts that defined my life and my career and had interesting stories behind them.

Data breaches

Data breaches Internet Internet

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Internet

Internet Internet Backups Small Business

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Krebs on Security

OCTOBER 17, 2024

Prosecutors say Anonymous Sudan offered a “Limited Internet Shutdown Package,” which would enable customers to shut down internet service providers in specified countries for $500 (USD) an hour. An indictment in the Central District of California notes the duo even swamped the websites of the FBI and the Department of State.

DDOS

DDOS Government Internet Internet

Microsoft: Happy 2025. Here’s 161 Security Updates

Krebs on Security

JANUARY 14, 2025

“What makes this vulnerability so impactful is the fact that it is remotely exploitable, so attackers can reach the compromised machine(s) over the internet, and the attacker does not need significant knowledge or skills to achieve repeatable success with the same payload across any vulnerable component,” Hopkins wrote.

Artificial Intelligence

Artificial Intelligence Social Engineering Encryption Internet

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Krebs on Security

MAY 29, 2025

A graphic from the FBI explaining how Funnull generated a slew of new domains on a regular basis and mapped them to Internet addresses on U.S. cloud providers. based cloud networks, as doing so can result in blocking access to many legitimate web destinations that are also on that same shared network segment or host.

Scams

Scams Internet Internet Cybercrime

Together for a Better Internet: Celebrating Safer Internet Day 2025

Thales Cloud Protection & Licensing

FEBRUARY 11, 2025

Together for a Better Internet: Celebrating Safer Internet Day 2025 andrew.gertz@t Tue, 02/11/2025 - 14:57 At a time when technology is integral to our lives, Safer Internet Day (SID) has never been more relevant. These measures align perfectly with the spirit of Safer Internet Day. With an estimated 5.8

Internet

Internet Internet Education Technology

KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

Krebs on Security

MAY 20, 2025

The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching crippling digital assaults that few web destinations can withstand. KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3

DDOS

DDOS IoT Internet Internet

No, I Won't Link to Your Spammy Article

Troy Hunt

APRIL 6, 2020

That email would have been a reply to one you originally sent to me that would have sounded something like this: Hi, I came across your blog on [thing] and I must admit, it was really nicely written. I also have an article on [thing] and I think it would be a great addition to your blog. On a popular blog. Just the title.

Advertising

Advertising Internet Internet VPN

BadBox rapidly grows, 190,000 Android devices infected

Security Affairs

DECEMBER 21, 2024

The bot conducts ad fraud by accessing websites in the background and operates as a residential proxy, sharing the users internet connection for criminal activities, which can link the users IP address illegal activities. BadBox can also download additional payloads, amplifying the risks for the users. ” concludes the report.

Firmware

Firmware Malware Internet Internet

Extracting Personal Information from Large Language Models Like GPT-2

Schneier on Security

JANUARY 7, 2021

We demonstrate our attack on GPT-2, a language model trained on scrapes of the public Internet, and are able to extract hundreds of verbatim text sequences from the model’s training data. From a blog post : We generated a total of 600,000 samples by querying GPT-2 with three different sampling strategies.

Internet

Internet Internet Cybersecurity

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Krebs on Security

AUGUST 27, 2024

Malicious hackers are exploiting a zero-day vulnerability in Versa Director , a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon , a Chinese cyber espionage group focused on infiltrating critical U.S. In a security advisory published Aug. victims and one non-U.S.

Internet

Internet Internet Technology Engineering

Security expert Troy Hunt hit by phishing attack

Malwarebytes

MARCH 26, 2025

Internet security expert and educator Troy Hunt disclosed this week that he had been hit by one of the oldestand most provenscams in the online world: A phishing attack. On March 25, Hunt received a malicious email disguised as a legitimate notice from the company Mailchimp, which he uses to email his blog entries to subscribed readers.

Phishing

Phishing Data breaches Scams Password Management

NSA Admits Secretly Buying Your Internet Browsing Data without Warrants

Doctor Chaos

FEBRUARY 24, 2024

If you are concerned about somebody watching what you do while you use the Internet, here is yet another reason to validate your concerns. Not only is there the risk of threat actors and targeted advertising, but even the NSA is collecting data without warrants.

Internet

Internet Internet Advertising Risk

Closing the Loop: Continuous API Security Testing – FireTail Blog

Security Boulevard

MAY 15, 2025

May 15, 2025 - Lina Romero - APIs power the modern internet as we know it. Without API, the internet as we know it would simply cease to operate. And without API testing, the APIs that help our internet function could be open to outside manipulation, leading to attacks at a scale weve never seen before.

Internet

Internet Internet Data breaches Authentication

Happy 15th Anniversary, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2024

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today!

Scams

Scams Cybercrime Cryptocurrency Social Engineering

Smart Home Data Breach Exposes 2.7 Billion Records

ZoneAlarm

FEBRUARY 23, 2025

This breach has raised serious concerns about the security of internet-connected devices and the potential risks for consumers. Billion Records appeared first on ZoneAlarm Security Blog. Smart home devices, including security cameras, smart locks, and voice assistants, … The post Smart Home Data Breach Exposes 2.7

Data breaches

Data breaches IoT Internet Internet

Internet Safety Month: Keep Your Online Experience Safe and Secure

Webroot

MAY 31, 2024

What is Internet Safety Month? Each June, the online safety community observes Internet Safety Month as a time to reflect on our digital habits and ensure we’re taking the best precautions to stay safe online. How to protect it Use a Virtual Private Network (VPN) when connecting to the internet.

Internet

Internet Internet Identity Theft Password Management

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. The homepage of Stark Industries Solutions.

DDOS

DDOS Internet Internet Government

Who’s Behind the ‘Web Listings’ Mail Scam?

Krebs on Security

MARCH 23, 2020

Searching the Internet for some of these Web listing domains mentioned in the company’s Twitter account brings up a series of press releases once issued on behalf of the company. ” Historic WHOIS registration records from Domaintools [an advertiser on this blog] say Weblistingsinc.org was registered in Nov.

Scams

Scams Marketing Internet Internet

Webroot SecureAnywhere Internet Security Ranks #1 Among 8 Competitors for Overall Performance

Webroot

SEPTEMBER 17, 2024

” For this report, the company conducted objective testing of nine endpoint security products, including Webroot® SecureAnywhere Internet Security with Antivirus. The post Webroot SecureAnywhere Internet Security Ranks #1 Among 8 Competitors for Overall Performance appeared first on Webroot Blog.

Internet

Internet Internet Antivirus Banking

Do you actually need a VPN? Your guide to staying safe online!

Webroot

NOVEMBER 21, 2024

VPN servers: Usually located all over the world, VPN servers act as intermediaries between your device and the internet and maintain your privacy by masking your IP address and location. Kill switch: Blocks your device’s internet access if the VPN connection drops. appeared first on Webroot Blog. Why use a VPN?

VPN

VPN Antivirus Internet Internet

Microsoft Uses Trademark Law to Disrupt Trickbot Botnet

Krebs on Security

OCTOBER 12, 2020

A court in Virginia granted Microsoft control over many Internet servers Trickbot uses to plunder infected systems, based on novel claims that the crime machine abused the software giant’s trademarks. Microsoft Corp. However, it appears the operation has not completely disabled the botnet. .

Healthcare

Healthcare Ransomware Internet Internet

Microsoft Patch Tuesday, March 2021 Edition

Krebs on Security

MARCH 9, 2021

Top of the heap this month (apart from the ongoing, global Exchange Server mass-compromise ) is a patch for an Internet Explorer bug that is seeing active exploitation. In the ENKI blog post, the researchers said they will publish proof-of-concept (PoC) details after the bug has been patched.

DNS

DNS Internet Internet Backups

Soft-Launching and Open Sourcing the Have I Been Pwned Rebrand

Troy Hunt

MARCH 11, 2025

Reading how “PWNED” went from hacker slang to the internet’s favorite taunt, I think that's a fair conclusion to draw. Part of that is this blog post heralding what's to come, and part of it is also open sourcing the ux-rebuild repository.

Passwords

Passwords Internet Internet

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

SEPTEMBER 18, 2024

The page listed the correct time and date of the funeral service, which it claimed could be streamed over the Internet by following a link that led to a page requesting credit card information. The Internet address of livestreamnow[.]xyz DomainTools shows this same Internet address is home to nearly 6,000 other domains (.CSV),

Scams

Scams DNS Internet Internet

The Web’s Bot Containment Unit Needs Your Help

Krebs on Security

MARCH 16, 2020

Now, something similar is in danger of happening in cyberspace: Shadowserver.org , an all-volunteer nonprofit organization that works to help Internet service providers (ISPs) identify and quarantine malware infections and botnets, has lost its longtime primary source of funding. Image: Ghostbusters.

Malware

Malware Internet Internet Government

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

Many of the infected systems were Internet of Things (IoT) devices , including industrial control systems, time clocks, routers, audio/video streaming devices, and smart garage door openers. Kloster’s blog enthused. “We Later in its existence, the RSOCKS botnet expanded into compromising Android devices and conventional computers.

Cybercrime

Cybercrime Advertising IoT Malware

Be Very Sparing in Allowing Site Notifications

Krebs on Security

NOVEMBER 17, 2020

These so-called “push notifications” rely on an Internet standard designed to work similarly across different operating systems and web browsers. The company’s site currently is ranked by Alexa.com as among the top 2,000 sites in terms of Internet traffic globally.

Antivirus

Antivirus Advertising Internet Internet

Protect those you love from internet scams this Valentine’s Day

Webroot

FEBRUARY 10, 2025

February 11 marks Safer Internet Day , encouraging us to work together to make the internet a safer and better place. And while February 14 usually means love is in the air, Valentines Day is also a popular day with internet scammers.

Scams

Scams Internet Internet Antivirus

Security Vulnerability of Switzerland’s E-Voting System

Schneier on Security

OCTOBER 17, 2023

Like any internet voting system, it has inherent security vulnerabilities: if there are malicious insiders, they can corrupt the vote count; and if thousands of voters’ computers are hacked by malware, the malware can change votes as they are transmitted. He explains it all in his blog post.

Malware

Malware Internet Internet Government

Crooks bank on Microsoft’s search engine to phish customers

Malwarebytes

NOVEMBER 4, 2024

In this blog post, we take a look at how criminals are abusing Bing and stay under the radar at the same time while also bypassing advanced security features such as two-factor authentication. The idea is about creating content that looks real, like a blog, but with malicious intent (monetization or other). com info-blog-news[.]com

Engineering

Engineering Phishing Banking Authentication

Humans are Bad at URLs and Fonts Don’t Matter

Troy Hunt

OCTOBER 28, 2020

The victim, through no fault of their own, has been the target of numerous angry tweets designed to ridicule their role in internet security and suggest they are incapable of performing their duty. Obviously, the image is resized to the width of paragraphs on this blog, give it a click if you want to check it out at 1:1 size.

Phishing

Phishing Password Management Passwords Internet

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Krebs on Security

JUNE 10, 2022

At the outset of their federal criminal trial for hijacking vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct (now Amobee ) have pleaded guilty to lesser misdemeanor charges of fraud and misrepresentation via email.

Government

Government Marketing Internet Internet

REvil Ransomware Gang Starts Auctioning Victim Data

Krebs on Security

JUNE 2, 2020

. “ Sodin ” and “ Sodinokibi “) used their Dark Web “Happy Blog” to announce its first ever stolen data auction, allegedly selling files taken from a Canadian agricultural production company that REvil says has so far declined its extortion demands.

Ransomware

Ransomware Backups Encryption Internet

Don’t Let Your Domain Name Become a “Sitting Duck”

Krebs on Security

JULY 31, 2024

Your Web browser knows how to find a site like example.com thanks to the global Domain Name System (DNS), which serves as a kind of phone book for the Internet by translating human-friendly website names (example.com) into numeric Internet addresses.

DNS

DNS Internet Internet Phishing

MY TAKE: lastwatchdog.com receives recognition as a Top 10 cybersecurity webzine in 2021

The Last Watchdog

NOVEMBER 3, 2021

webroot.com/blog. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. They include: • architectsecurity.org. krebsonsecurity.com. schneier.com. grahamcluley.com. securityaffairs/co/wordpress /. blog.sucuri.net. threatpost.com. But there’s a lot more to get done.

Cybersecurity

Cybersecurity Data breaches Mobile Internet

Ransomware Group Debuts Searchable Victim Data

Krebs on Security

JUNE 14, 2022

Today, however, the group began publishing individual victim websites on the public Internet, with the leaked data made available in an easily searchable form. But the website erected by ALPHV as part of this new pressure tactic is available on the open Internet. “It’ll p**s people off and make class actions more likely.”

Ransomware

Ransomware Internet Internet Cybercrime

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

2020 blog post on an ongoing Qakbot campaign that was first documented three months earlier by Check Point Research. The security flaw was briefly alluded to in a 2018 writeup on U-Admin by the SANS Internet Storm Center. The U-Admin phishing panel interface. Image: fr3d.hk/blog.

Phishing

Phishing Scams Banking Mobile

U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 31, 2025

Researchers at SANS Internet Storm Center warned that the two issues are actively exploited in attacks. A quick search didnt show any active exploitation, but details, including the backdoor credentials, were published in a blog by Nicholas Starke shortly after Cisco released its advisory [2]. reads the advisory published by SANS.

Software

Software Hacking Passwords Internet

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

. “A domain hosting provider ‘GoDaddy’ that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor,” Liquid CEO Kayamori said in a blog post. The internet is a public resource; only post information you are comfortable with anyone seeing.

Cryptocurrency

Cryptocurrency Scams Social Engineering VPN

Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs

Troy Hunt

FEBRUARY 25, 2025

I like to start long blog posts with a tl;dr, so here it is: We've ingested a corpus of 1.5TB worth of stealer logs known as "ALIEN TXTBASE" into Have I Been Pwned. Hats off to the tremendous service HIBP provides to the internet 🙏 [link] — DHH (@dhh) February 4, 2025 That's awesome!

Passwords

Passwords Accountability VPN Malware

Ransomware Hit ATM Giant Diebold Nixdorf

Krebs on Security

MAY 11, 2020

Indeed, some of the larger ransomware groups are doing just that , constantly updating blogs on the Internet and the dark Web that publish the names and data stolen from victims who decline to pay. So far, the crooks behind ProLock haven’t launched their own blog.

Ransomware

Ransomware Retail Malware Data breaches

MY TAKE: The CVE program crisis isn’t over — it’s a wake-up call for cybersecurity’s supply chain

The Last Watchdog

APRIL 16, 2025

Francesco Cipollone, CEO of Phoenix Security, unpacked this well in his recent blog post. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. And if this near-shutdown rattled operations, it also exposed an underlying architectural flaw.

Architecture

Architecture Risk Cybersecurity Internet

Internet Backbone Giant Lumen Shuns.RU

Pwned - The Collected Blog Posts of Troy Hunt (Preview)

Trending Sources

MyBook Users Urged to Unplug Devices from Internet

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Microsoft: Happy 2025. Here’s 161 Security Updates

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Together for a Better Internet: Celebrating Safer Internet Day 2025

KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

No, I Won't Link to Your Spammy Article

BadBox rapidly grows, 190,000 Android devices infected

Extracting Personal Information from Large Language Models Like GPT-2

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Security expert Troy Hunt hit by phishing attack

NSA Admits Secretly Buying Your Internet Browsing Data without Warrants

Closing the Loop: Continuous API Security Testing – FireTail Blog

Happy 15th Anniversary, KrebsOnSecurity!

Smart Home Data Breach Exposes 2.7 Billion Records

Internet Safety Month: Keep Your Online Experience Safe and Secure

Stark Industries Solutions: An Iron Hammer in the Cloud

Who’s Behind the ‘Web Listings’ Mail Scam?

Webroot SecureAnywhere Internet Security Ranks #1 Among 8 Competitors for Overall Performance

Do you actually need a VPN? Your guide to staying safe online!

Microsoft Uses Trademark Law to Disrupt Trickbot Botnet

Microsoft Patch Tuesday, March 2021 Edition

Soft-Launching and Open Sourcing the Have I Been Pwned Rebrand

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

The Web’s Bot Containment Unit Needs Your Help

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Be Very Sparing in Allowing Site Notifications

Protect those you love from internet scams this Valentine’s Day

Security Vulnerability of Switzerland’s E-Voting System

Crooks bank on Microsoft’s search engine to phish customers

Humans are Bad at URLs and Fonts Don’t Matter

Adconion Execs Plead Guilty in Federal Anti-Spam Case

REvil Ransomware Gang Starts Auctioning Victim Data

Don’t Let Your Domain Name Become a “Sitting Duck”

MY TAKE: lastwatchdog.com receives recognition as a Top 10 cybersecurity webzine in 2021

Ransomware Group Debuts Searchable Victim Data

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs

Ransomware Hit ATM Giant Diebold Nixdorf

MY TAKE: The CVE program crisis isn’t over — it’s a wake-up call for cybersecurity’s supply chain

Stay Connected