Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 344

Hacking Cybercrime Phishing Passwords 344

Krebs on Security

JULY 29, 2021

Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. So hopefully by this point it should be clear why re-using passwords is generally a bad idea. Don’t re-use passwords. In essence, you effectively get to use the same password across all Web sites.

Passwords 363

Passwords Password Management Phishing Scams 363

Krebs on Security

SEPTEMBER 22, 2023

The password manager service LastPass is now forcing some of its users to pick longer master passwords. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass. ”

Passwords 329

Passwords Encryption Password Management Cryptocurrency 329

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. And then he got hacked. But I recognize this antiquated approach to password management is not for everyone.

Cryptocurrency 361

Cryptocurrency Passwords Encryption Accountability 361

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Krebs on Security

JULY 10, 2022

Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts.

Accountability 338

Accountability Passwords Authentication Password Management 338

Krebs on Security

NOVEMBER 23, 2018

I later received an email from the seller, who said his Amazon account had been hacked and abused by scammers to create fake sales. You might even take a minute to explain the perils of re-using passwords across multiple sites, and see if they’re interested in using a password manager.

Scams 279

Scams Wireless Phishing Banking 279