In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick, a.k.a. “Pompompurin,” is slated for resentencing next month […]
Category Archives: Krebs
Category Added in a WPeMatico Campaign
14
May
May
Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the sense of urgency with this month’s patch batch from Redmond are fixes for two other weaknesses that now have public proof-of-concept exploits available. Microsoft and […]
360 Digital Marketing LLC, A Little Sunshine, Abtach, Axact, Azneem Bilwani, Breadcrumbs, Digitonics Labs, eWorldTrade, Federal Investigation Agency, Intersys Limited, Junaid Mansoor, Krebs, Majestic Ghostwriting, Muhammad Burhan Mirza, NatInfoSec, Ne'er-Do-Well News, News, Octa Group Technologies AU, Qasim Mansoor, Retrocube LLC, Security, The New York Times, U.S. Department of Justice, U.S. Patent and Trademark Office, Vertical Minds LLC, Web Fraud 2.0
Pakistani Firm Shipped Fentanyl Analogs, Scams to US
07
May
May
A Texas firm recently charged with conspiring to distribute synthetic opioids in the United States is at the center of a vast network of companies in the U.S. and Pakistan whose employees are accused of using online ads to scam westerners seeking help with trademarks, book writing, mobile app development and logo designs, a new […]
A Little Sunshine, Carole Winqwist, Department of Government Efficiency, DOGE, Eric Fourrier, General Services Administration, GitGuardian, Github, Grok, GSAi, Krebs, Latest Warnings, News, Philippe Caturegli, Reuters, Security, Seralys, SpaceX, Tesla, The Coming Storm, The Washington Post, Twitter/X, xAI
xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs
01
May
May
An employee at Elon Musk’s artificial intelligence company xAI leaked a private key on GitHub that for the past two months could have allowed anyone to query private xAI large language models (LLMs) which appear to have been custom made for working with internal data from Musk’s companies, including SpaceX, Tesla and Twitter/X, KrebsOnSecurity has learned. […]
0ktapus, A Little Sunshine, Ahmed Elbadawy, Caesars, DoorDash, Evans Osiebo, Group-IB, Joel Evans, Krebs, lastpass, Mailchimp, MGM, Ne'er-Do-Well News, News, Noah Urban, Okta, ransomware, Scattered Spider, Security, SIM Swapping, Twilio, Tyler Robert Buchanan, Tylerb
Alleged ‘Scattered Spider’ Member Extradited to U.S.
30
Apr
Apr
A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. U.S. prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of companies in the United States […]
A Little Sunshine, async-ip-rotator, Browserless, Daniel J. Berulis, Department of Government Efficiency, Department of Health and Human Services, DOGE, Ge0rg3, Github, Integuru, Krebs, Labor Department, Marko Elez, National Labor Relations Board, News, Politico, Security, The Coming Storm, The Wall Street Journal
DOGE Worker’s Code Supports NLRB Whistleblower
23
Apr
Apr
A whistleblower at the National Labor Relations Board (NLRB) alleged last week that denizens of Elon Musk’s Department of Government Efficiency (DOGE) siphoned gigabytes of data from the agency’s sensitive case files in early March. The whistleblower said accounts created for DOGE at the NLRB downloaded three code repositories from GitHub. Further investigation into one […]
A Little Sunshine, amazon, Andrew P. Bakaj, CNN, Cybersecurity and Infrastructure Security Agency, Daniel J. Berulis, DOGE, Github, Krebs, Lasharn Hamilton, Latest Warnings, Microsoft Azure, News, NPR, NxGen, President Trump, Security, SpaceX, The Coming Storm, Tim Bearese, US-CERT
Whistleblower: DOGE Siphoned NLRB Case Data
21
Apr
Apr
A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk‘s Department of Government Efficiency (DOGE) transferred gigabytes of sensitive data from agency case files in early March, using short-lived accounts configured to leave few traces of network activity. The NLRB whistleblower said the unusual large data outflows coincided with […]
15
Apr
Apr
A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit research and development organization MITRE warned today that its contract to maintain the Common Vulnerabilities and Exposures (CVE) program — which is traditionally funded each […]
A Little Sunshine, A.J. Vicens, Chris Krebs, Cyber Safety Review Board, Department of Government Efficiency, DOGE, Dustin Volz, Electronic Frontier Foundation, Gen. Timothy Haugh, Heritage Foundation, Iowa Secretary of State Paul Pate, Krebs, Latest Warnings, Martin Matishak, National Counterintelligence and Security Center, national security agency, Nevada Secretary of State Cisco Aguilar, News, Newsweek, Paul Rosenzweig, Pennsylvania Capital-Star, Raphael Satter, Reuters, Safeguard American Voter Eligibility Act (SAVE) Act, Secretary of the Commonwealth Al Schmidt, Security, Sen. Mark Warner, Sen. Ron Wyden, Suzanne Smalley, The Coming Storm, The Guardian, The Record, The Wall Street Journal, The Washington Post, U.S. Cyber Command, U.S. Election Assistance Commission, Wendy Noble
Trump Revenge Tour Targets Cyber Leaders, Elections
14
Apr
Apr
President Trump last week revoked security clearances for Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA) who was fired by Trump after declaring the 2020 election the most secure in U.S. history. The White House memo, which also suspended clearances for other security professionals at Krebs’s employer SentinelOne, comes as […]
A Little Sunshine, Citigroup, CSIS Security Group, Darcula, Ford Merrill, google android, imessage, Krebs, Latest Warnings, Lighthouse, mastercard, Ne'er-Do-Well News, News, Paypal, ProDaft, Resecurity, SecAlliance, Security, SilentPush, Smishing Triad, Stripe, The Coming Storm, Visa, Web Fraud 2.0, Xinxin Group, Z-NFC, Zach Edwards
China-based SMS Phishing Triad Pivots to Banks
10
Apr
Apr
China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “Smishing Triad” mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime […]