Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation. Two of the zero-day flaws include CVE-2025-24991 and CVE-2025-24993, both vulnerabilities in NTFS, the default file system for Windows and Windows Server. Both require the attacker to […]
Category Archives: Krebs
Category Added in a WPeMatico Campaign
11
Mar
Mar
Authorities in India today arrested the alleged co-founder of Garantex, a cryptocurrency exchange sanctioned by the U.S. government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Sources close to the investigation told KrebsOnSecurity the Lithuanian national Aleksej Besciokov, 46, was apprehended while vacationing on the […]
07
Mar
Mar
In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U.S. federal agents investigating a spectacular $150 million cryptocurrency heist said they had […]
A Little Sunshine, Branden Spikes, California Russian Association, Congress of Russian Americans, Constellation of Humanity, Cyberinc, Department of Government Efficiency, Diana Fishman, Donald J. Trump, elon musk, Inc., Ivan Y. Podvalov, Jacqueline Sweet, Krebs, Maye Musk, Natalia Haldeman, Natalia Spikes, News, Radaris, Reeve Haldeman, Russian American Media, Russian Heritage Foundation, Russian Orthodox Church Outside of Russia, Scott Haldeman, Security, SpaceX, Spikes Security, U.S. Digital Service
Who is the DOGE and X Technician Branden Spikes?
06
Mar
Mar
At 49, Branden Spikes isn’t just one of the oldest technologists who has been involved in Elon Musk’s Department of Government Efficiency (DOGE). As the current director of information technology at X/Twitter and an early hire at PayPal, Zip2, Tesla and SpaceX, Spikes is also among Musk’s most loyal employees. Here’s a closer look at […]
A Little Sunshine, Alfa Bank, BEARHOST, GootLoader, Interisle Consulting Group, Intrinsec, Kaspersky Lab, Kentik, Krebs, Ne'er-Do-Well News, News, Prospero OOO, ransomware, Securehost, Security, Silent Push, SocGholish, spamhaus, The Coming Storm, Zach Edwards
Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab
28
Feb
Feb
One of the most notorious providers of abuse-friendly “bulletproof” web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security firm Kaspersky Lab, KrebsOnSecurity has learned. Security experts say the Russia-based service provider Prospero OOO (the triple O is the Russian version of “LLC”) has long been a […]
26
Feb
Feb
A U.S. Army soldier who pleaded guilty last week to leaking phone records for high-ranking U.S. government officials searched online for non-extradition countries and for an answer to the question “can hacking be treason?” prosecutors in the case said Wednesday. The government disclosed the details in a court motion to keep the defendant in custody […]
A Little Sunshine, Bruce Schneier, Bybit, Christopher Stanley, Coinbase, Conservative Political Action Conference, Consumer Financial Protection Bureau, Cybersecurity and Infrastructure Security Agency, Davi Ottenheimer, Department of Government Efficiency, Department of Homeland Security, Department of Justice, Edward Coristine, Gavin Kliger, Global Investigative Journalism Network, Hunter Labs, Internal Revenue Service, Jacob Silverman, Jacob Williams, Katie Arrington, KleptoCapture Task Force, Kleptocracy Asset Recovery Initiative, Krebs, Latest Warnings, Leland Dudek, lizardstresser, Michelle King, Natalya Martynova, National Institute of Standards and Technology, National Treasury Employees Union, News, Office of Management and Budget, Office of Personnel Management, Organized Crime and Corruption Reporting Project, President Donald Trump, Project 2025, Rep. Andy Ogles, Russia's War on Ukraine, Sean Cairncross, Security, Social Security Administration, Starlink, The Coming Storm, Treasury Department, U.S. Agency for International Development, U.S. Foreign Corrupt Practices Act, U.S. Securities and Exchange Commission, Valery Martynov, Vladimir Putin, Volodymyr Zelensky
Trump 2.0 Brings Cuts to Cyber, Consumer Protections
23
Feb
Feb
One month into his second term, President Trump’s actions to shrink the government through mass layoffs, firings and withholding funds allocated by Congress have thrown federal cybersecurity and consumer protection programs into disarray. At the same time, agencies are battling an ongoing effort by the world’s richest man to wrest control over their networks and […]
A Little Sunshine, All About Skimmers, Andy Chandler, apple, CSIS Security Group, Ford Merrill, ghost tap, Google, Grant Smith, imessage, Krebs, M3AAWG, News, RCS, Resecurity, SecAlliance, Security, smishing, The Coming Storm, ThreatFabric, Web Fraud 2.0, ZNFC
How Phished Data Turns into Apple & Google Wallets
18
Feb
Feb
Carding — the underground business of stealing, selling and swiping stolen payment card data — has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new […]
13
Feb
Feb
In mid-March 2024, KrebsOnSecurity revealed that the founder of the personal data removal service Onerep also founded dozens of people-search companies. Shortly after that investigation was published, Mozilla said it would stop bundling Onerep with the Firefox browser and wind down its partnership with the company. But nearly a year later, Mozilla is still promoting it […]
Adam Barnett, adobe, apple, CVE-2024-38193, CVE-2025-21377, CVE-2025-21391, CVE-2025-21418, google chrome, Krebs, Microsoft 365 Copilot, Microsoft Patch Tuesday February 2025, News, Other, Rapid7, sans internet storm center, Satnam Narang, Security, Tenable, Time to Patch
Microsoft Patch Tuesday, February 2025 Edition
11
Feb
Feb
Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. All supported Windows operating systems will receive an update this month for a buffer overflow vulnerability that carries the catchy name CVE-2025-21418. This patch should be a […]