Microsoft today released updates to fix at least 90 security vulnerabilities in Windows and related software, including a whopping six zero-day flaws that are already being actively exploited by attackers. Image: Shutterstock. This month’s bundle of update joy from Redmond includes patches for security holes in Office, .NET, Visual Studio, Azure, Co-Pilot, Microsoft Dynamics, Teams, […]
Category Archives: Krebs
Category Added in a WPeMatico Campaign
07
Aug
Aug
A partial selfie posted by Puchmade Dev to his Twitter account. Yes, that is a functioning handheld card skimming device, encrusted in diamonds. Underneath that are more medallions, including a diamond-studded bitcoin and payment card. In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime lifestyle. That story […]
05
Aug
Aug
A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. Security experts say the Dark Angels have been around since 2021, but the group doesn’t get much press because they work alone and […]
Alexander Vinnik, Alsu Kurmasheva, BTC-e, Evan Gershkovich, German Moyzhes, Ivan Ermakov, Krebs, Maxim Marchenko, Mt. Gox, Ne'er-Do-Well News, News, Paul Whelan, ransomware, Roman Seleznev, Russia's War on Ukraine, Security, trickbot, Vadim Krasikov, Vladimir Putin, Vladislav Klyushin
U.S. Trades Cybercriminals to Russia in Prisoner Swap
01
Aug
Aug
Twenty-four prisoners were freed today in an international prisoner swap between Russia and Western countries. Among the eight Russians repatriated were several convicted cybercriminals. In return, Russia has reportedly released 16 prisoners, including Wall Street Journal reporter Evan Gershkovich and ex-U.S. Marine Paul Whelan. Among the more notable Russian hackers released in the prisoner swap […]
31
Jul
Jul
More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Image: Shutterstock. Your Web browser knows how to find a site like […]
26
Jul
Jul
Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google’s “Sign in with Google” feature. Last week, KrebsOnSecurity heard from a reader who said they received a […]
.top, A Little Sunshine, Anti-Phishing Working Group, Dave Piscitello, Interisle Consulting Group, Internet Corporation for Assigned Names and Numbers, Jiangsu Bangning Science & Technology Co. Ltd, Krebs, Latest Warnings, News, Security, The Coming Storm
Phish-Friendly Domain Registry “.top” Put on Notice
23
Jul
Jul
The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top […]
19
Jul
Jul
A faulty software update from cybersecurity vendor Crowdstrike crippled countless Microsoft Windows computers across the globe today, disrupting everything from airline travel and financial institutions to hospitals and businesses online. Crowdstrike said a fix has been deployed, but experts say the recovery from this outage could take some time, as Crowdstrike’s solution needs to be […]
15
Jul
Jul
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, […]
A Little Sunshine, Advance Auto Parts, Allstate, Anheuser-Busch, AT&T breach, Data Breaches, fbi, Krebs, Latest Warnings, Los Angeles Unified, Mitsubishi, Neiman Marcus, News, Progressive, Pure Storage, Santander Bank, Security, Snowflake hack, State Farm, Techcrunch, Ticketmaster, U.S. Securities and Exchange Commission, wired
Hackers Steal Phone, SMS Records for Nearly All AT&T Customers
12
Jul
Jul
AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be […]