Latest Warnings Archives - Page 2 of 3

A Little Sunshine, Black Lotus Labs, Bronze Silhouette, Christopher Wray, CVE-2024-39717, Cybersecurity & Infrastructure Security Agency, Federal Bureau of Investigation, Insidious Taurus, Internet of Things (IoT), Krebs, KV-botnet, Latest Warnings, Lumen Technologies, Michael Horka, national security agency, News, Ryan English, Security, The Coming Storm, U.S. Department of Justice, Versa Director 22.1.4, Volt Typhoon

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Posted on August 27, 2024 by [email protected]

27
Aug

Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltrating critical U.S. networks and laying the groundwork for the ability to disrupt communications between the United States […]

Continue reading →

A Little Sunshine, Active Directory, Andorra, DNS name devolution, Krebs, Latest Warnings, Memphis Real-Time Crime Center, memrtcc.ad, Mike Barlow, Mike O'Connor, namespace collision, News, Philippe Caturegli, Security, Seralys, The Coming Storm, Web Fraud 2.0, Web Proxy Auto-Discovery Protocol, wpad.ad, wpad.dk

Local Networks Go Global When Domain Names Collide

Posted on August 23, 2024 by [email protected]

23
Aug

The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. Meaning, they are continuously sending their Windows usernames and passwords to domain names they do not control and which are […]

Continue reading →

A Little Sunshine, APWG, Dave Mitchell, Digicert, Digital Ocean, DNSMadeEasy, Eclypsium, Hostinger, Infoblox, Krebs, Latest Warnings, Matthew Bryant, News, Security, sitting duck domains, Steve Job, Time to Patch, Web Fraud 2.0

Don’t Let Your Domain Name Become a “Sitting Duck”

Posted on July 31, 2024 by [email protected]

31
Jul

More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Image: Shutterstock. Your Web browser knows how to find a site like […]

Continue reading →

A Little Sunshine, Anu Yamunan, dropbox, Google, Google Workspace, Krebs, Latest Warnings, News, Security, sign in with Google, Slack, Squarespace, Web Fraud 2.0

Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services

Posted on July 26, 2024 by [email protected]

26
Jul

Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google’s “Sign in with Google” feature. Last week, KrebsOnSecurity heard from a reader who said they received a […]

Continue reading →

.top, A Little Sunshine, Anti-Phishing Working Group, Dave Piscitello, Interisle Consulting Group, Internet Corporation for Assigned Names and Numbers, Jiangsu Bangning Science & Technology Co. Ltd, Krebs, Latest Warnings, News, Security, The Coming Storm

Phish-Friendly Domain Registry “.top” Put on Notice

Posted on July 23, 2024 by [email protected]

23
Jul

The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top […]

Continue reading →

A Little Sunshine, blue screen of death, CrowdStrike, George Kurtz, Krebs, Latest Warnings, Microsoft, News, Security, Time to Patch

Global Microsoft Meltdown Tied to Bad Crowdstrike Update

Posted on July 19, 2024 by [email protected]

19
Jul

A faulty software update from cybersecurity vendor Crowdstrike crippled countless Microsoft Windows computers across the globe today, disrupting everything from airline travel and financial institutions to hospitals and businesses online. Crowdstrike said a fix has been deployed, but experts say the recovery from this outage could take some time, as Crowdstrike’s solution needs to be […]

Continue reading →

A Little Sunshine, Data Breaches, Google Domains, Krebs, Latest Warnings, MetaMask, News, Paradigm, Security, Squarespace, Taylor Monahan, Web Fraud 2.0

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Posted on July 15, 2024 by [email protected]

15
Jul

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, […]

Continue reading →

A Little Sunshine, Advance Auto Parts, Allstate, Anheuser-Busch, AT&T breach, Data Breaches, fbi, Krebs, Latest Warnings, Los Angeles Unified, Mitsubishi, Neiman Marcus, News, Progressive, Pure Storage, Santander Bank, Security, Snowflake hack, State Farm, Techcrunch, Ticketmaster, U.S. Securities and Exchange Commission, wired

Hackers Steal Phone, SMS Records for Nearly All AT&T Customers

Posted on July 12, 2024 by [email protected]

12
Jul

AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be […]

Continue reading →

A Little Sunshine, apple, BSSID, David Levin, Erik Rye, IEEE, Krebs, Latest Warnings, News, Security, Security Tools, Starlink, The Coming Storm, University of Maryland, Wi-Fi location

Why Your Wi-Fi Router Doubles as an Apple AirTag

Posted on May 21, 2024 by [email protected]

21
May

Image: Shutterstock. Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — […]

Continue reading →

A Little Sunshine, Bill Woodcock, Dani Cronce, DHCP option 121, DHCP starvation attack, Dynamic Host Control Protocol, John Kristoff, Krebs, Latest Warnings, Leviathan Security, Lizzie Moratti, News, Packet Clearing House, Security, The Coming Storm, Web Fraud 2.0

Why Your VPN May Not Be As Secure As It Claims

Posted on May 6, 2024 by [email protected]

06
May

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by […]

Continue reading →

Login