The Coming Storm Archives

Adam Barnett, Bitlocker, Bob Hopkins, CVE-2024-49142, CVE-2025-21186, CVE-2025-21210, CVE-2025-21298, CVE-2025-21311, CVE-2025-21333, CVE-2025-21334, CVE-2025-21335, CVE-2025-21366, CVE-2025-21395, Kev Breen, Krebs, Latest Warnings, Microsoft Access, Microsoft Patch Tuesday January 2025, News, Rapid7, Satnam Narang, Security, The Coming Storm, Time to Patch, unpatched.ai, Windows 11, Windows Hyper-V, Windows NTLMv1

Microsoft: Happy 2025. Here’s 161 Security Updates

Posted on January 14, 2025 by [email protected]

14
Jan

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017. Rapid7‘s Adam Barnett says January marks the fourth consecutive month […]

Continue reading →

800-275-2273, A Little Sunshine, Allison Nixon, Aristotle, autodoxers, Coinbase, Crypto Chameleon, Discord, domaintools, Krebs, Latest Warnings, Lookout, Mark Cuban, News, Okta, Perm, Security, Shark Tank, Star Fraud, Stotle, telegram, The Coming Storm, Trezor, Unit 221B, voice phishing, Web Fraud 2.0

A Day in the Life of a Prolific Voice Phishing Crew

Posted on January 7, 2025 by [email protected]

07
Jan

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety […]

Continue reading →

A Little Sunshine, Acunetix, Altug Sara, [email protected], Araneida Scanner, Bilitro Yazilim, Breadcrumbs, domaintools, Fin7, Invicti Security, Krebs, Matt Sciberras, Ne'er-Do-Well News, Neil Roseman, News, [email protected], Security, Silent Push, The Coming Storm, U.S. Department of Health and Human Services, Zach Edwards

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Posted on December 19, 2024 by [email protected]

19
Dec

Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology […]

Continue reading →

@chenlun, A Little Sunshine, and Mobile Anti-Abuse Working Group, Anti-Phishing Working Group, Coalition Against Unsolicited Commercial Email, ICANN, Interisle Consulting, Internet Corporation for Assigned Names and Numbers, John Levine, Krebs, Latest Warnings, malware, Messaging, new gTLDs, News, phishing, Security, spam, The Coming Storm, U.S. Postal Service

Why Phishers Love New TLDs Like .shop, .top and .xyz

Posted on December 3, 2024 by [email protected]

03
Dec

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees […]

Continue reading →

A Little Sunshine, AT&T, Boxfan, buttholio, Connor Riley Moucka, cyb3rph4nt0m, DDoS-for-Hire, John Erin Binns, Judische, Kiberphant0m, Krebs, Naver, Ne'er-Do-Well News, News, Proman557, ransomware, Reverseshell, Security, Shi-Bot, Snowflake, South Korea, telekomterrorist, The Coming Storm, Vars_Secc, Verizon, Waifu

Hacker in Snowflake Extortions May Be a U.S. Soldier

Posted on November 26, 2024 by [email protected]

26
Nov

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this person’s identity may not remain a secret for long: […]

Continue reading →

abyss0, BreachForums, Data Breaches, Finastra, ke-la.com, Krebs, Latest Warnings, Ne'er-Do-Well News, News, Security, The Coming Storm

Fintech Giant Finastra Investigating Data Breach

Posted on November 19, 2024 by [email protected]

19
Nov

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen […]

Continue reading →

A Little Sunshine, emergency data request, fake EDR, fbi, Kodex, Krebs, Latest Warnings, Matt Donahue, News, pwnstar, Security, The Coming Storm, Web Fraud 2.0

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Posted on November 9, 2024 by [email protected]

09
Nov

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based technology companies. In an alert (PDF) published this week, the FBI […]

Continue reading →

A Little Sunshine, booking.com, Krebs, Latest Warnings, News, phishing, secureworks, Security, spear phishing, The Coming Storm, Web Fraud 2.0

Booking.com Phishers May Leave You With Reservations

Posted on November 1, 2024 by [email protected]

01
Nov

A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the […]

Continue reading →

AlphV, Anthem Inc., BlackCat, Data Breaches, Equifax, Experian, HIPAA Journal, IDX, Krebs, Latest Warnings, News, RansomHub, Security, Sen. Mark Warner, Sen. Ron Wyden, The Coming Storm, TransUnion, U.S. Department of Health and Human Resources, United Health Group

Change Healthcare Breach Hits 100M Americans

Posted on October 30, 2024 by [email protected]

30
Oct

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. Image: Tamer Tuncay, Shutterstock.com. A ransomware attack at Change Healthcare in the third week of February […]

Continue reading →

A Little Sunshine, AccuWeather, Adx, Android Advertising ID, App Tracking Transparency, apple, Associated Press, bid request, BR24, Daniel's Law, Electronic Frontier Foundation, Eva Galperin, Fog Reveal, GasBuddy, Google, Grindr, Identifier for Advertisers, Judge Andrew F. Wilkinson Judicial Security Act, Justin Sherman, Justyna Maloney, Krebs, Latest Warnings, Macy's, MAID, mobile advertising ID, MyFitnessPal, netzpolitik.org, News, Scott Maloney, Security, Sen. Ron Wyden, SilentPush, Tangles, The Coming Storm, Troutman Pepper, U.S. Securities and Exchange Commission, WebLoc, Zach Edwards

The Global Surveillance Free-for-All in Mobile Ad Data

Posted on October 23, 2024 by [email protected]

23
Oct

Not long ago, the ability to digitally track someone’s daily movements just by knowing their home address, employer, or place of worship was considered a dangerous power that should remain only within the purview of nation states. But a new lawsuit in a likely constitutional battle over a New Jersey privacy law shows that anyone […]

Continue reading →

Login