Krebs – Page 13 – Computer Security Articles

Credit to Author: BrianKrebs| Date: Mon, 23 Oct 2023 13:08:27 +0000

A 22-year-old New Jersey man has been sentenced to more than 13 years in prison for participating in a firebombing and a shooting at homes in Pennsylvania last year. Patrick McGovern-Allen was the subject of a Sept. 4, 2022 story here about the emergence of “violence-as-a-service” offerings, where random people from the Internet hire themselves out to perform a variety of local, physical attacks, including firebombing a home, “bricking” windows, slashing tires, or performing a drive-by shooting at someone’s residence.

Independent Krebs

Hackers Stole Access Tokens from Okta’s Support Unit

October 23, 2023 admin A Little Sunshine, beyondtrust, charlotte wylie, data breaches, marc maiffret, Okta, okta breach

Credit to Author: BrianKrebs| Date: Fri, 20 Oct 2023 18:39:23 +0000

Okta, a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. Okta says the incident affected a “very small number” of customers, however it appears the hackers responsible had access to Okta’s support platform for at least two weeks before the company fully contained the intrusion.

Independent Krebs

The Fake Browser Update Scam Gets a Makeover

October 18, 2023 admin A Little Sunshine, binance smart chain, bnb smart chain, clearfake, dusty miller, guardio labs, Latest Warnings, nati tal, oleg zaytsev, randy mceoin, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 18 Oct 2023 14:03:28 +0000

One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months. New research shows the attackers behind one such scheme have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement: By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain.

Independent Krebs

Tech CEO Sentenced to 5 Years in IP Address Scheme

October 17, 2023 admin American Registry for Internet Numbers, Amir Golestan, ARIN, Micfo LLC, Ne'er-Do-Well News, spamhaus, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 17 Oct 2023 16:23:25 +0000

Amir Golestan, the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC, has been sentenced to five years in prison for wire fraud. Golestan’s sentencing comes nearly two years after he pleaded guilty to using an elaborate network of phony companies to secure more than 735,000 Internet Protocol (IP) addresses from the American Registry for Internet Numbers (ARIN), the nonprofit which oversees IP addresses assigned to entities in the U.S., Canada, and parts of the Caribbean.

Independent Krebs

Patch Tuesday, October 2023 Edition

October 10, 2023 admin adam barnett, Amazon, apple, CloudFlare, cve-2023-35349, cve-2023-36563, cve-2023-36778, cve-2023-41763, cve-2023-44487, Damian Menscher, google, immersive labs, ios 17.0.3, ipados 17.0.3, libvpx, microsoft, natalie silva, patch tuesday october 2023, rapid reset attack, Rapid7, Security Tools, skype for business, Time to Patch, windows, WordPad

Credit to Author: BrianKrebs| Date: Tue, 10 Oct 2023 22:51:31 +0000

Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS.

Independent Krebs

Phishers Spoof USPS, 12 Other Natl’ Postal Services

October 9, 2023 admin A Little Sunshine, alibaba, correos.es, dnslytics.com, domaintools, Latest Warnings, poste italiane, posti, postnl, postnord, ua-80133954-3, urlscan.io, USPS, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 09 Oct 2023 20:39:43 +0000

Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Postal Service (USPS) customers. Here’s a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries worldwide.

Independent Krebs

Don’t Let Zombie Zoom Links Drag You Down

October 2, 2023 admin A Little Sunshine, charan akiri, Latest Warnings, LinkedIn, The Coming Storm, zoom, zoom personal meeting id

Credit to Author: BrianKrebs| Date: Mon, 02 Oct 2023 15:43:34 +0000

Many organizations — including quite a few Fortune 500 firms — have exposed web links that allow anyone to initiate a Zoom video conference meeting as a valid employee. These company-specific Zoom links, which include a permanent user ID number and an embedded passcode, can work indefinitely and expose an organization’s employees, customers or partners to phishing and other social engineering attacks.

Independent Krebs

A Closer Look at the Snatch Data Ransom Group

September 30, 2023 admin Breadcrumbs, cisa, constella intelligence, databreaches.net, FBI, Flashpoint, Ne'er-Do-Well News, perchatka, ransomware, semen7907, semyon tretyakov, snatch ransomware, snatch team, tretyakov-files@yandex.ru

Credit to Author: BrianKrebs| Date: Sat, 30 Sep 2023 19:47:57 +0000

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. Today, we’ll take a closer look at the history of Snatch, its alleged founder, and their claims that everyone has confused them with a different, older ransomware group by the same name.