Krebs – Page 25 – Computer Security Articles

Patch Tuesday, November 2022 Election Edition

November 8, 2022 admin askwoody, cve-2022-41073, cve-2022-41080, cve-2022-41082, cve-2022-41091, cve-2022-41125, cve-2022-41128, immersive labs, kevin breen, microsoft, microsoft patch tuesday november 2022, sans internet storm center, Satnam Narang, Tenable, Time to Patch, windows, windows print spooler

Credit to Author: BrianKrebs| Date: Wed, 09 Nov 2022 01:50:14 +0000

Let’s face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story today. Still, while most of us here in the United States are anxiously awaiting the results of how well we’ve patched our Democracy, it seems fitting that Microsoft Corp. today released gobs of security patches for its ubiquitous Windows operating systems. November’s patch batch includes fixes for a whopping six zero-day security vulnerabilities that miscreants and malware are already exploiting in the wild.

Independent Krebs

LinkedIn Adds Verified Emails, Profile Creation Dates

November 4, 2022 admin A Little Sunshine, employment fraud, Security Tools

Credit to Author: BrianKrebs| Date: Fri, 04 Nov 2022 21:09:52 +0000

For whatever reason, the majority of the phony LinkedIn profiles reviewed by this author have involved young women with profile photos that appear to be generated by artificial intelligence (AI) tools. We’re seeing rapid advances in AI-based synthetic image generation technology and we’ve created a deep learning model to better catch profiles made with this technology. AI-based image generators can create an unlimited number of unique, high-quality profile photos that do not correspond to real people. Fake accounts sometimes use these convincing, AI-generated profile photos to make their fake LinkedIn profile appear more authentic.

Independent Krebs

Hacker Charged With Extorting Online Psychotherapy Service

November 3, 2022 admin A Little Sunshine, atti kurritu, hack the planet, julius kivimäki, Ne'er-Do-Well News, ransom_man, vastaamo, ville tapio, william ralston, wired, zbot, zeekill

Credit to Author: BrianKrebs| Date: Thu, 03 Nov 2022 14:43:22 +0000

A 25-year-old Finnish man has been charged with extorting a once popular and now-bankrupt online psychotherapy company and its patients. Finnish authorities rarely name suspects in an investigation, but they were willing to make an exception for Julius “Zeekill” Kivimaki, a notorious hacker who — at the tender age of 17 — had been convicted of more than 50,000 cybercrimes, including data breaches, payment fraud, operating botnets, and calling in bomb threats.

Independent Krebs

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

October 31, 2022 admin A Little Sunshine, alex jones, f. andino reynal, mark sokolovsky, Ne'er-Do-Well News, raccoon infostealer, raccoon stealer

Credit to Author: BrianKrebs| Date: Mon, 31 Oct 2022 20:53:27 +0000

A 26-year-old Ukrainian man is awaiting extradition to the United States on charges that he acted as a core developer for Raccoon, a “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. KrebsOnSecurity has learned that the defendant was busted in March 2022, after fleeing mandatory military service in Ukraine in the weeks following the Russian invasion.

Independent Krebs

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

October 20, 2022 admin A Little Sunshine, Amazon, anastacia brown, apple, binance, employment fraud, indeed, jay pinho, LinkedIn, Mandiant, Nicholas Weaver, signalhire, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 20 Oct 2022 17:07:34 +0000

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. The next day, half of those profiles no longer existed. A similarly dramatic drop in the number of LinkedIn profiles claiming employment at Amazon comes as LinkedIn is struggling to combat a significant uptick in the creation of fake employee accounts that pair AI-generated profile photos with text lifted from legitimate users.

Independent Krebs

How Card Skimming Disproportionally Affects Those Most In Need

October 18, 2022 admin All About Skimmers

Credit to Author: BrianKrebs| Date: Wed, 19 Oct 2022 01:28:46 +0000

When people banking in the United States lose money because their payment card got skimmed at an ATM, gas pump or grocery store checkout terminal, they may face hassles or delays in recovering any lost funds, but they are almost always made whole by their financial institution. Yet, one class of Americans — those receiving food assistance benefits via state-issued prepaid debit cards — are particularly exposed to losses from skimming scams, and usually have little recourse to do anything about it.

Independent Krebs

Anti-Money Laundering Service AMLBot Cleans House

October 15, 2022 admin A Little Sunshine, amlbot, antinalysis, incognito chain, nick bax, polina smoliar, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Sat, 15 Oct 2022 14:08:59 +0000

AMLBot, a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to help cybercrooks avoid detection by anti-money laundering systems.

Independent Krebs

Microsoft Patch Tuesday, October 2022 Edition

October 11, 2022 admin caitlin condon, cve-2022-37968, cve-2022-41033, immersive labs, kevin breen, Latest Warnings, microsoft patch tuesday october 2022, Rapid7, Satnam Narang, Tenable, Time to Patch

Credit to Author: BrianKrebs| Date: Tue, 11 Oct 2022 21:06:23 +0000

Microsoft today released updates to fix at least 85 security holes in its Windows operating systems and related software, including a new zero-day vulnerability in all supported versions of Windows that is being actively exploited. However, noticeably absent from this month’s Patch Tuesday are any updates to address a pair of zero-day flaws being exploited this past month in Microsoft Exchange Server.