Krebs – Page 30 – Computer Security Articles

Credit to Author: BrianKrebs| Date: Mon, 31 Oct 2022 20:53:27 +0000

A 26-year-old Ukrainian man is awaiting extradition to the United States on charges that he acted as a core developer for Raccoon, a “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. KrebsOnSecurity has learned that the defendant was busted in March 2022, after fleeing mandatory military service in Ukraine in the weeks following the Russian invasion.

Independent Krebs

October 20, 2022 admin

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Credit to Author: BrianKrebs| Date: Thu, 20 Oct 2022 17:07:34 +0000

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. The next day, half of those profiles no longer existed. A similarly dramatic drop in the number of LinkedIn profiles claiming employment at Amazon comes as LinkedIn is struggling to combat a significant uptick in the creation of fake employee accounts that pair AI-generated profile photos with text lifted from legitimate users.

Independent Krebs

October 18, 2022 admin

How Card Skimming Disproportionally Affects Those Most In Need

Credit to Author: BrianKrebs| Date: Wed, 19 Oct 2022 01:28:46 +0000

When people banking in the United States lose money because their payment card got skimmed at an ATM, gas pump or grocery store checkout terminal, they may face hassles or delays in recovering any lost funds, but they are almost always made whole by their financial institution. Yet, one class of Americans — those receiving food assistance benefits via state-issued prepaid debit cards — are particularly exposed to losses from skimming scams, and usually have little recourse to do anything about it.

Independent Krebs

October 15, 2022 admin

Anti-Money Laundering Service AMLBot Cleans House

Credit to Author: BrianKrebs| Date: Sat, 15 Oct 2022 14:08:59 +0000

AMLBot, a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to help cybercrooks avoid detection by anti-money laundering systems.

Independent Krebs

October 11, 2022 admin

Microsoft Patch Tuesday, October 2022 Edition

Credit to Author: BrianKrebs| Date: Tue, 11 Oct 2022 21:06:23 +0000

Microsoft today released updates to fix at least 85 security holes in its Windows operating systems and related software, including a new zero-day vulnerability in all supported versions of Windows that is being actively exploited. However, noticeably absent from this month’s Patch Tuesday are any updates to address a pair of zero-day flaws being exploited this past month in Microsoft Exchange Server.

Independent Krebs

October 7, 2022 admin

Report: Big U.S. Banks Are Stiffing Account Takeover Victims

Credit to Author: BrianKrebs| Date: Fri, 07 Oct 2022 18:46:12 +0000

When U.S. consumers have their online bank accounts hijacked and plundered by hackers, U.S. financial institutions are legally obligated to reverse any unauthorized transactions as long as the victim reports the fraud in a timely manner. But new data released this week suggests that for some of the nation’s largest banks, reimbursing account takeover victims has become more the exception than the rule.

Independent Krebs

October 5, 2022 admin

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

Credit to Author: BrianKrebs| Date: Wed, 05 Oct 2022 21:20:53 +0000

A recent proliferation of phony executive profiles on LinkedIn is creating something of an identity crisis for the business networking site, and for companies that rely on it to hire and screen prospective employees. The fabricated LinkedIn identities — which pair AI-generated profile photos with text lifted from legitimate accounts — are creating major headaches for corporate HR departments and for those managing invite-only LinkedIn groups.

Independent Krebs

September 30, 2022 admin

Microsoft: Two New 0-Day Flaws in Exchange Server

Credit to Author: BrianKrebs| Date: Fri, 30 Sep 2022 16:51:57 +0000

Microsoft Corp. is investigating reports that attackers are exploiting two previously unknown vulnerabilities in Exchange Server, a technology many organizations rely on to send and receive email. Microsoft says it is expediting work on software patches to plug the security holes. In the meantime, it is urging a subset of Exchange customers to enable a setting that could help mitigate ongoing attacks.