Independent – Page 3 – Computer Security Articles

This Windows PowerShell Phish Has Scary Potential

September 19, 2024 admin A Little Sunshine, CAPTCHA, GitHub, Latest Warnings, lumma stealer, microsoft powershell, Virustotal.com, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 19 Sep 2024 19:39:09 +0000

Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. While it’s unlikely that many programmers fell for this scam, it’s notable because less targeted versions of it are likely to be far more successful against the average Windows user.

Independent Krebs

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

September 18, 2024 admin 148.251.54.196, A Little Sunshine, apkdownloadweb, Breadcrumbs, constella intelligence, domaintools, facebook funeral scams, Latest Warnings, mohammod abdullah khondokar, mohammod mehedi hasan, Web Fraud 2.0, webhostbd

Credit to Author: BrianKrebs| Date: Wed, 18 Sep 2024 13:43:51 +0000

Scammers are flooding Facebook with groups that purport to offer video streaming of funeral services for the recently deceased. Friends and family who follow the links for the streaming services are then asked to cough up their credit card information. Recently, these scammers have branched out into offering fake streaming services for nearly any kind of event advertised on Facebook. Here’s a closer look at the size of this scheme, and some findings about who may be responsible.

Independent Krebs

The Dark Nexus Between Harm Groups and ‘The Com’

September 13, 2024 admin 2992, 303, 404, 545, 555, 6996, 7997, 8884, advance auto parts, ali winston, alphv, aspertaine, AT&T, beige group, black cat, Bloomberg, breachforums, Breadcrumbs, chumlul, court, CrowdStrike, cultist, cvlt, Der Spiegel, discord, Doxbin, ea games, h3ll, harm nation, james thomas andrew mccarty, judische, kalana limkin, kaskar, kayte, kingbob, kt, kya christian nelson, leak society, lending tree, Mandiant, mark rasch, mgm resorts, microsoft, Minecraft, Ne'er-Do-Well News, neiman marcus, nicholas "convict" ceraolo, nmk, noah michael urban, nvidia, Okta, owen david flowers, pompompurin, RCMP, recorder, roblox, Royal Canadian Mounted Police, sagar "weep" singh, Samsung, santander bank, scattered spider, SIM swapping, slit town, snowflake, sosa, star chat, steam, SWATting, T-Mobile, telegram, the com, The Washington Post, ticketmaster, Twitch, u.s. department of justice, u.s. drug enforcement agency, unc5537, unit 221b, vile, violence-as-a-service, vsphere, waifu, Web Fraud 2.0, wired

Credit to Author: BrianKrebs| Date: Fri, 13 Sep 2024 12:16:45 +0000

A cyberattack that shut down some of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that made-for-Hollywood narrative has eclipsed a far more hideous trend: Many of these young, Western cybercriminals are also members of fast-growing online groups that exist solely to bully, stalk, harass and extort vulnerable teens into physically harming themselves and others.

Independent Krebs

Bug Left Some Windows PCs Dangerously Unpatched

September 12, 2024 admin cve-2024-38217, cve-2024-38226, cve-2024-43491, immersive labs, kev breen, mark of the web, microsoft, Microsoft Office, patch tuesday september 2024, Rapid7, Satnam Narang, Time to Patch

Credit to Author: BrianKrebs| Date: Tue, 10 Sep 2024 21:46:21 +0000

Microsoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software, including multiple flaws that are already showing up in active attacks. Microsoft also corrected a critical bug that has caused some Windows 10 PCs to remain dangerously unpatched against actively exploited vulnerabilities for several months this year.

Independent Krebs

Sextortion Scams Now Include Photos of Your Home

September 12, 2024 admin A Little Sunshine, FBI, Google Maps, Latest Warnings, sextortion, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 03 Sep 2024 15:45:49 +0000

An old but persistent email scam known as “sextortion” has a new personalized touch: The missives, which claim that malware has captured webcam footage of recipients pleasuring themselves, now include a photo of the target’s home in a bid to make threats about publishing the videos more frightening and convincing.

Independent Krebs

Owners of 1-Time Passcode Theft Service Plead Guilty

September 12, 2024 admin A Little Sunshine, aza siddeeque, callum picari, National Crime Agency, Ne'er-Do-Well News, otp agency, RaidForums, smsranger, vijayasidhurshan vijayanathan, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 02 Sep 2024 16:46:35 +0000

Three men in the United Kingdom have pleaded guilty to operating otp[.]agency, a once popular online service that helped attackers intercept the one-time passcodes (OTPs) that many websites require as a second authentication factor in addition to passwords. Launched in November 2019, OTP Agency was a service for intercepting one-time passwords needed to log in to various websites. Scammers would enter the target’s phone number and name, and the service would initiate an automated phone call to the target that alerts them about unauthorized activity on their account.

Independent Krebs

When Get-Out-The-Vote Efforts Look Like Phishing

September 12, 2024 admin A Little Sunshine, all-vote.com, Breadcrumbs, debra cleaver, DomainTools.com, movement labs, vote america, votewin.org, wdiv, yoni landau

Credit to Author: BrianKrebs| Date: Wed, 28 Aug 2024 23:55:17 +0000

Multiple media reports this week warned Americans to be on guard against a new phishing scam that arrives in a text message informing recipients they are not yet registered to vote. A bit of digging reveals the missives were sent by a California political consulting firm as part of a well-meaning but potentially counterproductive get-out-the-vote effort that had all the hallmarks of a phishing campaign.

Independent Krebs

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

August 27, 2024 admin A Little Sunshine, black lotus labs, bronze silhouette, christopher wray, cve-2024-39717, cybersecurity & infrastructure security agency, Federal Bureau of Investigation, insidious taurus, Internet of Things (IoT), kv-botnet, Latest Warnings, lumen technologies, michael horka, national security agency, ryan english, The Coming Storm, u.s. department of justice, versa director 22.1.4, volt typhoon

Credit to Author: BrianKrebs| Date: Tue, 27 Aug 2024 14:26:41 +0000

Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltrating critical U.S. networks and laying the groundwork for the ability to disrupt communications between the United States and Asia during any future armed conflict with China.