New T-Mobile Breach Affects 37 Million Accounts

Credit to Author: BrianKrebs| Date: Fri, 20 Jan 2023 04:09:22 +0000

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts.

Read more

Thinking of Hiring or Running a Booter Service? Think Again.

Credit to Author: BrianKrebs| Date: Wed, 18 Jan 2023 02:30:15 +0000

Most people who operate DDoS-for-hire services attempt to hide their true identities and location. Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. But until recently, their biggest concern wasn’t avoiding capture or shutdown by the feds: It was minimizing harassment from unhappy customers or victims, and insulating themselves against incessant attacks from competing DDoS-for-hire services. And then there are booter store operators like John Dobbs, a 32-year-old computer science graduate student living in Honolulu, Hawaii. For at least a decade until late last year, Dobbs openly operated IPStresser[.]com, a popular and powerful attack-for-hire service that he registered with the state of Hawaii using his real name and address. Likewise, the domain was registered in Dobbs’s name and hometown in Pennsylvania. The only work experience Dobbs listed on his resume was as a freelance developer from 2013 to the present day. Dobbs’s resume doesn’t name his booter service, but in it he brags about maintaining websites with half a million page views daily, and “designing server deployments for performance, high-availability and security.” In December 2022, the U.S. Department of Justice seized Dobbs’s IPStresser website and charged him with one count of aiding and abetting computer intrusions. Prosecutors say his service attracted more than two million registered users, and was responsible for launching a staggering 30 million distinct DDoS attacks.

Read more

Patch now to address critical Windows zero-day flaw

The first Patch Tuesday of the year from Microsoft addresses 98 security vulnerabilities, with 10 classified as critical for Windows. One vulnerability (CVE-2023-21674) in a core section of Windows code is a zero-day that requires immediate attention. And Adobe has returned with a critical update, paired with a few low-profile patches for the Microsoft Edge browser.

We have added the Windows and Adobe updates to our “Patch Now” list, recognizing that this month’s patch deployments will require significant testing and engineering effort. The team at Application Readiness has provided a helpful infographic that outlines the risks associated with each of the updates for this January update cycle.

To read this article in full, please click here

Read more

Microsoft doc details the dos and don’ts of Mac ransomware <u>

As enterprise adoption of the Apple platform accelerates, it’s important to note that Macs can and sometimes do get hit by ransomware. So it’s good to stay tuned to security concerns on a platform and application level — and take precautions.

Knowledge is power

With this in mind, extensive insights into Mac ransomware recently published only to be subsequently removed by Microsoft, can help explain these threats. The impact of such attack can be huge – ransomware already costs victims hundreds of billions each year, and no one is immune. 

To read this article in full, please click here

Read more

Microsoft Patch Tuesday, January 2023 Edition

Credit to Author: BrianKrebs| Date: Tue, 10 Jan 2023 22:28:55 +0000

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. National Security Agency, and a critical Microsoft SharePoint Server bug that allows a remote, unauthenticated attacker to make an anonymous connection.

Read more

Identity Thieves Bypassed Experian Security to View Credit Reports

Credit to Author: BrianKrebs| Date: Mon, 09 Jan 2023 14:05:15 +0000

Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. All that was needed was the person’s name, address, birthday and Social Security number.

Read more

Microsoft doc details the dos and don’ts of Mac ransomware

As enterprise adoption of the Apple platform accelerates, it’s important to note that Macs can and sometimes do get hit by ransomware. So it’s good to stay tuned to security concerns on a platform and application level — and take precautions.

Knowledge is power

With this in mind, extensive insights into Mac ransomware recently published by Microsoft can help explain these threats. The impact of such attack can be huge – ransomware already costs victims hundreds of billions each year, and no one is immune. 

To read this article in full, please click here

Read more

Happy 13th Birthday, KrebsOnSecurity!

Credit to Author: BrianKrebs| Date: Thu, 29 Dec 2022 22:35:36 +0000

KrebsOnSecurity turns 12 years old today. That’s a crazy long time for an independent media outlet these days, but then again I’m liable to keep doing this as long as they keep letting me! Thanks to your readership and support, I was able to spend more time in 2022 on in-depth investigative stories — the really satisfying kind with the potential to affect positive change. Some of that work is highlighted in the 2022 Year in Breaches review below.

Read more