A Little Sunshine – Page 28 – Computer Security Articles

Credit to Author: BrianKrebs| Date: Mon, 18 Nov 2019 21:19:10 +0000

The Russian government has for the past four years been fighting to keep 29-year-old alleged cybercriminal Alexei Burkov from being extradited by Israel to the United States. When Israeli authorities turned down requests to send him back to Russia — supposedly to face separate hacking charges there — the Russians then imprisoned an Israeli woman for seven years on trumped-up drug charges in a bid to trade prisoners. That effort failed as well, and Burkov had his first appearance in a U.S. court last week. What follows are some clues that might explain why the Russians are so eager to reclaim this young man.

Independent Krebs

November 11, 2019 admin

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

Credit to Author: BrianKrebs| Date: Mon, 11 Nov 2019 17:33:27 +0000

Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was inadvertent, and that many of the credentials were already expired.

Independent Krebs

November 7, 2019 admin

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

Credit to Author: BrianKrebs| Date: Thu, 07 Nov 2019 19:48:03 +0000

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a larger review of how security — or the lack thereof — may be impacting patient outcomes.

Independent Krebs

November 3, 2019 admin

NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover Storm

Credit to Author: BrianKrebs| Date: Sun, 03 Nov 2019 21:41:48 +0000

Banking industry giant NCR Corp. [NYSE: NCR] late last month took the unusual step of temporarily blocking third-party financial data aggregators Mint and QuicBooks Online from accessing Digital Insight, an online banking platform used by hundreds of financial institutions. That ban, which came in response to a series of bank account takeovers in which cybercriminals used aggregation sites to surveil and drain consumer accounts, has since been rescinded. But the incident raises fresh questions about the proper role of digital banking platforms in fighting password abuse.

Independent Krebs

October 29, 2019 admin

Takeaways from the $566M BriansClub Breach

Credit to Author: BrianKrebs| Date: Tue, 29 Oct 2019 21:47:58 +0000

Reporting on the exposure of some 26 million stolen credit cards leaked from a top underground cybercrime store highlighted some persistent and hard truths. Most notably, that the world’s largest financial institutions tend to have a much better idea of which merchants and bank cards have been breached than do the thousands of smaller banks and credit unions across the United States. Also, a great deal of cybercrime seems to be perpetrated by a relatively small number of people.

Independent Krebs

September 27, 2019 admin

MyPayrollHR CEO Arrested, Admits to $70M Fraud

Credit to Author: BrianKrebs| Date: Fri, 27 Sep 2019 16:17:07 +0000

Earlier this month, employees at more than 1,000 companies saw one or two paycheck’s worth of funds deducted from their bank accounts after the CEO of their cloud payroll provider absconded with $35 million in payroll deposits from customers. On Monday, the CEO was arrested and allegedly confessed that the diversion was the last desperate gasp of a financial shell game that earned him $70 million over several years.

Independent Krebs

September 18, 2019 admin

Before He Spammed You, this Sly Prince Stalked Your Mailbox

Credit to Author: BrianKrebs| Date: Wed, 18 Sep 2019 18:53:16 +0000

A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: it was sent via the U.S. Postal Service, with a postmarked stamp and everything. In truth these “advance fee” or “419” scams- – so-called because they violate section 419 of the criminal code of Nigeria where many such lures originate — predate email and have circulated via postal mail in various forms and countries over the years.

Independent Krebs

September 11, 2019 admin

NY Payroll Company Vanishes With $35 Million

Credit to Author: BrianKrebs| Date: Wed, 11 Sep 2019 15:02:26 +0000

MyPayrollHR, a now defunct cloud-based payroll processing firm based in upstate New York, abruptly ceased operations this past week after stiffing employees at thousands of companies. The ongoing debacle, which allegedly involves malfeasance on the part of the payroll company’s CEO, resulted in countless people having money drained from their bank accounts and has left nearly $35 million worth of payroll and tax payments in legal limbo.