Runescape phish claims your email has been changed

Credit to Author: Christopher Boyd| Date: Tue, 31 May 2022 20:08:04 +0000

We take a look at a Runescape-themed phishing mail targeting players of the smash MMORPG title, and explain how they steal the data.

The post Runescape phish claims your email has been changed appeared first on Malwarebytes Labs.

Read more

A week in security (May 2 – 8)

Credit to Author: Malwarebytes Labs| Date: Mon, 09 May 2022 10:20:30 +0000

The most important and interesting stories in security from the last seven days.

The post A week in security (May 2 – 8) appeared first on Malwarebytes Labs.

Read more

Hackers fool major tech companies into handing over data of women and minors to abuse

Credit to Author: Jovi Umawing| Date: Thu, 28 Apr 2022 15:01:36 +0000

Law enforcement believes that these hackers duping major tech companies are teenagers. But they are causing severe harm.

The post Hackers fool major tech companies into handing over data of women and minors to abuse appeared first on Malwarebytes Labs.

Read more

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Credit to Author: BrianKrebs| Date: Wed, 27 Apr 2022 14:27:35 +0000

When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests — in part by assigning trustworthiness or “credit ratings” to law enforcement authorities worldwide.

Read more

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Credit to Author: BrianKrebs| Date: Thu, 31 Mar 2022 22:54:45 +0000

On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S. Senate’s most tech-savvy lawmakers said he was troubled by the report and is now asking technology companies and federal agencies for information about the frequency of such schemes.

Read more

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Credit to Author: BrianKrebs| Date: Tue, 29 Mar 2022 14:07:27 +0000

There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information being requested can’t wait for a court order because it relates to an urgent matter of life and death.

Read more